UCF STIG Viewer Logo

The operating system must provide notification of failed automated security tests.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-OS-000200-ESXI5-PF SRG-OS-000200-ESXI5-PF SRG-OS-000200-ESXI5-PF_rule Medium
Description
The need to verify security functionality applies to all security functions. For those security functions unable to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. Upon detection of security function anomalies or failure of automated self-tests, the operating system must respond in accordance with organization-defined responses and alternative actions. Applicable, but permanent finding - The hypervisor does not support this functionality.
STIG Date
VMware ESXi v5 Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-SRG-OS-000200-ESXI5-PF_chk )
ESXi does not support this requirement. This is a permanent finding.
Fix Text (F-SRG-OS-000200-ESXI5-PF_fix)
This requirement is a permanent finding and cannot be fixed. An appropriate mitigation for the system must be implemented but this finding cannot be considered fixed.