UCF STIG Viewer Logo

The operating system must employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-OS-000230-ESXI5-PF SRG-OS-000230-ESXI5-PF SRG-OS-000230-ESXI5-PF_rule Medium
Description
This control is intended to address the confidentiality and integrity of information at rest in non-mobile devices and covers user information and system information. Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive, tape drive) within an organizational information system. Permanent finding - ESXi v5 does not support this requirement for cryptographic C&A of IAR.
STIG Date
VMware ESXi v5 Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-SRG-OS-000230-ESXI5-PF_chk )
ESXi does not support this requirement. This is a permanent finding.
Fix Text (F-SRG-OS-000230-ESXI5-PF_fix)
This requirement is a permanent finding and cannot be fixed. An appropriate mitigation for the system must be implemented but this finding cannot be considered fixed.