UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Virtual guest operating systems must be registered in a vulnerability and asset management system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-40193 WN12-GE-000011 SV-52151r2_rule ECSC-1 Medium
Description
Virtual guest operating systems share the same vulnerabilities as operating systems running on dedicated hardware and must be individually assessed for security guidance compliance. The VMS used may be DISA VMS or a similar vulnerability and asset management system.
STIG Date
Windows Server 2012 / 2012 R2 Domain Controller Security Technical Implementation Guide 2015-09-02

Details

Check Text ( C-46949r1_chk )
If no virtual guest operating systems exist, this is NA.

Determine if virtual guest operating systems have been registered in a vulnerability and asset management system as separate assets. If they have not, this is a finding.
Fix Text (F-45176r1_fix)
Register all virtual guest operating systems as separate assets in a vulnerability and asset management system.