STIGQter: STIG Summary: VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

tc Server ALL must exclude documentation, sample code, example applications, and tutorials.

DISA Rule

SV-100659r1_rule

Vulnerability Number

V-90009

Group Title

SRG-APP-000141-WSR-000077

Rule Version

VRAU-TC-000345

Severity

CAT I

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Remove all documentation, sample code, example applications, and tutorials.

Check Contents

Interview the ISSO.

Review the web server documentation and deployed configuration to determine if documentation, sample code, example applications, and tutorials have been removed.

If documentation, sample code, example applications, and tutorials have not been removed, this is a finding.

Vulnerability Number

V-90009

Documentable

False

Rule Version

VRAU-TC-000345

Severity Override Guidance

Interview the ISSO.

Review the web server documentation and deployed configuration to determine if documentation, sample code, example applications, and tutorials have been removed.

If documentation, sample code, example applications, and tutorials have not been removed, this is a finding.

Check Content Reference

M

Target Key

3439

Comments