STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must enforce approved authorizations for controlling the flow of information within the container platform based on organization-defined information flow control policies.

DISA Rule

SV-233029r599513_rule

Vulnerability Number

V-233029

Group Title

SRG-APP-000038

Rule Version

SRG-APP-000038-CTR-000105

Severity

CAT II

CCI(s)

• CCI-001368 - The information system enforces approved authorizations for controlling the flow of information within the system based on organization-defined information flow control policies.

Weight

10

Fix Recommendation

Configure the container platform to enforce approved authorizations for controlling the flow of information within the container platform based on organization-defined information flow control policies.

Check Contents

Review the container platform to determine if approved authorizations for controlling the flow of information within the container platform based on organization-defined information flow control policies is being enforced.

If the organization-defined information flow policies are not being enforced, this is a finding.

Vulnerability Number

V-233029

Documentable

False

Rule Version

SRG-APP-000038-CTR-000105

Severity Override Guidance

Review the container platform to determine if approved authorizations for controlling the flow of information within the container platform based on organization-defined information flow control policies is being enforced.

If the organization-defined information flow policies are not being enforced, this is a finding.

Check Content Reference

M

Target Key

5239

Comments