STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must protect authenticity of communications sessions with the use of FIPS-validated 140-2 or 140-3 security requirements for cryptographic modules.

DISA Rule

SV-233118r599601_rule

Vulnerability Number

V-233118

Group Title

SRG-APP-000219

Rule Version

SRG-APP-000219-CTR-000550

Severity

CAT I

CCI(s)

• CCI-001184 - The information system protects the authenticity of communications sessions.

Weight

10

Fix Recommendation

Configure the container platform to use FIPS-validated 140-2 or 140-3 cryptographic modules to protect container images during transmission.

Check Contents

Review the container platform configuration to determine if FIPS-validated 140-2 or 140-3 cryptographic modules are being used to protect container images during transmission.

If FIPS-validated 140-2 or 140-3 cryptographic modules are not being use, this is a finding.

Vulnerability Number

V-233118

Documentable

False

Rule Version

SRG-APP-000219-CTR-000550

Severity Override Guidance

Review the container platform configuration to determine if FIPS-validated 140-2 or 140-3 cryptographic modules are being used to protect container images during transmission.

If FIPS-validated 140-2 or 140-3 cryptographic modules are not being use, this is a finding.

Check Content Reference

M

Target Key

5239

Comments