STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must restrict individuals' ability to launch organizationally defined denial-of-service (DoS) attacks against other information systems.

DISA Rule

SV-233129r599611_rule

Vulnerability Number

V-233129

Group Title

SRG-APP-000246

Rule Version

SRG-APP-000246-CTR-000605

Severity

CAT II

CCI(s)

• CCI-001094 - The information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems.

Weight

10

Fix Recommendation

Configure the container platform to restrict the ability of users or other systems to launch DoS attacks from the container platform components by setting resource quotas on resources such as memory, storage, and CPU utilization.

Check Contents

Review the container platform implementation and security documentation and components settings to determine if the information system restricts the ability of users or systems to launch organization-defined DoS attacks against other information systems or networks from the container platform.

If the container platform is not configured to restrict this ability, this is a finding.

Vulnerability Number

V-233129

Documentable

False

Rule Version

SRG-APP-000246-CTR-000605

Severity Override Guidance

Review the container platform implementation and security documentation and components settings to determine if the information system restricts the ability of users or systems to launch organization-defined DoS attacks against other information systems or networks from the container platform.

If the container platform is not configured to restrict this ability, this is a finding.

Check Content Reference

M

Target Key

5239

Comments