STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must protect against or limit the effects of all types of denial-of-service (DoS) attacks by employing organization-defined security safeguards.

DISA Rule

SV-233222r599659_rule

Vulnerability Number

V-233222

Group Title

SRG-APP-000435

Rule Version

SRG-APP-000435-CTR-001070

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Configure the container platform to protect against or limit the effects of all types of DoS attacks by employing defined security safeguards. Safeguards such as resource limits on memory, storage, and CPU can be used.

Check Contents

Review documentation and configuration to determine if the container platform can protect against or limit the effects of all types of DoS attacks by employing defined security safeguards against resource depletion. Examples of resource limits are on memory, storage, and CPU.

If the container platform cannot be configured to protect against or limit the effects of all types of DoS, this is a finding.

Vulnerability Number

V-233222

Documentable

False

Rule Version

SRG-APP-000435-CTR-001070

Severity Override Guidance

Review documentation and configuration to determine if the container platform can protect against or limit the effects of all types of DoS attacks by employing defined security safeguards against resource depletion. Examples of resource limits are on memory, storage, and CPU.

If the container platform cannot be configured to protect against or limit the effects of all types of DoS, this is a finding.

Check Content Reference

M

Target Key

5239

Comments