STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) must set the number of concurrent sessions to 1.

DISA Rule

SV-95127r1_rule

Vulnerability Number

V-80423

Group Title

SRG-APP-000001

Rule Version

BROM-00-000005

Severity

CAT II

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Edit the BEC configuration file (C:\ProgramData\Bromium\BMS\settings.json) to set the concurrent session parameter to "1".

Check Contents

Inspect the configuration file on the BEC. BEC configuration file (C:\ProgramData\Bromium\BMS\settings.json). Verify the concurrent session parameter is set to "1".

If the BEC concurrent session parameter is not set to "1", this is a finding.

Vulnerability Number

V-80423

Documentable

False

Rule Version

BROM-00-000005

Severity Override Guidance

Inspect the configuration file on the BEC. BEC configuration file (C:\ProgramData\Bromium\BMS\settings.json). Verify the concurrent session parameter is set to "1".

If the BEC concurrent session parameter is not set to "1", this is a finding.

Check Content Reference

M

Target Key

3375

Comments