STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x Application Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vRealize Operations server must be configured to perform complete application deployments.

DISA Rule

SV-98859r1_rule

Vulnerability Number

V-88209

Group Title

SRG-APP-000225-AS-000153

Rule Version

VROM-AP-000315

Severity

CAT II

CCI(s)

• CCI-001190 - The information system fails to an organization-defined known-state for organization-defined types of failures.

Weight

10

Fix Recommendation

Develop a site configuration control policy to ensure deployments are completed before allowing users to use the production environment.

Check Contents

Obtain the site configuration control policy from the ISSO.

Review site procedures to determine if a site policy exists to verify vROps installation after release into a production environment. The site policy should ensure that the installation was a complete application deployment before users are allowed to conduct business.

If a site policy does not exist or is not being followed, this is a finding.

Vulnerability Number

V-88209

Documentable

False

Rule Version

VROM-AP-000315

Severity Override Guidance

Obtain the site configuration control policy from the ISSO.

Review site procedures to determine if a site policy exists to verify vROps installation after release into a production environment. The site policy should ensure that the installation was a complete application deployment before users are allowed to conduct business.

If a site policy does not exist or is not being followed, this is a finding.

Check Content Reference

M

Target Key

3453

Comments