| Checked | Name | Title |
|---|
| ☐ | SV-99775r1_rule | vRA must enable FIPS Mode. |
| ☐ | SV-99777r1_rule | The vRealize Automation application must be configured to a 15 minute of less session timeout. |
| ☐ | SV-99779r1_rule | The vRealize Automation server must be configured to perform complete application deployments. |
| ☐ | SV-99781r1_rule | The vRealize Automation security file must be restricted to the vcac user. |
| ☐ | SV-99783r1_rule | The application server must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions. |
| ☐ | SV-99785r1_rule | The application server must use DoD- or CNSS-approved PKI Class 3 or Class 4 certificates. |
| ☐ | SV-99787r1_rule | The vRealize Automation appliance must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. |
STIGQter: STIG Summary: