Red Hat Ansible Automation Controller App Server STIG V1R2

View as one page
STIG ID Title
APAS-AT-000010 Automation Controller must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.
APAS-AT-000011 Automation Controller must use encryption strength in accordance with the categorization of the management data during remote access management sessions.
APAS-AT-000012 Automation Controller must implement cryptography mechanisms to protect the integrity of information.
APAS-AT-000015 The Automation Controller management interface must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.
APAS-AT-000017 Automation Controller must use external log providers that can collect user activity logs in independent, protected repositories to prevent modification or repudiation.
APAS-AT-000031 Automation Controller must allocate log record storage capacity and shut down by default upon log failure (unless availability is an overriding concern).
APAS-AT-000032 Automation Controller must be configured to fail over to another system in the event of log subsystem failure.
APAS-AT-000034 Automation Controller's log files must be accessible by explicitly defined privilege.
APAS-AT-000044 Automation Controller must be capable of reverting to the last known good configuration in the event of failed installations and upgrades.
APAS-AT-000047 Automation Controller must be configured to use an enterprise user management system.
APAS-AT-000050 Automation Controller must be configured to authenticate users individually, prior to using a group authenticator.
APAS-AT-000055 Automation Controller must utilize encryption when using LDAP for authentication.
APAS-AT-000078 Automation Controller must use cryptographic mechanisms to protect the integrity of log tools.
APAS-AT-000093 Automation Controller must compare internal application server clocks at least every 24 hours with an authoritative time source.
APAS-AT-000110 Automation Controller must only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.
APAS-AT-000122 Automation Controller must install security-relevant software updates within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs).