Red Hat Ansible Automation Controller App Server STIG V1R2

View as one page
APAS-AT-000010 CCI-000054 Automation Controller must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.
APAS-AT-000011 CCI-000068 Automation Controller must use encryption strength in accordance with the categorization of the management data during remote access management sessions.
APAS-AT-000012 CCI-000803 Automation Controller must implement cryptography mechanisms to protect the integrity of information.
APAS-AT-000015 CCI-000048 The Automation Controller management interface must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.
APAS-AT-000017 CCI-000139 Automation Controller must use external log providers that can collect user activity logs in independent, protected repositories to prevent modification or repudiation.
APAS-AT-000031 CCI-000140 Automation Controller must allocate log record storage capacity and shut down by default upon log failure (unless availability is an overriding concern).
APAS-AT-000032 CCI-000140 Automation Controller must be configured to fail over to another system in the event of log subsystem failure.
APAS-AT-000034 CCI-000162 Automation Controller's log files must be accessible by explicitly defined privilege.
APAS-AT-000044 CCI-001499 Automation Controller must be capable of reverting to the last known good configuration in the event of failed installations and upgrades.
APAS-AT-000047 CCI-000187 Automation Controller must be configured to use an enterprise user management system.
APAS-AT-000050 CCI-000770 Automation Controller must be configured to authenticate users individually, prior to using a group authenticator.
APAS-AT-000055 CCI-000197 Automation Controller must utilize encryption when using LDAP for authentication.
APAS-AT-000078 CCI-001496 Automation Controller must use cryptographic mechanisms to protect the integrity of log tools.
APAS-AT-000093 CCI-001891 Automation Controller must compare internal application server clocks at least every 24 hours with an authoritative time source.
APAS-AT-000110 CCI-002450 Automation Controller must only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.
APAS-AT-000122 CCI-002605 Automation Controller must install security-relevant software updates within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs).