STIGQter STIGQter: STIG Summary: ISEC7 Sphere Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The ISEC7 EMM Suite must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.

DISA Rule

SV-224762r505933_rule

Vulnerability Number

V-224762

Group Title

SRG-APP-000014

Rule Version

ISEC-06-000060

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Login to the EMM Console.
Navigate to Administration >> Configuration >> Apache Tomcat Settings.
Using the dropdown menu for sslProtocol, select TLSv1.2.
Click Update.
Restart the ISEC7 EMM Suite Web service.

Check Contents

Login to the EMM Console.
Navigate to Administration >> Configuration >> Apache Tomcat Settings.
Verify sslProtocol is set to TLSv1.2.

If the sslProtocol is not set to TLSv1.2, this is a finding.

Vulnerability Number

V-224762

Documentable

False

Rule Version

ISEC-06-000060

Severity Override Guidance

Login to the EMM Console.
Navigate to Administration >> Configuration >> Apache Tomcat Settings.
Verify sslProtocol is set to TLSv1.2.

If the sslProtocol is not set to TLSv1.2, this is a finding.

Check Content Reference

M

Target Key

4200

Comments