STIGQter STIGQter: STIG Summary: ISEC7 Sphere Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The ISEC7 EMM Suite, Tomcat installation, and ISEC7 Suite monitor must be configured to use the Windows Trust Store for the storage of digital certificates and keys.

DISA Rule

SV-224775r505933_rule

Vulnerability Number

V-224775

Group Title

SRG-APP-000516

Rule Version

ISEC-06-002530

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Log in to the ISEC7 EMM Console.

Navigate to Administration >> Configuration >> Apache Tomcat Settings.

Select the type of Keystore to be used as:

Windows-MY

Check Contents

Log in to the ISEC7 EMM Console.

Navigate to Administration >> Configuration >> Apache Tomcat Settings.

Verify that the type of Keystore being used is: Windows-MY

If the type of Keystore being used is not Windows-MY, this is a finding.

Vulnerability Number

V-224775

Documentable

False

Rule Version

ISEC-06-002530

Severity Override Guidance

Log in to the ISEC7 EMM Console.

Navigate to Administration >> Configuration >> Apache Tomcat Settings.

Verify that the type of Keystore being used is: Windows-MY

If the type of Keystore being used is not Windows-MY, this is a finding.

Check Content Reference

M

Target Key

4200

Comments