STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform keystore must implement encryption to prevent unauthorized disclosure of information at rest within the container platform.

DISA Rule

SV-233220r599509_rule

Vulnerability Number

V-233220

Group Title

SRG-APP-000429

Rule Version

SRG-APP-000429-CTR-001060

Severity

CAT II

CCI(s)

• CCI-002476 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Weight

10

Fix Recommendation

Configure the container platform keystore encryption to maintain the confidentiality and integrity of information for applicable sensitivity level.

Check Contents

Review container platform keystore documentation and configuration to verify encryption levels meet the information sensitivity level.

If the container platform keystore encryption configuration does not meet system requirements, this is a finding.

Vulnerability Number

V-233220

Documentable

False

Rule Version

SRG-APP-000429-CTR-001060

Severity Override Guidance

Review container platform keystore documentation and configuration to verify encryption levels meet the information sensitivity level.

If the container platform keystore encryption configuration does not meet system requirements, this is a finding.

Check Content Reference

M

Target Key

5239

Comments