STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must use a valid FIPS 140-2 approved cryptographic modules to generate hashes.

DISA Rule

SV-233271r599729_rule

Vulnerability Number

V-233271

Group Title

SRG-APP-000514

Rule Version

SRG-APP-000514-CTR-001315

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Configure the container platform to use valid FIPS 140-2 approved cryptographic modules to generate hashes.

Check Contents

Review the container platform configuration to validate that valid FIPS 140-2 approved cryptographic modules are being used to generate hashes.

If non-valid or unapproved FIPS 140-2 cryptographic modules are being used to generate hashes, this is a finding.

Vulnerability Number

V-233271

Documentable

False

Rule Version

SRG-APP-000514-CTR-001315

Severity Override Guidance

Review the container platform configuration to validate that valid FIPS 140-2 approved cryptographic modules are being used to generate hashes.

If non-valid or unapproved FIPS 140-2 cryptographic modules are being used to generate hashes, this is a finding.

Check Content Reference

M

Target Key

5239

Comments