Skip to content

Commit

Permalink
Update Benchmarks
Browse files Browse the repository at this point in the history
  • Loading branch information
Automated Update committed Jul 19, 2024
1 parent 71e0fb7 commit 998ac81
Show file tree
Hide file tree
Showing 152 changed files with 208,986 additions and 439 deletions.
559 changes: 559 additions & 0 deletions benchmarks/DISA/U_A10_Networks_ADC_ALG_STIG_V2R2_Manual-xccdf.xml

Large diffs are not rendered by default.

719 changes: 719 additions & 0 deletions benchmarks/DISA/U_A10_Networks_ADC_NDM_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

458 changes: 458 additions & 0 deletions benchmarks/DISA/U_AAA_Services_SRG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

4,988 changes: 4,988 additions & 0 deletions benchmarks/DISA/U_ASD_STIG_V6R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,090 changes: 1,090 additions & 0 deletions benchmarks/DISA/U_Apache_Server_2-4_UNIX_Server_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

Large diffs are not rendered by default.

1,669 changes: 1,669 additions & 0 deletions benchmarks/DISA/U_Apache_Tomcat_Application_Server_9_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,295 changes: 1,295 additions & 0 deletions benchmarks/DISA/U_Apple_iOS-iPadOS_16_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,283 changes: 1,283 additions & 0 deletions benchmarks/DISA/U_Apple_iOS-iPadOS_17_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,374 changes: 1,374 additions & 0 deletions benchmarks/DISA/U_Apple_macOS_12_STIG_V1R9_Manual-xccdf.xml

Large diffs are not rendered by default.

2,118 changes: 2,118 additions & 0 deletions benchmarks/DISA/U_Apple_macOS_14_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

739 changes: 739 additions & 0 deletions benchmarks/DISA/U_Application_Server_SRG_V4R1_Manual-xccdf.xml

Large diffs are not rendered by default.

Large diffs are not rendered by default.

501 changes: 501 additions & 0 deletions benchmarks/DISA/U_Arista_MLS_EOS_4-2x_L2S_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

723 changes: 723 additions & 0 deletions benchmarks/DISA/U_Arista_MLS_EOS_4-2x_NDM_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

3,192 changes: 3,192 additions & 0 deletions benchmarks/DISA/U_CAN_Ubuntu_22-04_LTS_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,276 changes: 1,276 additions & 0 deletions benchmarks/DISA/U_CA_API_Gateway_ALG_STIG_V1R3_Manual-xccdf.xml

Large diffs are not rendered by default.

769 changes: 769 additions & 0 deletions benchmarks/DISA/U_CA_API_Gateway_NDM_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

3,582 changes: 3,582 additions & 0 deletions benchmarks/DISA/U_CD_PGSQL_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

844 changes: 844 additions & 0 deletions benchmarks/DISA/U_Central_Log_Server_SRG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

603 changes: 603 additions & 0 deletions benchmarks/DISA/U_Cisco_ASA_Firewall_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

943 changes: 943 additions & 0 deletions benchmarks/DISA/U_Cisco_ASA_IPS_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

712 changes: 712 additions & 0 deletions benchmarks/DISA/U_Cisco_ASA_NDM_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

804 changes: 804 additions & 0 deletions benchmarks/DISA/U_Cisco_ASA_VPN_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

716 changes: 716 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS-XE_Router_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

3,018 changes: 3,018 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS-XE_Router_RTR_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

511 changes: 511 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS-XE_Switch_L2S_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

729 changes: 729 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS-XE_Switch_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

2,565 changes: 2,565 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS-XE_Switch_RTR_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

416 changes: 416 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS-XR_Router_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

3,540 changes: 3,540 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS-XR_Router_RTR_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

897 changes: 897 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS_Router_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

2,908 changes: 2,908 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS_Router_RTR_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

479 changes: 479 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS_Switch_L2S_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

920 changes: 920 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS_Switch_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,751 changes: 1,751 additions & 0 deletions benchmarks/DISA/U_Cisco_IOS_Switch_RTR_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

833 changes: 833 additions & 0 deletions benchmarks/DISA/U_Cisco_ISE_NAC_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

875 changes: 875 additions & 0 deletions benchmarks/DISA/U_Cisco_ISE_NDM_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

514 changes: 514 additions & 0 deletions benchmarks/DISA/U_Cisco_NX-OS_Switch_L2S_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

996 changes: 996 additions & 0 deletions benchmarks/DISA/U_Cisco_NX-OS_Switch_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

2,702 changes: 2,702 additions & 0 deletions benchmarks/DISA/U_Cisco_NX-OS_Switch_RTR_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

842 changes: 842 additions & 0 deletions benchmarks/DISA/U_Container_Platform_SRG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

460 changes: 460 additions & 0 deletions benchmarks/DISA/U_DBN-6300_IDPS_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

1,223 changes: 1,223 additions & 0 deletions benchmarks/DISA/U_DBN-6300_NDM_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

1,324 changes: 1,324 additions & 0 deletions benchmarks/DISA/U_Database_SRG_V4R1_Manual-xccdf.xml

Large diffs are not rendered by default.

2,745 changes: 2,745 additions & 0 deletions benchmarks/DISA/U_Docker_Enterprise_2-x_Linux-Unix_STIG_V2R2_Manual-xccdf.xml

Large diffs are not rendered by default.

503 changes: 503 additions & 0 deletions benchmarks/DISA/U_Domain_Name_System_V4R1_Manual-xccdf.xml

Large diffs are not rendered by default.

Large diffs are not rendered by default.

2,277 changes: 2,277 additions & 0 deletions benchmarks/DISA/U_EPAS_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

456 changes: 456 additions & 0 deletions benchmarks/DISA/U_FS_NAC_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

660 changes: 660 additions & 0 deletions benchmarks/DISA/U_FS_NDM_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

287 changes: 287 additions & 0 deletions benchmarks/DISA/U_Firewall_SRG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

264 changes: 264 additions & 0 deletions benchmarks/DISA/U_ForeScout_CounterACT_ALG_STIG_V1R3_Manual-xccdf.xml

Large diffs are not rendered by default.

731 changes: 731 additions & 0 deletions benchmarks/DISA/U_GPOS_SRG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,147 changes: 1,147 additions & 0 deletions benchmarks/DISA/U_Google_Android_12_COBO_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

1,242 changes: 1,242 additions & 0 deletions benchmarks/DISA/U_Google_Android_12_COPE_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

1,140 changes: 1,140 additions & 0 deletions benchmarks/DISA/U_Google_Android_13_COBO_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,258 changes: 1,258 additions & 0 deletions benchmarks/DISA/U_Google_Android_13_COPE_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,087 changes: 1,087 additions & 0 deletions benchmarks/DISA/U_Google_Android_14_COBO_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,207 changes: 1,207 additions & 0 deletions benchmarks/DISA/U_Google_Android_14_COPE_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

359 changes: 359 additions & 0 deletions benchmarks/DISA/U_HPE_3PAR_SSMC_OS_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

432 changes: 432 additions & 0 deletions benchmarks/DISA/U_HPE_3PAR_SSMC_WS_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

800 changes: 800 additions & 0 deletions benchmarks/DISA/U_HPE_3PAR_StoreServ_3-3-x_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

376 changes: 376 additions & 0 deletions benchmarks/DISA/U_IBM_HMC_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,465 changes: 1,465 additions & 0 deletions benchmarks/DISA/U_IBM_MQ_Appliance_v9-0_AS_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

1,795 changes: 1,795 additions & 0 deletions benchmarks/DISA/U_IBM_MQ_Appliance_v9-0_NDM_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

5,878 changes: 5,878 additions & 0 deletions benchmarks/DISA/U_IBM_zOS_ACF2_STIG_V9R1_Manual-xccdf.xml

Large diffs are not rendered by default.

5,400 changes: 5,400 additions & 0 deletions benchmarks/DISA/U_IBM_zOS_RACF_STIG_V9R1_Manual-xccdf.xml

Large diffs are not rendered by default.

5,404 changes: 5,404 additions & 0 deletions benchmarks/DISA/U_IBM_zOS_TSS_V9R1_STIG_Manual-xccdf.xml

Large diffs are not rendered by default.

337 changes: 337 additions & 0 deletions benchmarks/DISA/U_IDPS_SRG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

525 changes: 525 additions & 0 deletions benchmarks/DISA/U_Ivanti_Connect_Secure_NDM_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

476 changes: 476 additions & 0 deletions benchmarks/DISA/U_Ivanti_Connect_Secure_VPN_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

584 changes: 584 additions & 0 deletions benchmarks/DISA/U_Ivanti_MI_Core_MDM_Server_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

772 changes: 772 additions & 0 deletions benchmarks/DISA/U_Ivanti_MI_Sentry_9-x_ALG_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

505 changes: 505 additions & 0 deletions benchmarks/DISA/U_Ivanti_MI_Sentry_9-x_NDM_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

662 changes: 662 additions & 0 deletions benchmarks/DISA/U_Jamf_Pro_v10-x_EMM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,082 changes: 1,082 additions & 0 deletions benchmarks/DISA/U_Juniper_EX_Switches_L2S_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,966 changes: 1,966 additions & 0 deletions benchmarks/DISA/U_Juniper_EX_Switches_NDM_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

6,792 changes: 6,792 additions & 0 deletions benchmarks/DISA/U_Juniper_EX_Switches_RTR_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,428 changes: 1,428 additions & 0 deletions benchmarks/DISA/U_Juniper_Router_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

503 changes: 503 additions & 0 deletions benchmarks/DISA/U_Juniper_SRX_SG_ALG_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

479 changes: 479 additions & 0 deletions benchmarks/DISA/U_Juniper_SRX_SG_IDPS_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

1,267 changes: 1,267 additions & 0 deletions benchmarks/DISA/U_Juniper_SRX_SG_NDM_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

513 changes: 513 additions & 0 deletions benchmarks/DISA/U_Juniper_SRX_SG_VPN_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

94 changes: 94 additions & 0 deletions benchmarks/DISA/U_Layer_2_Switch_SRG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

Large diffs are not rendered by default.

1,789 changes: 1,789 additions & 0 deletions benchmarks/DISA/U_MDB_Enterprise_Advanced_4-x_STIG_V1R4_Manual-xccdf.xml

Large diffs are not rendered by default.

626 changes: 626 additions & 0 deletions benchmarks/DISA/U_MOT_Solutions_Android_11_COBO_V1R3_Manual-xccdf.xml

Large diffs are not rendered by default.

121 changes: 121 additions & 0 deletions benchmarks/DISA/U_MS_Access_2013_STIG_V1R7_Manual-xccdf.xml

Large diffs are not rendered by default.

776 changes: 776 additions & 0 deletions benchmarks/DISA/U_MS_Android_11_COBO_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

796 changes: 796 additions & 0 deletions benchmarks/DISA/U_MS_Android_11_COPE_STIG_V1R2_Manual-xccdf.xml

Large diffs are not rendered by default.

2,088 changes: 2,088 additions & 0 deletions benchmarks/DISA/U_MS_Azure_SQL_DB_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

310 changes: 310 additions & 0 deletions benchmarks/DISA/U_MS_Excel_2013_STIG_V1R8_Manual-xccdf.xml

Large diffs are not rendered by default.

407 changes: 407 additions & 0 deletions benchmarks/DISA/U_MS_Exchange_2013_CAS_STIG_V2R2_Manual-xccdf.xml

Large diffs are not rendered by default.

Large diffs are not rendered by default.

1,108 changes: 1,108 additions & 0 deletions benchmarks/DISA/U_MS_Exchange_2013_Mailbox_STIG_V2R3_Manual-xccdf.xml

Large diffs are not rendered by default.

1,116 changes: 1,116 additions & 0 deletions benchmarks/DISA/U_MS_Exchange_2019_Edge_Server_STIG_V2R1_Manual-xccdf.xml

Large diffs are not rendered by default.

903 changes: 903 additions & 0 deletions benchmarks/DISA/U_MS_IIS_10-0_Server_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

166 changes: 166 additions & 0 deletions benchmarks/DISA/U_MS_InfoPath_2010_STIG_V1R12_Manual-xccdf.xml

Large diffs are not rendered by default.

25 changes: 25 additions & 0 deletions benchmarks/DISA/U_MS_Lync_2013_STIG_V1R5_Manual-xccdf.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
<?xml version="1.0" encoding="utf-8"?><?xml-stylesheet type='text/xsl' href='STIG_unclass.xsl'?><Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="Microsoft_Lync_2013" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2024-06-14">accepted</status><title>Microsoft Lync 2013 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected].</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 5 Benchmark Date: 24 Jul 2024</plain-text><plain-text id="generator">3.5</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>1</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-242503" selected="true" /><select idref="V-242504" selected="true" /><select idref="V-242505" selected="true" /><select idref="V-265903" selected="true" /></Profile><Group id="V-242503"><title>SRG-APP-000171</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-242503r961026_rule" weight="10.0" severity="medium"><version>DTOO420</version><title>The ability of Lync to store user passwords must be disabled.</title><description>&lt;VulnDiscussion&gt;Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat. These features require the ability to log into the service with a username and password. The Lync client could potentially be configured to store user passwords locally which would allow it to be susceptible to compromise and to be used maliciously.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Microsoft Lync 2013</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Microsoft Lync 2013</dc:subject><dc:identifier>5379</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-40776</ident><ident system="http://cyber.mil/legacy">SV-52834</ident><ident system="http://cyber.mil/cci">CCI-000196</ident><fixtext fixref="F-45735r713213_fix">Set the policy value for Computer Configuration -&gt; Administrative Templates -&gt; Microsoft Lync 2013 -&gt; Microsoft Lync Feature Policies "Allow storage of user passwords" to "Disabled".</fixtext><fix id="F-45735r713213_fix" /><check system="C-45778r713212_chk"><check-content-ref href="Microsoft_Lync_2013_STIG.xml" name="M" /><check-content>Verify the policy value for Computer Configuration -&gt; Administrative Templates -&gt; Microsoft Lync 2013 -&gt; Microsoft Lync Feature Policies "Allow storage of user passwords" is set to "Disabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKLM\Software\Policies\Microsoft\office\15.0\lync

Criteria: If the value savepassword is REG_DWORD = 0, this is not a finding.</check-content></check></Rule></Group><Group id="V-242504"><title>SRG-APP-000219</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-242504r961110_rule" weight="10.0" severity="medium"><version>DTOO421</version><title>Session Initiation Protocol (SIP) security mode must be configured.</title><description>&lt;VulnDiscussion&gt;Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat, using the Session Initiation Protocol (SIP). SIP is widely used for controlling multimedia communication sessions, such as voice and video calls over Internet Protocol (IP) networks. By using TLS it would render a sniff/man in the middle attack very difficult to impossible to achieve within the time period in which a given conversation could be attacked. TLS authenticates all parties and encrypts all traffic. This does not prevent listening over the wire, but the attacker cannot read the traffic unless the encryption is broken.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Microsoft Lync 2013</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Microsoft Lync 2013</dc:subject><dc:identifier>5379</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-40777</ident><ident system="http://cyber.mil/legacy">SV-52835</ident><ident system="http://cyber.mil/cci">CCI-001184</ident><fixtext fixref="F-45736r713216_fix">Set the policy value for Computer Configuration -&gt; Administrative Templates -&gt; Microsoft Lync 2013 -&gt; Microsoft Lync Feature Policies "Configure SIP security mode" to "Enabled".</fixtext><fix id="F-45736r713216_fix" /><check system="C-45779r713215_chk"><check-content-ref href="Microsoft_Lync_2013_STIG.xml" name="M" /><check-content>Verify the policy value for Computer Configuration -&gt; Administrative Templates -&gt; Microsoft Lync 2013 -&gt; Microsoft Lync Feature Policies "Configure SIP security mode" is set to "Enabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKLM\Software\Policies\Microsoft\office\15.0\lync

Criteria: If the value enablesiphighsecuritymode is REG_DWORD = 1, this is not a finding.</check-content></check></Rule></Group><Group id="V-242505"><title>SRG-APP-000219</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-242505r961110_rule" weight="10.0" severity="medium"><version>DTOO422</version><title>In the event a secure Session Initiation Protocol (SIP) connection fails, the connection must be restricted from resorting to the unencrypted HTTP.</title><description>&lt;VulnDiscussion&gt;Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat. The Lync client has a fall back option so that, in the event the Lync client cannot make a secure SIP connection to the Lync server, it will fall back to an unencrypted HTTP connection. In that event, all traffic will be unencrypted and in clear text. The configuration must be set to prevent HTTP being used for SIP connections in the event TLS or TCP fail.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Microsoft Lync 2013</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Microsoft Lync 2013</dc:subject><dc:identifier>5379</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-40778</ident><ident system="http://cyber.mil/legacy">SV-52836</ident><ident system="http://cyber.mil/cci">CCI-001184</ident><fixtext fixref="F-45737r713219_fix">Set the policy value for Computer Configuration -&gt; Administrative Templates -&gt; Microsoft Lync 2013 -&gt; Microsoft Lync Feature Policies "Disable HTTP fallback for SIP connection" to "Enabled".</fixtext><fix id="F-45737r713219_fix" /><check system="C-45780r713218_chk"><check-content-ref href="Microsoft_Lync_2013_STIG.xml" name="M" /><check-content>Verify the policy value for Computer Configuration -&gt; Administrative Templates -&gt; Microsoft Lync 2013 -&gt; Microsoft Lync Feature Policies "Disable HTTP fallback for SIP connection" is set to "Enabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKLM\Software\Policies\Microsoft\office\15.0\lync

Criteria: If the value disablehttpconnect is REG_DWORD = 1, this is not a finding.</check-content></check></Rule></Group><Group id="V-265903"><title>SRG-APP-000456</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-265903r999913_rule" weight="10.0" severity="high"><version>DTOO999-Lync13</version><title>The version of Lync running on the system must be a supported version.</title><description>&lt;VulnDiscussion&gt;Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any contractor to the organization) are required to promptly install security-relevant software updates (e.g., patches, service packs, and hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed expeditiously.

Organization-defined time periods for updating security-relevant software may vary based on a variety of factors including, for example, the security category of the information system or the criticality of the update (i.e., severity of the vulnerability related to the discovered flaw).

This requirement will apply to software patch management solutions that are used to install patches across the enclave and also to applications themselves that are not part of that patch management solution. For example, many browsers today provide the capability to install their own patch software. Patch criticality, as well as system criticality will vary. Therefore, the tactical situations regarding the patch management process will also vary. This means that the time period used must be a configurable parameter. Time frames for application of security-relevant software updates may be dependent upon the Information Assurance Vulnerability Management (IAVM) process.

The application will be configured to check for and install security-relevant software updates within an identified time period from the availability of the update. The specific time period will be defined by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Microsoft Lync 2013</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Microsoft Lync 2013</dc:subject><dc:identifier>5379</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002605</ident><fixtext fixref="F-69726r999912_fix">Upgrade to a supported version.</fixtext><fix id="F-69726r999912_fix" /><check system="C-69822r999911_chk"><check-content-ref href="Microsoft_Lync_2013_STIG.xml" name="M" /><check-content>Lync 2013 is no longer supported by the vendor. If the system is running Lync 2013, this is a finding.</check-content></check></Rule></Group></Benchmark>
270 changes: 270 additions & 0 deletions benchmarks/DISA/U_MS_OfficeSystem_2010_STIG_V1R13_Manual-xccdf.xml

Large diffs are not rendered by default.

1,729 changes: 1,729 additions & 0 deletions benchmarks/DISA/U_MS_Office_365_ProPlus_STIG_V3R1_Manual-xccdf.xml

Large diffs are not rendered by default.

Loading

0 comments on commit 998ac81

Please sign in to comment.