CONTROL ID
08987
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):- Establish, implement, and maintain system hardening procedures., CC ID: 12001
This Control has the following implementation support Control(s):- Configure the "demo CGI printenv.pl" setting to organizational standards., CC ID: 08993
- Configure the "testcgi" setting to organizational standards., CC ID: 08994
- Configure the "FollowSymLinks" setting for the "DocumentRoot" to organizational standards., CC ID: 08995
- Configure the "IncludesNOEXEC" setting for the "DocumentRoot" to organizational standards., CC ID: 08996
- Configure the "Indexes" setting for the "DocumentRoot" to organizational standards., CC ID: 08997
- Configure the "Allow" setting for the "OS root" to organizational standards., CC ID: 08998
- Configure the "Allow" setting to organizational standards., CC ID: 08999
- Configure the "KeepAlive" setting to organizational standards., CC ID: 09000
- Configure the "KeepAliveTimeout" setting to organizational standards., CC ID: 09001
- Configure the "LimitRequestBody" setting to organizational standards., CC ID: 09002
- Configure the "LimitRequestFields" setting to organizational standards., CC ID: 09003
- Configure the "LimitRequestFieldSizeBody" setting to organizational standards., CC ID: 09004
- Configure the "LimitRequestline" setting to organizational standards., CC ID: 09005
- Configure the "loglevel" setting to organizational standards., CC ID: 09006
- Configure the "MaxClients" setting to organizational standards., CC ID: 09007
- Configure the "ServerTokens" setting to organizational standards., CC ID: 09008
- Configure the "Timeout" setting to organizational standards., CC ID: 09009
- Configure the "apache access log file" setting to organizational standards., CC ID: 09010
- Configure the "AllowOverride" for "OS root" to organizational standards., CC ID: 09011
- Configure the "AllowOverride" setting for "web site root directories" to organizational standards., CC ID: 09012
- Configure the "ErrorDocument" setting for "HTTP 400 errors" to organizational standards., CC ID: 09013
- Configure the "Group" setting to organizational standards., CC ID: 09014
- Configure the "runtime rewriting engine" setting to organizational standards., CC ID: 09015
- Configure the "ServerSignature" setting to organizational standards., CC ID: 09016
- Configure the "apache system logging" setting to organizational standards., CC ID: 09017
- Configure the "User" setting to organizational standards., CC ID: 09019
- Configure the "ErrorDocument" setting for "HTTP 401 errors" to organizational standards., CC ID: 09020
- Configure the "ErrorDocument" setting for "HTTP 403 errors" to organizational standards., CC ID: 09021
- Configure the "ErrorDocument" setting for "HTTP 404 errors" to organizational standards., CC ID: 09022
- Configure the "ErrorDocument" setting for "HTTP 405 errors" to organizational standards., CC ID: 09023
- Configure the "ErrorDocument" setting for "HTTP 500 errors" to organizational standards., CC ID: 09024
- Configure the "Deny" setting for the "OS root" to organizational standards., CC ID: 09025
- Configure the "Deny" setting to organizational standards., CC ID: 09026
- Configure the "error log file" setting to organizational standards., CC ID: 09040
- Configure the "Includes" setting for the "DocumentRoot" to organizational standards., CC ID: 09046
- Configure the "MultiViews" setting for the "DocumentRoot" to organizational standards., CC ID: 09047
- Configure the "Order" setting for the "OS root" to organizational standards., CC ID: 09048
- Configure the "permitted HTTP request methods" setting to organizational standards., CC ID: 09049
- Configure the "httpd.conf" file to organizational standards., CC ID: 09050
- Configure the "htpasswd" file to organizational standards., CC ID: 09053
- Configure the "Server Administrator email address" setting to organizational standards., CC ID: 09054
- Configure the "StartServers" setting to organizational standards., CC ID: 09060
- Configure the "MinSpareServers" setting to organizational standards., CC ID: 09061
- Configure the "MaxSpareServers" setting to organizational standards., CC ID: 09062
- Configure the "ExecCGI" setting for the "DocumentRoot" to organizational standards., CC ID: 09063
- Configure the "Order" setting for "all DocumentRoots" to organizational standards., CC ID: 09064
- Configure the "Order" setting to organizational standards., CC ID: 09065
- Configure the "action directive" setting to organizational standards., CC ID: 09066
- Configure the "AddHandler directive" setting to organizational standards., CC ID: 09067
- Configure the "Anonymous sharing of Apache's web content directories with nfs" setting to organizational standards., CC ID: 09068
- Configure the "Anonymous sharing of Apache's web content directories with smb" setting to organizational standards., CC ID: 09069
- Configure the "MaxKeepAliveRequests" setting to organizational standards., CC ID: 09070
- Configure the "log_config_module" setting to organizational standards., CC ID: 09072
- Configure the "disallow paths and files" setting for "robots.txt" to organizational standards., CC ID: 09105
- Configure the "ssl_module" setting to organizational standards., CC ID: 09106
- Configure the "SSLProtocol" setting to organizational standards., CC ID: 09107
- Configure the "SSLEngine" setting to organizational standards., CC ID: 09108
- Configure the "apache online manual" setting to organizational standards., CC ID: 09109
- Configure the "FollowSymLinks" setting for "all options directives" to organizational standards., CC ID: 09110
- Configure the "Includes" setting for "all options directives" to organizational standards., CC ID: 09111
- Configure the "IncludesNoExec" setting for "all options directives" to organizational standards., CC ID: 09112
- Configure the "MultiViews" setting for "all options directives" to organizational standards., CC ID: 09113
- Configure the "Indexes" setting for "all options directives" to organizational standards., CC ID: 09114
- Configure the "dav_module" setting to organizational standards., CC ID: 09115
- Configure the "dav_fs_module" setting to organizational standards., CC ID: 09116
- Configure the "info_module" setting to organizational standards., CC ID: 09117
- Configure the "status_module" setting to organizational standards., CC ID: 09118
- Configure the "proxy_module" setting to organizational standards., CC ID: 09119
- Configure the "proxy_ftp_module" setting to organizational standards., CC ID: 09120
- Configure the "proxy_http_module" setting to organizational standards., CC ID: 09121
- Configure the "proxy_connect_module" setting to organizational standards., CC ID: 09122
- Configure the "ExecCGI" setting for "all options directives" for the "OS root" to organizational standards., CC ID: 09130
- Configure the "FollowSymLinks" setting for "all options directives" for the "OS root" to organizational standards., CC ID: 09131
- Configure the "Includes" setting for "all options directives" for the "OS root" to organizational standards., CC ID: 09132
- Configure the "IncludesNoExec" setting for "all options directives" for the "OS root" to organizational standards., CC ID: 09133
- Configure the "Indexes" setting for "all options directives" for the "OS root" to organizational standards., CC ID: 09134
- Configure the "MultiViews" setting for "all options directives" for the "OS root" to organizational standards., CC ID: 09135
- Configure the "SymLinksIfOwnerMatch" setting for "all options directives" for the "OS root" to organizational standards., CC ID: 09136
- Configure the "TraceEnable" setting to organizational standards., CC ID: 09137
- Configure the "listening IP address" setting to organizational standards., CC ID: 09138
- Configure the "listening port" setting to organizational standards., CC ID: 09139
- Configure the "ScriptAlias" setting to organizational standards., CC ID: 09140
- Configure the "automatic directory indexing" setting to organizational standards., CC ID: 09141
- Configure the "Anonymous sharing of Apache's web content directories" setting to organizational standards., CC ID: 09142
- Configure the "apache web server" setting to organizational standards., CC ID: 09147
- Configure the "dav_lock_module" setting to organizational standards., CC ID: 09150
- Configure the "proxy_ajp_module" setting to organizational standards., CC ID: 09151
- Configure the "proxy_balancer_module" setting to organizational standards., CC ID: 09152
- Configure the "CGI scripts for Apache Tomcat" setting to organizational standards., CC ID: 09720
- Configure the "Access to Apache Tomcat's interactive scripts" setting to organizational standards., CC ID: 09721
- Configure the "Tomcat Apache's backup CGI *.bak" files to organizational standards, CC ID: 09722
- Configure the "Tomcat Apache's backup CGI *.old" files to organizational standards, CC ID: 09723
- Configure the "Tomcat Apache's backup CGI *.temp" files to organizational standards, CC ID: 09724
- Configure the "Tomcat Apache's backup CGI *.tmp" files to organizational standards, CC ID: 09725
- Configure the "Tomcat Apache's backup CGI *.backup" files to organizational standards, CC ID: 09726
- Configure the "Tomcat Apache's backup CGI copy of*.*" files to organizational standards, CC ID: 09727
- Configure the "maxProcessors attribute" setting to organizational standards., CC ID: 09728
- Configure the "access log valve" setting for the "tomcat Engine container" to organizational standards., CC ID: 09730
- Configure the "access log valve" setting for the "tomcat Host container" to organizational standards., CC ID: 09731
- Configure the "access log valve" setting for the "tomcat Context container" to organizational standards., CC ID: 09732
- Configure the "disallow paths and files" setting for the "tomcat site robots.txt" file to organizational standards., CC ID: 09745
- Configure the "tomcat SSLProtocol atribute" setting to organizational standards., CC ID: 09746
- Configure the "tomcat Connector SSLEngine attribute" setting to organizational standards., CC ID: 09747
- Configure the "tomcat Listener SSLEngine attribute" setting to organizational standards., CC ID: 09748
- Configure the "tomcat server attribute" setting to organizational standards., CC ID: 09749
- Configure the "account running the tomcat service" setting to organizational standards., CC ID: 09750
- Configure the "tomcat server documentation" setting to organizational standards., CC ID: 09751
- Configure the "tomcat js examples" setting to organizational standards., CC ID: 09752
- Configure the "tomcat servlet examples" setting to organizational standards., CC ID: 09753
- Configure the "tomcat webdav" folder to organizational standards., CC ID: 09754
- Configure the "tomcat examples" folder to organizational standards., CC ID: 09755
- Configure the "tomcat balancer" folder to organizational standards., CC ID: 09756
- Configure the "tomcat pattern attribute" setting to organizational standards., CC ID: 09757
- Configure the "Java Security Manager (JSM)" setting to organizational standards., CC ID: 09758
- Configure the "run with the Java Security Manager upon startup" setting to organizational standards., CC ID: 09759
- Configure the "shutdown port number" for the "tomcat server" to organizational standards., CC ID: 09760
- Configure the "Tomcat Legacy JK AJP 1.3 connector" setting to organizational standards., CC ID: 09761
- Configure the "port number" setting for the "Tomcat Legacy JK AJP 1.3 connector" to organizational standards., CC ID: 09762
- Configure the "Tomcat Legacy HTTP/1.1 connector" setting to organizational standards., CC ID: 09763
- Configure the "port number" for the "Tomcat Legacy HTTP/1.1 connector" to organizational standards., CC ID: 09764
- Configure the "Tomcat login authentication method" setting to organizational standards., CC ID: 09765
- Configure the "security roles" for the "Tomcat manager app" to organizational standards., CC ID: 09766
- Configure the "security roles" setting for the "tomcat admin app" to organizational standards., CC ID: 09767
- Configure the "deny access to the Tomcat Admin app" setting to organizational standards., CC ID: 09768
- Configure the "allow access to the Tomcat Admin app" setting to organizational standards., CC ID: 09769
- Configure the "deny access to the Tomcat manager app" setting to organizational standards., CC ID: 09770
- Configure the "allow access to the Tomcat manager app" setting to organizational standards., CC ID: 09771
- Configure the "password digest algorithm" setting for "JDBCRealm (database) connections" to organizational standards., CC ID: 09779
- Configure the "JDBCRealm (database) password digest algorithm" setting to organizational standards., CC ID: 09780
- Configure the "password digest algorithm" setting for "JNDIRealm (LDAP) connections" to organizational standards., CC ID: 09781
- Configure the "JNDIRealm (LDAP) password digest" setting to organizational standards., CC ID: 09782
- Configure the "Tomcat HTTP/1.1 connector" setting to organizational standards., CC ID: 09783
- Configure the "port number" setting for the "Tomcat HTTP/1.1 connector" to organizational standards., CC ID: 09784
- Configure the "secure attribute" for the "Tomcat HTTP/1.1 connectors" to organizational standards., CC ID: 09785
- Configure the "Tomcat Legacy JK/JK2 AJP 1.3 connector" setting to organizational standards., CC ID: 09786
- Configure the "port number" setting for the "JK/JK2 AJP 1.3 connector" to organizational standards., CC ID: 09787
- Configure the "Tomcat WARP connector" setting to organizational standards., CC ID: 09788
- Configure the "port number" setting for the "WARP connector" to organizational standards., CC ID: 09789
- Configure the "location of the log files directory" setting for the "Logger element" to organizational standards., CC ID: 09790
- Configure the "example server.xml" file to organizational standards., CC ID: 09791
- Configure the "file prefix" setting for the "Logger element" to organizational standards., CC ID: 09794
- Configure the "verbosity" setting for the "Logger element" to organizational standards., CC ID: 09795
- Configure the "Tomcat server port number" setting to organizational standards., CC ID: 09797
- Configure the "secure attribute" for the "Tomcat JK/JK2 AJP 1.3 connectors" to organizational standards., CC ID: 09803
- Configure the "JULI container level logging" setting to organizational standards., CC ID: 09804
- Configure the "JULI FileHandler threshold level " setting to organizational standards., CC ID: 09805
- Configure the "JULI FileHandler save directory " setting to organizational standards., CC ID: 09806
- Configure the "JULI FileHandlerlog file name prefix " setting to organizational standards., CC ID: 09807
- Configure the "grant of all permissions to Tomcat web applications" setting to organizational standards., CC ID: 09808
- Configure the "example" files to organizational standards., CC ID: 09809
- Configure the "WebDAV app" setting to organizational standards., CC ID: 09810
- Configure the "Tomcat-docs" setting to organizational standards., CC ID: 09811
- Configure the "Balancer app" setting to organizational standards., CC ID: 09812
- Configure the "save directory for log files" setting to organizational standards., CC ID: 09816
- Configure the "verify passwords in tomcat-users.xml are stored using an authorized digest" setting to organizational standards., CC ID: 09817
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
This control is an implied control and is included to maintain the legal hierarchy for your selected controls.