The container platform must be configured with only essential configurations.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-233071 | SRG-APP-000141-CTR-000315 | SV-233071r960963_rule | CCI-000381 | medium |
| Description | ||||
| The container platform can be built with components that are not used for the intended purpose of the organization. To limit the attack surface of the container platform, it is essential that the non-essential services are not installed. | ||||
| STIG | Date | |||
| Container Platform Security Requirements Guide | 2025-05-15 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-7
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.4.6
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000381
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-233071r960963_chk)
Review the container platform configuration and verify that only those components needed for operation are installed.
If components are installed that are not used for the intended purpose of the organization, this is a finding.
Fix Text (F-35975r600701_fix)
Identify the role the container platform is intended to play in the production environment and remove any components that are not needed or used for the intended purpose.