STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

VMware vSphere 7.0 vCenter Appliance Lookup Service Security Technical Implementation Guide

Version

V1R2

Release Date

Jun 15, 2023

SCAP Benchmark ID

VMW_vSphere_7-0_vCA_Lookup_Svc_STIG

Total Checks

31

Tags

vmware
CAT I: 0CAT II: 31CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (31)

V-256706MEDIUMLookup Service must limit the amount of time that each Transport Control Protocol (TCP) connection is kept alive.V-256707MEDIUMLookup Service must limit the number of concurrent connections permitted.V-256708MEDIUMLookup Service must limit the maximum size of a POST request.V-256709MEDIUMLookup Service must protect cookies from cross-site scripting (XSS).V-256710MEDIUMLookup Service must record user access in a format that enables monitoring of remote access.V-256711MEDIUMLookup Service must generate log records for system startup and shutdown.V-256712MEDIUMLookup Service log files must only be accessible by privileged users.V-256713MEDIUMLookup Service application files must be verified for their integrity.V-256714MEDIUMLookup Service must only run one webapp.V-256715MEDIUMLookup Service must not be configured with the "UserDatabaseRealm" enabled.V-256716MEDIUMLookup Service must be configured to limit access to internal packages.V-256717MEDIUMLookup Service must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled.V-256718MEDIUMLookup Service must have mappings set for Java servlet pages.V-256719MEDIUMLookup Service must not have the Web Distributed Authoring (WebDAV) servlet installed.V-256720MEDIUMLookup Service must be configured with memory leak protection.V-256721MEDIUMLookup Service must not have any symbolic links in the web content directory tree.V-256722MEDIUMLookup Service directory tree must have permissions in an out-of-the-box state.V-256723MEDIUMLookup Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.V-256724MEDIUMLookup Service must limit the number of allowed connections.V-256725MEDIUMLookup Service must set URIEncoding to UTF-8.V-256726MEDIUMLookup Service must set the welcome-file node to a default web page.V-256727MEDIUMThe Lookup Service must not show directory listings.V-256728MEDIUMLookup Service must be configured to hide the server version.V-256729MEDIUMLookup Service must be configured to show error pages with minimal information.V-256730MEDIUMLookup Service must not enable support for TRACE requests.V-256731MEDIUMLookup Service must have the debug option turned off.V-256732MEDIUMLookup Service must use a logging mechanism that is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the web server.V-256733MEDIUMLookup Service log files must be offloaded to a central log server in real time.V-256734MEDIUMLookup Service must be configured with the appropriate ports.V-256735MEDIUMLookup Service must disable the shutdown port.V-256736MEDIUMLookup Service must set the secure flag for cookies.