Check: SRG-APP-000141-CTR-000315
Container Platform SRG:
SRG-APP-000141-CTR-000315
(in versions v1 r5 through v1 r1)
Title
The container platform must be configured with only essential configurations. (Cat II impact)
Discussion
The container platform can be built with components that are not used for the intended purpose of the organization. To limit the attack surface of the container platform, it is essential that the non-essential services are not installed.
Check Content
Review the container platform configuration and verify that only those components needed for operation are installed. If components are installed that are not used for the intended purpose of the organization, this is a finding.
Fix Text
Identify the role the container platform is intended to play in the production environment and remove any components that are not needed or used for the intended purpose.
Additional Identifiers
Rule ID: SV-233071r879587_rule
Vulnerability ID: V-233071
Group Title: SRG-APP-000141
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |