Check: CNTR-PC-001390
Palo Alto Networks Prisma Cloud Compute STIG:
CNTR-PC-001390
(in versions v1 r3 through v1 r1)
Title
Prisma Cloud Compute must protect the confidentiality and integrity of transmitted information. (Cat I impact)
Discussion
Without protection of the transmitted information, confidentiality and integrity may be compromised since unprotected communications can be intercepted and either read or altered. Communication paths outside the physical protection of a controlled boundary are exposed to the possibility of interception and modification. Protecting the confidentiality and integrity of organizational information can be accomplished by physical means (e.g., employing physical distribution systems) or by logical means (e.g., employing cryptographic techniques). If physical means of protection are employed, then logical means (cryptography) do not have to be employed, and vice versa.
Check Content
Navigate to Prisma Cloud Compute Console's >> Manage >> System >> General tab. Inspect the Telemetry section. If "Share telemetry on product usage with Palo Alto Networks" is "On", this is a finding. If "Allow admins and operators to upload logs to Customer Support directly from Console UI" is "On", this is a finding.
Fix Text
Navigate to Prisma Cloud Compute Console's >> Manage >> System >> General tab. In the Telemetry section: Set "Share telemetry on product usage with Palo Alto Networks" to "Off". Set "Allow admins and operators to upload logs to Customer Support directly from Console UI" to "Off". Click "Save".
Additional Identifiers
Rule ID: SV-253548r918216_rule
Vulnerability ID: V-253548
Group Title: SRG-APP-000439-CTR-001080
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002388 |
The organization defines a list of monitoring tools to be employed to detect indicators of denial of service attacks against the information system. |
CCI-002418 |
The information system protects the confidentiality and/or integrity of transmitted information. |