STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Nutanix Acropolis GPOS Security Technical Implementation Guide

V-279622

CAT II (Medium)

Nutanix OS must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.

Rule ID

SV-279622r1192573_rule

STIG

Nutanix Acropolis GPOS Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-004910

Discussion

A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.

Check Content

Verify that the Nutanix OS hardware consists of a hardware TPM module installed and loaded using the following command.

$ sudo lsmod | grep -i tpm
tpm                    77824  1 trusted
rng_core               16384  1 tpm

If no lines are returned or if the TPM does not indicate "trusted", this is a finding.

Fix Text

Hardware TPM modules consist of a hardware chip that is built into the motherboard of the physical server. If no TPM module exists, then a new physical server is required.

For AHV, if the TPM module exists but is not "trusted' then something has been modified within AHV and the system must be rebuilt from source to correct this issue.