diff --git a/tasks/configure_kdump.yml b/tasks/configure_kdump.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f48e4c977a65a790ebfb1e275d87e90cd55c8702
--- /dev/null
+++ b/tasks/configure_kdump.yml
@@ -0,0 +1,13 @@
+---
+# find the documentation of US Department of Defense (DoD) Security Technical
+# Implementation Guide (STIG) V-72057 at
+# https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2017-07-08/finding/V-72057
+# Quote:
+# "Kernel core dumps may contain the full contents of system memory at the time
+# of the crash. Kernel core dumps may consume a considerable amount of disk
+# space and may result in denial of service by exhausting the available space
+# on the target file system partition."
+- name: disable kdump as per DoD STIG V-72057
+  systemd:
+    name: "kdump.service"
+    state: disabled
diff --git a/tasks/main.yml b/tasks/main.yml
index 93bdbb1f07f3d319bd8ed86d1e7ed7a758e84011..809ee19abb1708bf51f35dfd06c2ed2791658dc0 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -37,6 +37,8 @@
   tags: [iptables]
 - import_tasks: configure_selinux.yml
   tags: [selinux]
+- import_tasks: "configure_kdump.yml"
+  tags: [security, kdump]
 
 ### ROSETTA TASKS