CCI-001496

Implement cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: High

Verify and Correct File Permissions with RPM

Rule

Severity: High

Verify and Correct Ownership with RPM

Rule

Severity: Medium

Configure AIDE to Verify the Audit Tools

Rule

Severity: Medium

The application server must use cryptographic mechanisms to protect the integrity of log tools.

Rule

Severity: Medium

Application audit tools must be cryptographically hashed.

Rule

Severity: Medium

The integrity of the audit tools must be validated by checking the files for changes in the cryptographic hash value.

Rule

Severity: Medium

The Mainframe Product must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: High

Nutanix AOS must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

Rancher MCM must allocate audit record storage and generate audit records associated with events, users, and groups.

Rule

Severity: High

The macOS system must ensure System Integrity Protection is enabled.

Rule

Severity: Medium

The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

The container platform must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: High

The operating system must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

AIX must verify the hash of audit tools.

Rule

Severity: Medium

OL 8 must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

Automation Controller must use cryptographic mechanisms to protect the integrity of log tools.

Rule

Severity: Medium

All audit records must generate the event results within OpenShift.

Rule

Severity: High

The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.

Rule

Severity: Medium

RHEL 8 must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

The SUSE operating system file integrity tool must be configured to protect the integrity of the audit tools.

Rule

Severity: Medium

RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

System packages must be configured with the vendor-provided files, permissions, and ownerships.

Rule

Severity: Medium

The VMM must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

The ESXi host must implement Secure Boot enforcement.

Rule

Severity: Medium

The ESXi host must enable Secure Boot.

Rule

Severity: Medium

The Photon operating system package files must not be modified.

Rule

Severity: High

The Photon operating system must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

Ubuntu 22.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools.

Rule

Severity: Medium

SLEM 5 file integrity tool must be configured to protect the integrity of the audit tools.

Rule

Severity: Medium

TOSS must use cryptographic mechanisms to protect the integrity of audit tools.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity

Modules