Capacity
4
29
Rule
Severity: Medium
Install the Host Intrusion Prevention System (HIPS) Module
15
Rule
Severity: High
The Installed Operating System Is Vendor Supported
9
Rule
Severity: High
Install Virus Scanning Software
5
Rule
Severity: Medium
Enable nails Service
8
Rule
Severity: High
Install McAfee Virus Scanning Software
21
Rule
Severity: Medium
Ensure Software Patches Installed
5
Rule
Severity: Medium
Virus Scanning Software Definitions Are Updated
7
Rule
Severity: Medium
Install the Asset Configuration Compliance Module (ACCM)
7
Rule
Severity: Medium
Install the Policy Auditor (PA) Module
12
Rule
Severity: Medium
Require Encryption for Remote Access in GNOME3
9
Rule
Severity: Low
Ensure yum Removes Previous Package Versions
30
Rule
Severity: Medium
Enable auditd Service
30
Rule
Severity: Medium
Make the auditd Configuration Immutable
30
Rule
Severity: Medium
Record Events that Modify the System's Mandatory Access Controls
29
Rule
Severity: Medium
Ensure auditd Collects Information on Exporting to Media (successful)
30
Rule
Severity: Medium
Record Events that Modify the System's Network Environment
30
Rule
Severity: Medium
Record Attempts to Alter Process and Session Initiation Information
29
Rule
Severity: Medium
Ensure auditd Collects System Administrator Actions
29
Rule
Severity: Medium
Record Events that Modify User/Group Information
29
Rule
Severity: Medium
System Audit Logs Must Have Mode 0750 or Less Permissive
40
Rule
Severity: Medium
System Audit Logs Must Be Owned By Root
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - chmod
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - chown
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchmod
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchmodat
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchown
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fchownat
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fremovexattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - fsetxattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - lchown
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - lremovexattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - lsetxattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - removexattr
29
Rule
Severity: Medium
Record Events that Modify the System's Discretionary Access Controls - setxattr
23
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - rename
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - renameat
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - rmdir
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - unlink
29
Rule
Severity: Medium
Ensure auditd Collects File Deletion Events by User - unlinkat
23
Rule
Severity: Medium
Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - creat
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - ftruncate
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - open
24
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - open_by_handle_at
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - openat
23
Rule
Severity: Medium
Record Unsuccessful Access Attempts to Files - truncate
23
Rule
Severity: Medium
Ensure auditd Collects Information on Kernel Module Loading and Unloading
22
Rule
Severity: Medium
Ensure auditd Collects Information on Kernel Module Unloading - delete_module
23
Rule
Severity: Medium
Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module
22
Rule
Severity: Medium
Ensure auditd Collects Information on Kernel Module Loading - init_module
29
Rule
Severity: Medium
Ensure auditd Collects Information on the Use of Privileged Commands
30
Rule
Severity: Medium
Record attempts to alter time through adjtimex
30
Rule
Severity: Medium
Record Attempts to Alter Time Through clock_settime
30
Rule
Severity: Medium
Record attempts to alter time through settimeofday
29
Rule
Severity: Medium
Record Attempts to Alter Time Through stime
29
Rule
Severity: Medium
Record Attempts to Alter the localtime File
19
Rule
Severity: Low
Enable Auditing for Processes Which Start Prior to the Audit Daemon
29
Rule
Severity: Medium
Configure auditd to use audispd's syslog plugin
59
Rule
Severity: Medium
Configure auditd Disk Error Action on Disk Error
59
Rule
Severity: Medium
Configure auditd Disk Full Action when Disk Space Is Full
27
Rule
Severity: Medium
Configure auditd mail_acct Action on Low Disk Space
30
Rule
Severity: Medium
Configure auditd admin_space_left Action on Low Disk Space
28
Rule
Severity: Medium
Configure auditd Max Log File Size
57
Rule
Severity: Medium
Configure auditd max_log_file_action Upon Reaching Maximum Log Size
30
Rule
Severity: Medium
Configure auditd Number of Logs Retained
30
Rule
Severity: Medium
Configure auditd space_left Action on Low Disk Space
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/group
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/gshadow
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/security/opasswd
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/passwd
20
Rule
Severity: Medium
Record Events that Modify User/Group Information - /etc/shadow
30
Rule
Severity: Medium
Verify ip6tables Enabled if Using IPv6
17
Rule
Severity: Medium
System Audit Logs Must Have Mode 0640 or Less Permissive
30
Rule
Severity: Medium
Verify iptables Enabled
20
Rule
Severity: Medium
Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces
22
Rule
Severity: Medium
Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default
20
Rule
Severity: Medium
Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces
22
Rule
Severity: Medium
Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces
22
Rule
Severity: Medium
Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces
21
Rule
Severity: Medium
Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces
20
Rule
Severity: Medium
Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default
20
Rule
Severity: Medium
Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default
20
Rule
Severity: Medium
Configure Kernel Parameter for Accepting Secure Redirects By Default
22
Rule
Severity: Medium
Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces
22
Rule
Severity: Medium
Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces
22
Rule
Severity: Medium
Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces
22
Rule
Severity: Medium
Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default
11
Rule
Severity: Medium
Record Unsuccessful Creation Attempts to Files - open_by_handle_at O_CREAT
11
Rule
Severity: Medium
Record Unsuccessful Modification Attempts to Files - open_by_handle_at O_TRUNC_WRITE
11
Rule
Severity: Medium
Ensure auditd Unauthorized Access Attempts To open_by_handle_at Are Ordered Correctly
11
Rule
Severity: Medium
Record Unsuccessful Creation Attempts to Files - open O_CREAT
11
Rule
Severity: Medium
Record Unsuccessful Modification Attempts to Files - open O_TRUNC_WRITE
11
Rule
Severity: Medium
Ensure auditd Rules For Unauthorized Attempts To open Are Ordered Correctly
11
Rule
Severity: Medium
Record Unsuccessful Creation Attempts to Files - openat O_CREAT
11
Rule
Severity: Medium
Record Unsuccessful Modification Attempts to Files - openat O_TRUNC_WRITE
11
Rule
Severity: Medium
Ensure auditd Rules For Unauthorized Attempts To openat Are Ordered Correctly
14
Rule
Severity: Medium
Record Unsuccessful Delete Attempts to Files - rename
14
Rule
Severity: Medium
Record Unsuccessful Delete Attempts to Files - renameat
14
Rule
Severity: Medium
Record Unsuccessful Delete Attempts to Files - unlink
14
Rule
Severity: Medium
Record Unsuccessful Delete Attempts to Files - unlinkat
30
Rule
Severity: High
Ensure SELinux State is Enforcing
18
Rule
Severity: Medium
Record Attempts to Alter Logon and Logout Events
20
Rule
Severity: Medium
Record Attempts to Alter Logon and Logout Events - faillock
23
Rule
Severity: Medium
Record Attempts to Alter Logon and Logout Events - lastlog
21
Rule
Severity: Medium
Record Attempts to Alter Logon and Logout Events - tallylog
15
Rule
Severity: Medium
Disable Network Router Discovery Daemon (rdisc)
13
Rule
Severity: Medium
Configure auditd admin_space_left on Low Disk Space
27
Rule
Severity: Medium
Configure auditd space_left on Low Disk Space
29
Rule
Severity: High
Enable Encrypted X11 Forwarding
16
Rule
Severity: Medium
Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server
13
Rule
Severity: Medium
Verify Any Configured IPSec Tunnel Connections
13
Rule
Severity: Medium
Ensure SELinux Not Disabled in the kernel arguments
16
Rule
Severity: Medium
Ensure SELinux Not Disabled in /etc/default/grub
18
Rule
Severity: Medium
Configure SELinux Policy
3
Rule
Severity: Low
Ensure dnf Removes Previous Package Versions
6
Rule
Severity: Medium
System Audit Directories Must Be Group Owned By Root
6
Rule
Severity: Medium
System Audit Directories Must Be Owned By Root
11
Rule
Severity: Medium
System Audit Logs Must Be Group Owned By Root
1
Rule
Severity: Medium
The Kubernetes Audit Logs Directory Must Have Mode 0700
1
Rule
Severity: Medium
The OAuth Audit Logs Directory Must Have Mode 0700
1
Rule
Severity: Medium
The OpenShift Audit Logs Directory Must Have Mode 0700
1
Rule
Severity: Medium
Kubernetes Audit Logs Must Be Owned By Root
1
Rule
Severity: Medium
OAuth Audit Logs Must Be Owned By Root
1
Rule
Severity: Medium
OpenShift Audit Logs Must Be Owned By Root
1
Rule
Severity: Medium
Kubernetes Audit Logs Must Have Mode 0600
1
Rule
Severity: Medium
OAuth Audit Logs Must Have Mode 0600
1
Rule
Severity: Medium
OpenShift Audit Logs Must Have Mode 0600
1
Rule
Severity: Medium
Enable Auditing for Processes Which Start Prior to the Audit Daemon
2
Rule
Severity: Low
Ensure zypper Removes Previous Package Versions
2
Rule
Severity: Low
Ensure apt_get Removes Previous Package Versions
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules