Capacity
164.310(b)
18
Rule
Severity: Medium
Require Authentication for Emergency Systemd Target
18
Rule
Severity: Medium
Require Authentication for Single User Mode
12
Rule
Severity: Medium
Require Credential Prompting for Remote Access in GNOME3
12
Rule
Severity: Medium
Require Encryption for Remote Access in GNOME3
29
Rule
Severity: High
Prevent Login to Accounts With Empty Password
29
Rule
Severity: Medium
Direct root Logins Not Allowed
29
Rule
Severity: Medium
Restrict Serial Port Root Logins
29
Rule
Severity: Medium
Restrict Virtual Console Root Logins
15
Rule
Severity: Medium
Disable debug-shell SystemD Service
15
Rule
Severity: High
Disable Ctrl-Alt-Del Burst Action
17
Rule
Severity: High
Disable Ctrl-Alt-Del Reboot Activation
15
Rule
Severity: Medium
Verify that Interactive Boot is Disabled
19
Rule
Severity: Medium
Verify /boot/grub2/grub.cfg Group Ownership
19
Rule
Severity: Medium
Verify /boot/grub2/grub.cfg User Ownership
18
Rule
Severity: Medium
Verify /boot/grub2/grub.cfg Permissions
20
Rule
Severity: High
Set Boot Loader Password in grub2
20
Rule
Severity: High
Set the UEFI Boot Loader Password
29
Rule
Severity: Medium
Disable Core Dumps for SUID programs
30
Rule
Severity: Medium
Enable Randomized Layout of Virtual Address Space
30
Rule
Severity: High
Ensure SELinux State is Enforcing
45
Rule
Severity: Medium
Enable cron Service
27
Rule
Severity: High
Remove Rsh Trust Files
11
Rule
Severity: Medium
Verify /boot/grub2/user.cfg Group Ownership
12
Rule
Severity: Medium
Verify /boot/grub2/user.cfg User Ownership
29
Rule
Severity: Medium
Set SSH Client Alive Count Max to zero
11
Rule
Severity: Medium
Verify /boot/grub2/user.cfg Permissions
12
Rule
Severity: High
Set the Boot Loader Admin Username to a Non-Default Value
29
Rule
Severity: Medium
Set SSH Client Alive Count Max
30
Rule
Severity: Medium
Disable Host-Based Authentication
29
Rule
Severity: High
Allow Only SSH Protocol 2
29
Rule
Severity: Medium
Disable Compression Or Set Compression to delayed
13
Rule
Severity: Medium
Set the UEFI Boot Loader Admin Username to a Non-Default Value
30
Rule
Severity: High
Disable SSH Access via Empty Passwords
29
Rule
Severity: Medium
Disable GSSAPI Authentication
29
Rule
Severity: Medium
Disable Kerberos Authentication
29
Rule
Severity: Medium
Disable SSH Support for Rhosts RSA Authentication
30
Rule
Severity: Medium
Disable SSH Root Login
30
Rule
Severity: Medium
Disable SSH Support for User Known Hosts
30
Rule
Severity: Medium
Do Not Allow SSH Environment Options
29
Rule
Severity: Medium
Enable Use of Strict Mode Checking
57
Rule
Severity: Medium
Enable SSH Warning Banner
29
Rule
Severity: Medium
Enable Use of Privilege Separation
13
Rule
Severity: Medium
Verify Any Configured IPSec Tunnel Connections
17
Rule
Severity: Low
Restrict Access to Kernel Message Buffer
12
Rule
Severity: Medium
Enable ExecShield via sysctl
13
Rule
Severity: Medium
Ensure SELinux Not Disabled in the kernel arguments
16
Rule
Severity: Medium
Ensure SELinux Not Disabled in /etc/default/grub
17
Rule
Severity: Medium
Ensure No Daemons are Unconfined by SELinux
18
Rule
Severity: Medium
Configure SELinux Policy
13
Rule
Severity: Medium
Disable the selinuxuser_execheap SELinux Boolean
12
Rule
Severity: Medium
Enable the selinuxuser_execmod SELinux Boolean
13
Rule
Severity: Medium
Disable the selinuxuser_execstack SELinux Boolean
15
Rule
Severity: Medium
Disable KDump Kernel Crash Analyzer (kdump)
12
Rule
Severity: Medium
Use Kerberos Security on All Exports
17
Rule
Severity: Low
Uninstall xinetd Package
13
Rule
Severity: Medium
Disable xinetd Service
16
Rule
Severity: Unknown
Remove NIS Client
14
Rule
Severity: High
Uninstall ypserv Package
8
Rule
Severity: Medium
Disable ypbind Service
16
Rule
Severity: High
Uninstall rsh-server Package
17
Rule
Severity: Unknown
Uninstall rsh Package
9
Rule
Severity: High
Disable rexec Service
12
Rule
Severity: High
Disable rlogin Service
8
Rule
Severity: High
Disable rsh Service
15
Rule
Severity: Medium
Uninstall talk-server Package
17
Rule
Severity: Medium
Uninstall talk Package
15
Rule
Severity: High
Uninstall telnet-server Package
19
Rule
Severity: Low
Remove telnet Clients
12
Rule
Severity: High
Disable telnet Service
9
Rule
Severity: Medium
Disable Quagga Service
7
Rule
Severity: Medium
Enable authselect
2
Rule
Severity: Low
Uninstall tcpd Package
2
Rule
Severity: Medium
Verify /boot/grub/grub.cfg User Ownership
2
Rule
Severity: Medium
Verify /boot/grub/grub.cfg Permissions
29
Rule
Severity: Medium
Install the cron service
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules