Skip to content
Log In

CM-6(b)

Ensure There Are No Accounts With Blank or Null Passwords

34 rules found Severity: High

Logo

Ensure that System Accounts Do Not Run a Shell Upon Login

25 rules found Severity: Medium

Logo

The operating system must restrict privilege elevation to authorized personnel

17 rules found Severity: Medium

Logo

Ensure invoking users password for privilege escalation when using sudo

17 rules found Severity: Medium

Logo

Disable Accepting ICMP Redirects for All IPv6 Interfaces

27 rules found Severity: Medium

Logo

Disable Kernel Parameter for IPv6 Forwarding

24 rules found Severity: Medium

Logo

Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default

29 rules found Severity: Medium

Logo

Disable X11 Forwarding

34 rules found Severity: Medium

Logo

Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces

11 rules found Severity: Medium

Logo

Add grpquota Option to /home

12 rules found Severity: Medium

Logo

Add noexec Option to /home

18 rules found Severity: Medium

Logo

Add usrquota Option to /home

12 rules found Severity: Medium

Logo

Ensure tftp Daemon Uses Secure Mode

11 rules found Severity: Medium

Logo

Enable SSH Server firewalld Firewall Exception

13 rules found Severity: Medium

Logo

Prevent remote hosts from connecting to the proxy display

16 rules found Severity: Medium

Logo

Disable graphical user interface

15 rules found Severity: Medium

Logo

Add nosuid Option to /boot/efi

6 rules found Severity: Medium

Logo

Make sure the Container Security Operator is installed

1 rule found Severity: Medium

Logo

System Must Avoid Meltdown and Spectre Exploit Vulnerabilities in Modern Processors

1 rule found Severity: Medium

Logo

Disable GDM Unattended or Automatic Login

3 rules found Severity: High

Logo

The PAM configuration should not be changed automatically

1 rule found Severity: Medium

Logo

Enforce Delay After Failed Logon Attempts

1 rule found Severity: Medium

Logo

Set Password Retry Limit

1 rule found Severity: Medium

Logo

Only Authorized Local User Accounts Exist on Operating System

1 rule found Severity: Medium

Logo

Verify Only Root Has UID 0

2 rules found Severity: High

Logo

Enable auditd Service

1 rule found Severity: Medium

Logo

Disable Ctrl-Alt-Del Burst Action

1 rule found Severity: High

Logo

All Interactive User Home Directories Must Be Group-Owned By The Primary Group

1 rule found Severity: Medium

Logo

Remove Default Configuration to Disable Syscall Auditing

1 rule found Severity: Medium

Logo

Ensure System is Not Acting as a Network Sniffer

1 rule found Severity: Medium

Logo

Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces

3 rules found Severity: Medium

Logo

Disable Kernel Parameter for IPv6 Forwarding by default

3 rules found Severity: Medium

Logo

Ensure All World-Writable Directories Are Group Owned by a System Account

1 rule found Severity: Medium

Logo

Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces

2 rules found Severity: Medium

Logo

Disable SSH Access via Empty Passwords

1 rule found Severity: High

Logo

Do Not Allow SSH Environment Options

1 rule found Severity: Medium

Logo

NetworkManager DNS Mode Must Be Must Configured

5 rules found Severity: Medium

Logo