SRG-OS-000480-GPOS-00227

21 rules found Severity: High

13 rules found Severity: Medium

18 rules found Severity: Low

27 rules found Severity: Medium

32 rules found Severity: Low

30 rules found Severity: Low

32 rules found Severity: Low

31 rules found Severity: Low

32 rules found Severity: Low

17 rules found Severity: High

9 rules found Severity: High

31 rules found Severity: Medium

5 rules found Severity: Medium

24 rules found Severity: Medium

9 rules found Severity: High

5 rules found Severity: Medium

32 rules found Severity: Low

7 rules found Severity: Medium

27 rules found Severity: Medium

21 rules found Severity: Medium

15 rules found Severity: Medium

15 rules found Severity: High

13 rules found Severity: High

17 rules found Severity: Medium

14 rules found Severity: Medium

14 rules found Severity: Low

12 rules found Severity: Medium

33 rules found Severity: High

34 rules found Severity: High

16 rules found Severity: High

34 rules found Severity: High

25 rules found Severity: Medium

17 rules found Severity: Medium

13 rules found Severity: Medium

17 rules found Severity: Medium

12 rules found Severity: Medium

12 rules found Severity: Low

12 rules found Severity: Medium

23 rules found Severity: Medium

19 rules found Severity: Medium

13 rules found Severity: Medium

26 rules found Severity: Medium

31 rules found Severity: Medium

13 rules found Severity: Medium

17 rules found Severity: Medium

17 rules found Severity: High

20 rules found Severity: High

17 rules found Severity: Medium

16 rules found Severity: Medium

18 rules found Severity: Medium

21 rules found Severity: Medium

18 rules found Severity: Medium

21 rules found Severity: Medium

16 rules found Severity: Medium

21 rules found Severity: Medium

18 rules found Severity: Medium

26 rules found Severity: Medium

20 rules found Severity: Medium

15 rules found Severity: Medium

16 rules found Severity: Medium

31 rules found Severity: Medium

31 rules found Severity: Low

31 rules found Severity: Medium

24 rules found Severity: Medium

30 rules found Severity: Medium

31 rules found Severity: Medium

22 rules found Severity: Medium

26 rules found Severity: Medium

21 rules found Severity: Medium

22 rules found Severity: Medium

27 rules found Severity: Medium

24 rules found Severity: Medium

23 rules found Severity: Medium

26 rules found Severity: Medium

29 rules found Severity: Medium

28 rules found Severity: Medium

24 rules found

29 rules found Severity: Medium

28 rules found Severity: Medium

24 rules found

27 rules found Severity: Medium

28 rules found

29 rules found Severity: Medium

30 rules found Severity: Medium

26 rules found Severity: Medium

29 rules found Severity: Medium

33 rules found Severity: Medium

31 rules found Severity: Medium

33 rules found Severity: Medium

35 rules found Severity: Medium

32 rules found Severity: Medium

35 rules found Severity: Medium

33 rules found Severity: Medium

31 rules found Severity: Medium

33 rules found Severity: Medium

35 rules found Severity: Medium

32 rules found Severity: Medium

35 rules found Severity: Medium

33 rules found Severity: Medium

31 rules found Severity: Medium

33 rules found Severity: Medium

35 rules found Severity: Medium

32 rules found Severity: Medium

35 rules found Severity: Medium

27 rules found Severity: Medium

32 rules found Severity: Medium

24 rules found Severity: Medium

34 rules found Severity: Medium

35 rules found Severity: Medium

24 rules found Severity: Medium

25 rules found Severity: Medium

23 rules found Severity: Medium

16 rules found Severity: Medium

14 rules found Severity: Medium

25 rules found Severity: Medium

19 rules found Severity: Medium

27 rules found Severity: Medium

35 rules found Severity: Medium

34 rules found Severity: Medium

30 rules found Severity: High

31 rules found Severity: Medium

35 rules found Severity: High

31 rules found Severity: Medium

16 rules found Severity: Medium

34 rules found Severity: Medium

31 rules found Severity: Medium

36 rules found Severity: Medium

33 rules found Severity: Medium

35 rules found Severity: Medium

32 rules found Severity: Medium

16 rules found Severity: Medium

29 rules found Severity: High

33 rules found Severity: Medium

31 rules found Severity: Medium

30 rules found Severity: Medium

19 rules found Severity: Medium

16 rules found Severity: Medium

13 rules found Severity: Medium

5 rules found Severity: Medium

17 rules found Severity: Medium

18 rules found Severity: Medium

15 rules found Severity: Medium

18 rules found Severity: Medium

11 rules found Severity: Medium

13 rules found Severity: Medium

18 rules found Severity: Medium

9 rules found Severity: Medium

12 rules found Severity: Medium

25 rules found Severity: Medium

23 rules found Severity: Medium

18 rules found Severity: Medium

22 rules found Severity: Medium

18 rules found Severity: Medium

19 rules found Severity: Medium

14 rules found Severity: Medium

19 rules found Severity: Medium

15 rules found Severity: Medium

15 rules found Severity: Low

14 rules found Severity: Medium

18 rules found Severity: Medium

19 rules found Severity: High

16 rules found Severity: Medium

12 rules found Severity: Medium

13 rules found Severity: Medium

16 rules found Severity: Medium

14 rules found Severity: Medium

4 rules found Severity: Medium

16 rules found Severity: High

21 rules found Severity: High

11 rules found Severity: Medium

11 rules found Severity: Low

9 rules found Severity: Medium

11 rules found Severity: High

16 rules found Severity: Medium

9 rules found Severity: Medium

21 rules found Severity: Medium

15 rules found Severity: Medium

16 rules found Severity: Medium

3 rules found Severity: Medium

10 rules found Severity: Medium

5 rules found Severity: Medium

2 rules found Severity: Medium

6 rules found Severity: Medium

10 rules found Severity: Medium

15 rules found Severity: Medium

12 rules found Severity: Medium

10 rules found Severity: Medium

9 rules found Severity: Medium

8 rules found Severity: Low

8 rules found Severity: Medium

3 rules found Severity: Medium

6 rules found Severity: Low

5 rules found Severity: Medium

2 rules found Severity: Medium

1 rule found Severity: Medium

3 rules found Severity: Medium

8 rules found Severity: Medium

10 rules found Severity: Medium

1 rule found Severity: Medium

3 rules found Severity: Medium

24 rules found Severity: Medium

5 rules found Severity: Medium

3 rules found Severity: Medium

1 rule found Severity: Medium

SRG-OS-000480-GPOS-00227

Verify File Hashes with RPM

Configure AIDE to Use FIPS 140-2 for Validating Hashes

Configure AIDE to Verify Access Control Lists (ACLs)

Configure AIDE to Verify Extended Attributes

Install the Host Intrusion Prevention System (HIPS) Module

Ensure /home Located On Separate Partition

Ensure /tmp Located On Separate Partition

Ensure /var Located On Separate Partition

Ensure /var/log Located On Separate Partition

Ensure /var/log/audit Located On Separate Partition

The Installed Operating System Is Vendor Supported

Install Virus Scanning Software

Ensure gnutls-utils is installed

Ensure nss-tools is installed

Enable nails Service

Ensure Software Patches Installed

Install McAfee Virus Scanning Software

Virus Scanning Software Definitions Are Updated

Ensure PAM Displays Last Logon/Access Notification

Install the Asset Configuration Compliance Module (ACCM)

Install the Policy Auditor (PA) Module

Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session

Ensure /var/tmp Located On Separate Partition

Remove the GDM Package Group

Make sure that the dconf databases are up-to-date with regards to respective keyfiles

Disable the GNOME3 Login Restart and Shutdown Buttons

Disable the GNOME3 Login User List

Disable GNOME3 Automounting

Disable GNOME3 Automount Opening

Disable GNOME3 Automount running

Require Encryption for Remote Access in GNOME3

Prevent Login to Accounts With Empty Password

Ensure There Are No Accounts With Blank or Null Passwords

Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3

Verify Only Root Has UID 0

Ensure that System Accounts Do Not Run a Shell Upon Login

The operating system must restrict privilege elevation to authorized personnel

Ensure sudo only includes the default configuration directory

Ensure invoking users password for privilege escalation when using sudo

Install openscap-scanner Package

Install rng-tools Package

Install scap-security-guide Package

All Interactive User Home Directories Must Be Group-Owned By The Primary Group

All Interactive User Home Directories Must Be Owned By The Primary User

Uninstall gssproxy Package

Uninstall iprutils Package

Uninstall tuned Package

Ensure the Default Bash Umask is Set Correctly

Ensure the Default Umask is Set Correctly in /etc/profile

Ensure PAM password complexity module is enabled in password-auth

Ensure PAM password complexity module is enabled in system-auth

Disable debug-shell SystemD Service

Disable Ctrl-Alt-Del Burst Action

Disable Ctrl-Alt-Del Reboot Activation

Verify that Interactive Boot is Disabled

Only Authorized Local User Accounts Exist on Operating System

Ensure Home Directories are Created for New Users

User Initialization Files Must Be Group-Owned By The Primary Group

User Initialization Files Must Not Run World-Writable Programs

User Initialization Files Must Be Owned By the Primary User

Ensure that Users Path Contains Only Local Directories

All Interactive Users Must Have A Home Directory Defined

All Interactive Users Home Directories Must Exist

All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group

All User Files and Directories In The Home Directory Must Have a Valid Owner

All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive

Ensure All User Initialization Files Have Mode 0740 Or Less Permissive

All Interactive User Home Directories Must Have mode 0750 Or Less Permissive

Ensure the Default C Shell Umask is Set Correctly

Ensure the Default Umask is Set Correctly For Interactive Users

Include Local Events in Audit Logs

Resolve information before writing to audit logs

Write Audit Logs to the Disk

Verify /boot/grub2/grub.cfg Group Ownership

Ensure rsyslog is Installed

Enable rsyslog Service

Ensure Logs Sent To Remote Host

Install firewalld Package

Verify firewalld Enabled