Anduril NixOS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000042-GPOS-00020
Group -
SRG-OS-000042-GPOS-00020
Group -
NixOS must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.
Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. If auditi...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Successful/unsuccessful uses of the mount syscall in NixOS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in NixOS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
SRG-OS-000042-GPOS-00020
Group -
NixOS must generate an audit record for successful/unsuccessful modifications to the cron configuration.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
SRG-OS-000042-GPOS-00020
Group -
Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in NixOS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
SRG-OS-000046-GPOS-00022
Group -
SRG-OS-000046-GPOS-00022
Group -
SRG-OS-000046-GPOS-00022
Group -
NixOS must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.Rule Medium Severity -
SRG-OS-000046-GPOS-00022
Group -
SRG-OS-000047-GPOS-00023
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.