Skip to content
Log In

CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000033-GPOS-00014

    Group
    Show

  • SRG-OS-000002-GPOS-00002

    Group
    Show

  • SRG-OS-000004-GPOS-00004

    Group
    Show

  • AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.

    Audit records provide a means to investigate events related to a security incident. Insufficient audit coverage will make identifying those responsible challenging or impossible. This auditd polic...
    Rule Medium Severity
    Show

  • SRG-OS-000004-GPOS-00004

    Group
    Show

  • SRG-OS-000004-GPOS-00004

    Group
    Show

  • SRG-OS-000004-GPOS-00004

    Group
    Show

  • AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.

    Audit records provide a means to investigate events related to a security incident. Insufficient audit coverage will make identifying those responsible challenging or impossible. This auditd polic...
    Rule Medium Severity
    Show

  • SRG-OS-000004-GPOS-00004

    Group
    Show

  • SRG-OS-000004-GPOS-00004

    Group
    Show

  • AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.

    Audit records provide a means to investigate events related to a security incident. Insufficient audit coverage will make identifying those responsible challenging or impossible. This auditd polic...
    Rule Medium Severity
    Show

  • SRG-OS-000004-GPOS-00004

    Group
    Show

  • SRG-OS-000080-GPOS-00048

    Group
    Show

  • SRG-OS-000080-GPOS-00048

    Group
    Show

  • AlmaLinux OS 9 must require a boot loader password.

    Password protection on the boot loader configuration ensures users with physical access cannot trivially alter important bootloader settings. These include which kernel to use, and whether to enter...
    Rule Medium Severity
    Show

  • SRG-OS-000080-GPOS-00048

    Group
    Show

  • AlmaLinux OS 9 must require a unique superuser's name upon booting into single-user and maintenance modes.

    Having a nondefault grub superuser username makes password-guessing attacks less effective.
    Rule Medium Severity
    Show

  • SRG-OS-000080-GPOS-00048

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules