General Purpose Operating System Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000425
Group -
The operating system must maintain the confidentiality and integrity of information during preparation for transmission.
Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission, for example, during aggregation, at protocol transformation points, and during pa...Rule Medium Severity -
SRG-OS-000426
Group -
SRG-OS-000432
Group -
The operating system must behave in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.
A common vulnerability of operating system is unpredictable behavior when invalid inputs are received. This requirement guards against adverse or unintended system behavior caused by invalid inputs...Rule Medium Severity -
SRG-OS-000433
Group -
SRG-OS-000433
Group -
The operating system must implement address space layout randomization to protect its memory from unauthorized code execution.
Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory incl...Rule Medium Severity -
SRG-OS-000437
Group -
SRG-OS-000445
Group -
SRG-OS-000446
Group -
The operating system must perform verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days.
Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmwar...Rule Medium Severity -
SRG-OS-000447
Group -
The operating system must shut down the information system, restart the information system, and/or notify the system administrator when anomalies in the operation of any security functions are discovered.
If anomalies are not acted upon, security functions may fail to secure the system. Security function is defined as the hardware, software, and/or firmware of the information system responsible fo...Rule Medium Severity -
SRG-OS-000458
Group -
The operating system must generate audit records when successful/unsuccessful attempts to access security objects occur.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000461
Group -
SRG-OS-000462
Group -
The operating system must generate audit records when successful/unsuccessful attempts to modify privileges occur.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000463
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.