Skip to content
Log In

General Purpose Operating System Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000439

    Group
    Show

  • The operating system must install security-relevant software updates within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

    Security flaws with operating systems are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (includin...
    Rule Medium Severity
    Show

  • SRG-OS-000590

    Group
    Show

  • SRG-OS-000690

    Group
    Show

  • SRG-OS-000705

    Group
    Show

  • SRG-OS-000710

    Group
    Show

  • SRG-OS-000720

    Group
    Show

  • SRG-OS-000725

    Group
    Show

  • SRG-OS-000730

    Group
    Show

  • The operating system must, for password-based authentication, employ automated tools to assist the user in selecting strong password authenticators.

    Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter pass...
    Rule Medium Severity
    Show

  • SRG-OS-000745

    Group
    Show

  • SRG-OS-000755

    Group
    Show

  • The operating system must monitor the use of maintenance tools that execute with increased privilege.

    Maintenance tools that execute with increased system privilege can result in unauthorized access to organizational information and assets that would otherwise be inaccessible.
    Rule Medium Severity
    Show

  • SRG-OS-000775

    Group
    Show

  • The operating system must include only approved trust anchors in trust stores or certificate stores managed by the organization.

    Public key infrastructure (PKI) certificates are certificates with visibility external to organizational systems and certificates related to the internal operations of systems, such as application-...
    Rule Medium Severity
    Show

  • SRG-OS-000780

    Group
    Show

  • SRG-OS-000785

    Group
    Show

  • The operating system must provide automated mechanisms for supporting account management functions.

    Enterprise environments make account management challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other errors. A comprehensive a...
    Rule Medium Severity
    Show

  • The operating system must audit all account creations.

    Once an attacker establishes access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create an acco...
    Rule Medium Severity
    Show

  • The operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system.

    Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal ...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules