Skip to content
Log In

General Purpose Operating System Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The operating system must provide an audit reduction capability that supports on-demand audit review and analysis.

    The ability to perform on-demand audit review and analysis, including after the audit data has been subjected to audit reduction, greatly facilitates the organization's ability to generate incident...
    Rule Low Severity
    Show

  • SRG-OS-000349

    Group
    Show

  • SRG-OS-000350

    Group
    Show

  • SRG-OS-000351

    Group
    Show

  • SRG-OS-000352

    Group
    Show

  • The operating system must provide a report generation capability that supports after-the-fact investigations of security incidents.

    If the report generation capability does not support after-the-fact investigations, it is difficult to establish, correlate, and investigate the events leading up to an outage or attack or identify...
    Rule Low Severity
    Show

  • SRG-OS-000353

    Group
    Show

  • SRG-OS-000354

    Group
    Show

  • The operating system must not alter original content or time ordering of audit records when it provides a report generation capability.

    If the report generation capability alters the content or time ordering of audit records, the integrity of the audit records is compromised, and the records are no longer usable for forensic analys...
    Rule Medium Severity
    Show

  • SRG-OS-000355

    Group
    Show

  • SRG-OS-000356

    Group
    Show

  • The operating system must synchronize internal information system clocks to the authoritative time source when the time difference is greater than one second.

    Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when condu...
    Rule Medium Severity
    Show

  • SRG-OS-000358

    Group
    Show

  • The operating system must record time stamps for audit records that meet a minimum granularity of one second for a minimum degree of precision.

    Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the operating system include date and time. G...
    Rule Medium Severity
    Show

  • SRG-OS-000359

    Group
    Show

  • The operating system must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).

    If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the operating system include date and time...
    Rule Low Severity
    Show

  • SRG-OS-000360

    Group
    Show

  • The operating system must enforce dual authorization for movement and/or deletion of all audit information, when such movement or deletion is not part of an authorized automatic process.

    An authorized user may intentionally or accidentally move or delete audit records without those specific actions being authorized. All bulk manipulation of audit information must be authorized via...
    Rule Medium Severity
    Show

  • SRG-OS-000362

    Group
    Show

  • SRG-OS-000363

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules