Solaris 11 SPARC Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The operating system must implement transaction recovery for transaction-based systems.
Recovery and reconstitution constitutes executing an operating system contingency plan comprised of activities to restore essential missions and business functions. Transaction rollback and trans...Rule Medium Severity -
The operating system must conduct backups of system-level information contained in the information system per organization-defined frequency to conduct backups that are consistent with recovery time and recovery point objectives.
Operating system backup is a critical step in maintaining data assurance and availability. System-level information is data generated for/by the host (such as configuration settings) and/or admin...Rule Medium Severity -
The operating system must prevent the execution of prohibited mobile code.
Decisions regarding the employment of mobile code within operating systems are based on the potential for the code to cause damage to the system if used maliciously. Mobile code technologies incl...Rule Medium Severity -
The operating system must back up audit records at least every seven days onto a different system or system component than the system or component being audited.
Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited on an orga...Rule Medium Severity -
The audit system must identify in which zone an event occurred.
Tracking the specific Solaris zones in the audit trail reduces the time required to determine the cause of a security event.Rule Low Severity -
The operating system must monitor for unauthorized connections of mobile devices to organizational information systems.
Mobile devices include portable storage media (e.g., USB memory sticks, external hard disk drives) and portable computing and communications devices with information storage capability (e.g., noteb...Rule Medium Severity -
The operating system must support the capability to compile audit records from multiple components within the system into a system-wide (logical or physical) audit trail that is time-correlated to within organization-defined level of tolerance.
Without auditing, individual system accesses cannot be tracked, and malicious activity cannot be detected and traced back to an individual account. Without accurate time stamps, source, user, and ...Rule Medium Severity -
The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.
Addition of unauthorized code or packages may result in data corruption or theft.Rule Medium Severity -
The operating system must disable information system functionality that provides the capability for automatic execution of code on mobile devices without user direction.
Mobile devices include portable storage media (e.g., USB memory sticks, external hard disk drives) and portable computing and communications devices with information storage capability (e.g., noteb...Rule Medium Severity -
The operating system must protect the integrity of transmitted information.
Ensuring the integrity of transmitted information requires the operating system take feasible measures to employ transmission layer security. This requirement applies to communications across inter...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.