VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Photon operating system auditd service must generate audit records for all account creations, modifications, disabling, and termination events.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000480-GPOS-00225
Group -
The Photon operating system must use the "pam_cracklib" module.
If the operating system allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses and bru...Rule Medium Severity -
SRG-OS-000480-GPOS-00226
Group -
The Photon operating system must set the "FAIL_DELAY" parameter.
Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.Rule Medium Severity -
SRG-OS-000480-GPOS-00226
Group -
SRG-OS-000480-GPOS-00227
Group -
The Photon operating system must ensure audit events are flushed to disk at proper intervals.
Without setting a balance between performance and ensuring all audit events are written to disk, performance of the system may suffer or the risk of missing audit entries may be too high.Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The Photon operating system must create a home directory for all new local interactive user accounts.
If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.