Guide to the Secure Configuration of Oracle Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Configure AIDE to Use FIPS 140-2 for Validating Hashes
By default, the <code>sha512</code> option is added to the <code>NORMAL</code> ruleset in AIDE. If using a custom ruleset or the <code>sha512</code> option is missing, add <code>sha512</code> to th...Rule Medium Severity -
Configure AIDE to Verify Extended Attributes
By default, the <code>xattrs</code> option is added to the <code>FIPSR</code> ruleset in AIDE. If using a custom ruleset or the <code>xattrs</code> option is missing, add <code>xattrs</code> to the...Rule Low Severity -
Install the dracut-fips-aesni Package
To enable FIPS on system that support the Advanced Encryption Standard (AES) or New Instructions (AES-NI) engine, the system requires that the <code>dracut-fips-aesni</code> package be installed. T...Rule Medium Severity -
Install the dracut-fips Package
To enable FIPS, the system requires that the <code>dracut-fips</code> package be installed. The <code>dracut-fips</code> package can be installed with the following command: <pre> $ sudo yum instal...Rule Medium Severity -
Ensure '/etc/system-fips' exists
On a system where FIPS mode is enabled,/etc/system-fipsmust exist. To enable FIPS mode, run the following command:fips-mode-setup --enable
Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules