Guide to the Secure Configuration of Red Hat Enterprise Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Configure SSSD LDAP Backend Client to Demand a Valid Certificate from the Server
Configure SSSD to demand a valid certificate from the server to protect the integrity of LDAP remote access sessions by setting the <pre>ldap_tls_r...Rule Medium Severity -
Configure SSSD LDAP Backend to Use TLS For All Transactions
The LDAP client should be configured to implement TLS for the integrity of all remote LDAP authentication sessions. If the <code>id_provider</code>...Rule High Severity -
USBGuard daemon
The USBGuard daemon enforces the USB device authorization policy for all USB devices.Group -
Install usbguard Package
Theusbguardpackage can be installed with the following command:$ sudo yum install usbguard
Rule Medium Severity -
Enable the USBGuard Service
The USBGuard service should be enabled. The <code>usbguard</code> service can be enabled with the following command: <pre>$ sudo systemctl enable ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules