Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 9

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Enable module signature verification

    Check modules for valid signatures upon load. Note that this option adds the OpenSSL development packages as a kernel build dependency so that the ...
    Rule Medium Severity
  • Disable hibernation

    Enable the suspend to disk (STD) functionality, which is usually called "hibernation" in user interfaces. STD checkpoints the system and powers it ...
    Rule Medium Severity
  • Disable IA32 emulation

    Disables support for legacy 32-bit programs under a 64-bit kernel. The configuration that was used to build kernel is available at <code>/boot/con...
    Rule Medium Severity
  • Disable the IPv6 protocol

    Disable support for IP version 6 (IPv6). The configuration that was used to build kernel is available at <code>/boot/config-*</code>. To check...
    Rule Medium Severity
  • Disable kexec system call

    <code>kexec</code> is a system call that implements the ability to shutdown your current kernel, and to start another kernel. It is like a reboot b...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules