Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 7

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Enable NX or XD Support in the BIOS

    Reboot the system and enter the BIOS or Setup configuration menu. Navigate the BIOS configuration menu and make sure that the option is enabled. Th...
    Rule Medium Severity
  • Install PAE Kernel on Supported 32-bit x86 Systems

    Systems that are using the 64-bit x86 kernel package do not need to install the kernel-PAE package because the 64-bit x86 kernel already includes t...
    Rule Unknown Severity
  • cobbler_use_nfs SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
  • Enable page allocator poisoning

    To enable poisoning of free pages, add the argument <code>page_poison=1</code> to the default GRUB 2 command line for the Linux operating system. T...
    Rule Medium Severity
  • Enable SLUB/SLAB allocator poisoning

    To enable poisoning of SLUB/SLAB objects, add the argument <code>slub_debug=<xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_slub_debug...
    Rule Medium Severity
  • SELinux

    SELinux is a feature of the Linux kernel which can be used to guard against misconfigured or compromised programs. SELinux enforces the idea that p...
    Group
  • SELinux policy

    Type of policy in use. Possible values are: <br>targeted - Only targeted network daemons are protected. <br>strict - Full SELinux protection. <br>m...
    Value
  • SELinux state

    enforcing - SELinux security policy is enforced. <br>permissive - SELinux prints warnings instead of enforcing. <br>disabled - SELinux is fully dis...
    Value
  • Install libselinux Package

    The libselinux package can be installed with the following command:
    $ sudo yum install libselinux
    Rule High Severity
  • Install policycoreutils Package

    The policycoreutils package can be installed with the following command:
    $ sudo yum install policycoreutils
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules