Skip to content

Guide to the Secure Configuration of Anolis OS 23

Rules, Groups, and Values defined within the XCCDF Benchmark

  • General Principles

    The following general principles motivate much of the advice in this guide and should also influence any configuration decisions that are not expli...
    Group
  • Encrypt Transmitted Data Whenever Possible

    Data transmitted over a network, whether wired or wireless, is susceptible to passive monitoring. Whenever practical solutions for encrypting such ...
    Group
  • Least Privilege

    Grant the least privilege necessary for user accounts and software to perform tasks. For example, <code>sudo</code> can be implemented to limit aut...
    Group
  • Minimize Software to Minimize Vulnerability

    The simplest way to avoid vulnerabilities in software is to avoid installing that software. On Anolis OS 23,the RPM Package Manager (originally Red...
    Group
  • Run Different Network Services on Separate Systems

    Whenever possible, a server should be dedicated to serving exactly one network service. This limits the number of other services that can be compro...
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules