Skip to content

Guide to the Secure Configuration of Ubuntu 20.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Ensure nftables Default Deny Firewall Policy

    Base chain policy is the default verdict that will be applied to packets reaching the end of the chain. There are two policies: accept (Default) an...
    Rule Medium Severity
  • Network Manager

    The NetworkManager daemon configures a variety of network connections. This section discusses how to configure NetworkManager.
    Group
  • NetoworkManager DNS Mode

    This sets how NetworkManager handles DNS. none - NetworkManager will not modify resolv.conf. default - NetworkManager will update /etc/resolv.con...
    Value
  • Verify that All World-Writable Directories Have Sticky Bits Set

    When the so-called 'sticky bit' is set on a directory, only the owner of a given file may remove that file from the directory. Without the sticky b...
    Rule Medium Severity
  • Disable Host-Based Authentication

    SSH's cryptographic host-based authentication is more secure than <code>.rhosts</code> authentication. However, it is not recommended that hosts un...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules