Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Ubuntu 20.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Transport Layer Security Support

    Support for Transport Layer Security (TLS), and its predecessor, the Secure Sockets Layer (SSL), is included in Red Hat Enterprise Linux in the Ope...
    Group
    Show

  • Only Allow DoD PKI-established CAs

    The operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sess...
    Rule Medium Severity
    Show

  • File Permissions and Masks

    Traditional Unix security relies heavily on file and directory permissions to prevent unauthorized users from reading or modifying files to which t...
    Group
    Show

  • Verify Permissions on Important Files and Directories

    Permissions for many files on a system must be set restrictively to ensure sensitive information is properly protected. This section discusses impo...
    Group
    Show

  • Verify permissions of log files

    Any operating system providing too much information in error messages risks compromising the data and security of the structure, and content of err...
    Rule Medium Severity
    Show

  • Verify Permissions on /etc/audit/auditd.conf

    To properly set the permissions of /etc/audit/auditd.conf, run the command: 
    $ sudo chmod 0640 /etc/audit/auditd.conf
    Rule Medium Severity
    Show

  • Verify Permissions on /etc/audit/rules.d/*.rules

    To properly set the permissions of /etc/audit/rules.d/*.rules, run the command: 
    $ sudo chmod 0640 /etc/audit/rules.d/*.rules
    Rule Medium Severity
    Show

  • Verify that local System.map file (if exists) is readable only by root

    Files containing sensitive informations should be protected by restrictive permissions. Most of the time, there is no need that these files need ...
    Rule Unknown Severity
    Show

  • Ensure No World-Writable Files Exist

    It is generally a good idea to remove global (other) write access to a file when it is discovered. However, check with documentation for specific a...
    Rule Medium Severity
    Show

  • Ensure All Files Are Owned by a Group

    If any file is not group-owned by a group present in /etc/group, the cause of the lack of group-ownership must be investigated. Following this, tho...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules