Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000269-GPOS-00103
Group -
The Ubuntu operating system must be configured to preserve log records from failure events.
Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, i...Rule Medium Severity -
SRG-OS-000297-GPOS-00115
Group -
SRG-OS-000342-GPOS-00133
Group -
The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited.
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.Rule Low Severity -
SRG-OS-000383-GPOS-00166
Group -
The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day.
If cached authentication information is out-of-date, the validity of the authentication information may be questionable.Rule Low Severity -
SRG-OS-000480-GPOS-00226
Group -
The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.
Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.Rule Low Severity -
SRG-OS-000480-GPOS-00227
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.