II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000373-GPOS-00156
Group -
SLEM 5 must require reauthentication when using the "sudo" command.
Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, i...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
SLEM 5 must restrict privilege elevation to authorized personnel.
The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms the request to execute a command by checking a file,...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
SLEM 5 must specify the default "include" directory for the /etc/sudoers file.
The "sudo" command allows authorized users to run programs (including shells) as other users, system users, and root. The "/etc/sudoers" file is used to configure authorized "sudo" users as well as...Rule Medium Severity -
SRG-OS-000069-GPOS-00037
Group -
SLEM 5 must enforce passwords that contain at least one uppercase character.
Use of a complex password helps increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting a...Rule Medium Severity -
SRG-OS-000070-GPOS-00038
Group -
SLEM 5 must enforce passwords that contain at least one lowercase character.
Use of a complex password helps increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting a...Rule Medium Severity -
SRG-OS-000071-GPOS-00039
Group -
SLEM 5 must enforce passwords that contain at least one numeric character.
Use of a complex password helps increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting a...Rule Medium Severity -
SRG-OS-000266-GPOS-00101
Group -
SLEM 5 must enforce passwords that contain at least one special character.
Use of a complex password helps increase the time and resources required to compromise the password. Password complexity or strength is a measure of the effectiveness of a password in resisting att...Rule Medium Severity -
SRG-OS-000480-GPOS-00225
Group -
SLEM 5 must prevent the use of dictionary words for passwords.
If SLEM 5 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses and brute-force attacks.Rule Medium Severity -
SRG-OS-000078-GPOS-00046
Group -
SLEM 5 must employ passwords with a minimum of 15 characters.
The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised. Password complexity, or strength, is a measure of the effectivene...Rule Medium Severity -
SRG-OS-000072-GPOS-00040
Group -
SLEM 5 must require the change of at least eight of the total number of characters when passwords are changed.
If SLEM 5 allows the user to consecutively reuse extensive portions of passwords, this increases the chances of password compromise by increasing the window of opportunity for attempts at guessing ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.