DRAFT - Protection Profile for General Purpose Operating Systems
Rules and Groups employed by this XCCDF Profile
-
System Accounting with auditd
The <code>auditd</code> program can perform comprehensive monitoring of system activity. This section makes use of recommended configuration settings for specific policies or use cases. The rules i...Group -
Configure auditing of unsuccessful file accesses
Ensure that unsuccessful attempts to access a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file access (any other opens) This has to go last. -a a...Rule Medium Severity -
Configure auditing of successful file accesses
Ensure that successful attempts to access a file are audited. The following rules configure audit as described above: <pre>## Successful file access (any other opens) This has to go last. ## These...Rule Medium Severity -
Configure basic parameters of Audit system
Perform basic configuration of Audit system. Make sure that any previously defined rules are cleared, the auditing system is configured to handle sudden bursts of events, and in cases of failure, m...Rule Medium Severity -
Configure auditing of unsuccessful file creations
Ensure that unsuccessful attempts to create a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file creation (open with O_CREAT) -a always,exit -F arc...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules