Skip to content

DRAFT - Protection Profile for General Purpose Operating Systems

Rules and Groups employed by this XCCDF Profile

  • System Accounting with auditd

    The audit service provides substantial capabilities for recording system activities. By default, the service audits about SELinux AVC denials and c...
    Group
  • Install audispd-plugins Package

    The audispd-plugins package can be installed with the following command:
    $ sudo yum install audispd-plugins
    Rule Medium Severity
  • Ensure the audit Subsystem is Installed

    The audit package should be installed.
    Rule Medium Severity
  • Enable auditd Service

    The <code>auditd</code> service is an essential userspace component of the Linux Auditing System, as it is responsible for writing audit records to...
    Rule Medium Severity
  • Enable Auditing for Processes Which Start Prior to the Audit Daemon

    To ensure all processes can be audited, even those which start prior to the audit daemon, add the argument <code>audit=1</code> to the default GRUB...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules