North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) cybersecurity standards profile for Red Hat Enterprise Linux CoreOS
Rules and Groups employed by this XCCDF Profile
-
Configure Console Screen Locking
A console screen locking mechanism is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the in...Group -
Prevent user from disabling the screen lock
Thetmux
terminal multiplexer is used to implement automatic session locking. It should not be listed in/etc/shells
.Rule Low Severity -
Protect Accounts by Restricting Password-Based Login
Conventionally, Unix shell accounts are accessed by providing a username and password to a login program, which tests these values for correctness ...Group -
Verify Proper Storage and Existence of Password Hashes
By default, password hashes for local accounts are stored in the second field (colon-separated) in <code>/etc/shadow</code>. This file should be re...Group -
Prevent Login to Accounts With Empty Password
If an account is configured for password authentication but does not have an assigned password, it may be possible to log into the account without ...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules