Skip to content

PCI-DSS v4.0 Control Baseline for Red Hat Enterprise Linux 7

Rules and Groups employed by this XCCDF Profile

  • Record Attempts to Alter Logon and Logout Events - tallylog

    The audit system already collects login information for all users and root. If the <code>auditd</code> daemon is configured to use the <code>augenr...
    Rule Medium Severity
  • Records Events that Modify Date and Time Information

    Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are hi...
    Group
  • Record attempts to alter time through adjtimex

    If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...
    Rule Medium Severity
  • Record Attempts to Alter Time Through clock_settime

    If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...
    Rule Medium Severity
  • Record attempts to alter time through settimeofday

    If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules