Skip to content
ATO Pathways
  Log In

Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)

Rules and Groups employed by this XCCDF Profile

  • firewalld

    The dynamic firewall daemon <code>firewalld</code> provides a dynamically managed firewall with support for network “zones” to assign a level of tr...
    Group
    Show

  • Inspect and Activate Default firewalld Rules

    Firewalls can be used to separate networks into different zones based on the level of trust the user has decided to place on the devices and traffi...
    Group
    Show

  • Verify firewalld Enabled

    The firewalld service can be enabled with the following command: 
    $ sudo systemctl enable firewalld.service
    Rule Medium Severity
    Show

  • Strengthen the Default Ruleset

    The default rules can be strengthened. The system scripts that activate the firewall rules expect them to be defined in configuration files under t...
    Group
    Show

  • Set Default firewalld Zone for Incoming Packets

    To set the default zone to <code>drop</code> for the built-in default zone which processes incoming IPv4 and IPv6 packets, modify the following lin...
    Rule Medium Severity
    Show

  • Uncommon Network Protocols

    The system includes support for several network protocols which are not commonly used. Although security vulnerabilities in kernel networking code ...
    Group
    Show

  • Disable DCCP Support

    The Datagram Congestion Control Protocol (DCCP) is a relatively new transport layer protocol, designed to support streaming media and telephony. T...
    Rule Medium Severity
    Show

  • Disable SCTP Support

    The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, designed to support the idea of message-oriented communication, with...
    Rule Medium Severity
    Show

  • File Permissions and Masks

    Traditional Unix security relies heavily on file and directory permissions to prevent unauthorized users from reading or modifying files to which t...
    Group
    Show

  • Verify Permissions on Important Files and Directories

    Permissions for many files on a system must be set restrictively to ensure sensitive information is properly protected. This section discusses impo...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules