Skip to content

DISA STIG for Red Hat Enterprise Linux 8

Rules and Groups employed by this XCCDF Profile

  • Log USBGuard daemon audit events using Linux Audit

    To configure USBGuard daemon to log via Linux Audit (as opposed directly to a file), <code>AuditBackend</code> option in <code>/etc/usbguard/usbgua...
    Rule Low Severity
  • Generate USBGuard Policy

    By default USBGuard when enabled prevents access to all USB devices and this lead to inaccessible system if they use USB mouse/keyboard. To prevent...
    Rule Medium Severity
  • X Window System

    The X Window System implementation included with the system is called X.org.
    Group
  • Disable X Windows

    Unless there is a mission-critical reason for the system to run a graphical user interface, ensure X is not set to start automatically at boot and ...
    Group
  • Disable graphical user interface

    By removing the following packages, the system no longer has X Windows installed. <code>xorg-x11-server-Xorg xorg-x11-server-common xorg-x11-serv...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules