Skip to content
ATO Pathways
  Log In

DRAFT - Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

Rules and Groups employed by this XCCDF Profile

  • firewalld

    The dynamic firewall daemon <code>firewalld</code> provides a dynamically managed firewall with support for network “zones” to assign a level of tr...
    Group
    Show

  • Inspect and Activate Default firewalld Rules

    Firewalls can be used to separate networks into different zones based on the level of trust the user has decided to place on the devices and traffi...
    Group
    Show

  • Install firewalld Package

    The firewalld package can be installed with the following command: 
    $ sudo dnf install firewalld
    Rule Medium Severity
    Show

  • Verify firewalld Enabled

    The firewalld service can be enabled with the following command: 
    $ sudo systemctl enable firewalld.service
    Rule Medium Severity
    Show

  • Uncommon Network Protocols

    The system includes support for several network protocols which are not commonly used. Although security vulnerabilities in kernel networking code ...
    Group
    Show

  • Disable CAN Support

    The Controller Area Network (CAN) is a serial communications protocol which was initially developed for automotive and is now also used in marine, ...
    Rule Medium Severity
    Show

  • Disable SCTP Support

    The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, designed to support the idea of message-oriented communication, with...
    Rule Medium Severity
    Show

  • Disable TIPC Support

    The Transparent Inter-Process Communication (TIPC) protocol is designed to provide communications between nodes in a cluster. To configure the sys...
    Rule Low Severity
    Show

  • Wireless Networking

    Wireless networking, such as 802.11 (WiFi) and Bluetooth, can present a security risk to sensitive or classified systems and networks. Wireless net...
    Group
    Show

  • Disable Wireless Through Software Configuration

    If it is impossible to remove the wireless hardware from the device in question, disable as much of it as possible through software. The following ...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules