PCI-DSS v4 Control Baseline for SUSE Linux enterprise 12
Rules and Groups employed by this XCCDF Profile
-
Record Events that Modify the System's Discretionary Access Controls - lsetxattr
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Events that Modify the System's Discretionary Access Controls - removexattr
At a minimum, the audit system should collect file permission changes for all users and root. <br><br> If the <code>auditd</code> daemon is configu...Rule Medium Severity -
Record Events that Modify the System's Discretionary Access Controls - setxattr
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record File Deletion Events by User
At a minimum, the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use t...Group -
Ensure auditd Collects File Deletion Events by User
At a minimum the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use th...Rule Medium Severity -
Ensure auditd Collects File Deletion Events by User - rename
At a minimum, the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use t...Rule Medium Severity -
Ensure auditd Collects File Deletion Events by User - renameat
At a minimum, the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use t...Rule Medium Severity -
Ensure auditd Collects File Deletion Events by User - rmdir
At a minimum, the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use t...Rule Medium Severity -
Ensure auditd Collects File Deletion Events by User - unlink
At a minimum, the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use t...Rule Medium Severity -
Ensure auditd Collects File Deletion Events by User - unlinkat
At a minimum, the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use t...Rule Medium Severity -
Record Unauthorized Access Attempts Events to Files (unsuccessful)
At a minimum, the audit system should collect unauthorized file accesses for all users and root. Note that the "-F arch=b32" lines should be presen...Group -
Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)
At a minimum the audit system should collect unauthorized file accesses for all users and root. If the <code>auditd</code> daemon is configured to ...Rule Medium Severity -
Record Unsuccessful Access Attempts to Files - creat
At a minimum, the audit system should collect unauthorized file accesses for all users and root. If the <code>auditd</code> daemon is configured to...Rule Medium Severity -
Record Unsuccessful Access Attempts to Files - ftruncate
At a minimum, the audit system should collect unauthorized file accesses for all users and root. If the <code>auditd</code> daemon is configured to...Rule Medium Severity -
Record Unsuccessful Access Attempts to Files - open
At a minimum, the audit system should collect unauthorized file accesses for all users and root. If the <code>auditd</code> daemon is configured to...Rule Medium Severity -
Record Unsuccessful Access Attempts to Files - open_by_handle_at
At a minimum, the audit system should collect unauthorized file accesses for all users and root. If the <code>auditd</code> daemon is configured to...Rule Medium Severity -
Record Unsuccessful Access Attempts to Files - openat
At a minimum, the audit system should collect unauthorized file accesses for all users and root. If the <code>auditd</code> daemon is configured to...Rule Medium Severity -
Record Unsuccessful Delete Attempts to Files - rename
The audit system should collect unsuccessful file deletion attempts for all users and root. If the <code>auditd</code> daemon is configured to use ...Rule Medium Severity -
Record Unsuccessful Delete Attempts to Files - renameat
The operating system must generate audit records for all uses of the <code>renameat</code> system call. Without generating audit records specific ...Rule Medium Severity -
Record Unsuccessful Access Attempts to Files - truncate
At a minimum, the audit system should collect unauthorized file accesses for all users and root. If the <code>auditd</code> daemon is configured to...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.