PCI-DSS v3.2.1 Control Baseline for SUSE Linux enterprise 15
Rules and Groups employed by this XCCDF Profile
-
Set SSH Client Alive Count Max
The SSH server sends at most <code>ClientAliveCountMax</code> messages during a SSH session and waits for a response from the SSH client. The optio...Rule Medium Severity -
Set SSH Client Alive Interval
SSH allows administrators to set a network responsiveness timeout interval. After this interval has passed, the unresponsive client will be automat...Rule Medium Severity -
System Security Services Daemon
The System Security Services Daemon (SSSD) is a system daemon that provides access to different identity and authentication providers such as Red H...Group -
Enable Smartcards in SSSD
SSSD should be configured to authenticate access to the system using smart cards. To enable smart cards in SSSD, set <code>pam_cert_auth</code> to ...Rule Medium Severity -
Configure Systemd Timer Execution of AIDE
At a minimum, AIDE should be configured to run a weekly scan. To implement a systemd service and a timer unit to run the service periodically: For ...Rule Medium Severity -
Record Attempts to perform maintenance activities
The SUSE Linux Enterprise 15 operating system must generate audit records for privileged activities, nonlocal maintenance, diagnostic sessions and ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules