Skip to content
Log In

DISA STIG for SUSE Linux Enterprise 15

Rules and Groups employed by this XCCDF Profile

  • Configure AIDE to Verify Extended Attributes

    By default, the <code>xattrs</code> option is added to the <code>FIPSR</code> ruleset in AIDE. If using a custom ruleset or the <code>xattrs</code> option is missing, add <code>xattrs</code> to the...
    Rule Low Severity
    Show

  • Federal Information Processing Standard (FIPS)

    The Federal Information Processing Standard (FIPS) is a computer security standard which is developed by the U.S. Government and industry working groups to validate the quality of cryptographic mod...
    Group
    Show

  • Verify '/proc/sys/crypto/fips_enabled' exists

    On a system where FIPS 140-2 mode is enabled, <code>/proc/sys/crypto/fips_enabled</code> must exist. To verify FIPS mode, run the following command: <pre>cat /proc/sys/crypto/fips_enabled</pre> ...
    Rule High Severity
    Show

  • Operating System Vendor Support and Certification

    The assurance of a vendor to provide operating system support and maintenance for their product is an important criterion to ensure product stability and security over the life of the product. A ce...
    Group
    Show

  • The Installed Operating System Is Vendor Supported

    The installed operating system must be maintained by a vendor. SUSE Linux Enterprise is supported by SUSE. As the SUSE Linux Enterprise vendor, SUSE is responsible for providing security patches.
    Rule High Severity
    Show

  • Endpoint Protection Software

    Endpoint protection security software that is not provided or supported by Red Hat can be installed to provide complementary or duplicative security capabilities to those provided by the base pla...
    Group
    Show

  • McAfee Endpoint Security Software

    In DoD environments, McAfee Host-based Security System (HBSS) and VirusScan Enterprise for Linux (VSEL) is required to be installed on all systems.
    Group
    Show

  • McAfee Endpoint Security for Linux (ENSL)

    McAfee Endpoint Security for Linux (ENSL) is a suite of software applications used to monitor, detect, and defend computer networks and systems.
    Group
    Show

  • Disk Partitioning

    To ensure separation and protection of data, there are top-level system directories which should be placed on their own physical partition or logical volume. The installer's default partitioning sc...
    Group
    Show

  • Encrypt Partitions

    SUSE Linux Enterprise 15 natively supports partition encryption through the Linux Unified Key Setup-on-disk-format (LUKS) technology. The easiest way to encrypt a partition is during installation t...
    Rule High Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules