Skip to content
Log In

DISA STIG for SUSE Linux Enterprise 15

Rules and Groups employed by this XCCDF Profile

  • Use Only FIPS 140-2 Validated MACs

    Limit the MACs to those hash algorithms which are FIPS-approved. The following line in <code>/etc/ssh/sshd_config</code> demonstrates use of FIPS-approved MACs: <pre>MACs hmac-sha2-512,hmac-sha2-25...
    Rule Medium Severity
    Show

  • System Security Services Daemon

    The System Security Services Daemon (SSSD) is a system daemon that provides access to different identity and authentication providers such as Red Hat's IdM, Microsoft's AD, openLDAP, MIT Kerberos, ...
    Group
    Show

  • Configure SSSD's Memory Cache to Expire

    SSSD's memory cache should be configured to set to expire records after <code><xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_sssd_memcache_timeout" use="legacy"></xccdf-1.2:sub></code...
    Rule Medium Severity
    Show

  • Configure SSSD to Expire Offline Credentials

    SSSD should be configured to expire offline credentials after 1 day. To configure SSSD to expire offline credentials, set <code>offline_credentials_expiration</code> to <code>1</code> under the <c...
    Rule Medium Severity
    Show

  • Configure Systemd Timer Execution of AIDE

    At a minimum, AIDE should be configured to run a weekly scan. To implement a systemd service and a timer unit to run the service periodically: For example, if a systemd timer is expected to be star...
    Rule Medium Severity
    Show

  • Configure Periodic Execution of AIDE

    At a minimum, AIDE should be configured to run a weekly scan. To implement a daily execution of AIDE at 4:05am using cron, add the following line to <code>/etc/crontab</code>: <pre>05 4 * * * root ...
    Rule Medium Severity
    Show

  • Ensure McAfee Endpoint Security for Linux (ENSL) is running

    Install McAfee Endpoint Security for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem.
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules