Standard System Security Profile for Alibaba Cloud Linux 2
Rules and Groups employed by this XCCDF Profile
-
Configure OpenLDAP Clients
This section provides information on which security settings are important to configure in OpenLDAP clients by manually editing the appropriate configuration files. Alibaba Cloud Linux 2 provides ...Group -
Ensure LDAP client is not installed
The Lightweight Directory Access Protocol (LDAP) is a service that provides a method for looking up information from a central database. The <code>openldap-clients</code> package can be removed wit...Rule Low Severity -
Network Time Protocol
The Network Time Protocol is used to manage the system clock over a network. Computer clocks are not very accurate, so time will drift unpredictably on unmanaged systems. Central time protocols can...Group -
Enable the NTP Daemon
Run the following command to determine the current status of the <code>chronyd</code> service: <pre>$ sudo systemctl is-active chronyd</pre> If the service is running, it should return the follo...Rule Medium Severity -
Specify a Remote NTP Server
Depending on specific functional requirements of a concrete production environment, the Alibaba Cloud Linux 2 system can be configured to utilize the services of the <code>chronyd</code> NTP daemon...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules