Skip to content

II - Mission Support Public

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000479-GPOS-00224

    <GroupDescription></GroupDescription>
    Group
  • The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system in real time, if the system is interconnected.

    &lt;VulnDiscussion&gt;Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common...
    Rule Low Severity
  • SRG-OS-000479-GPOS-00224

    <GroupDescription></GroupDescription>
    Group
  • The Ubuntu operating system must have a crontab script running weekly to off-load audit events of standalone systems.

    &lt;VulnDiscussion&gt;Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common...
    Rule Low Severity
  • SRG-OS-000366-GPOS-00153

    <GroupDescription></GroupDescription>
    Group
  • Advance package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization.

    &lt;VulnDiscussion&gt;Changes to any software components can have significant effects on the overall security of the Ubuntu operating system. This ...
    Rule Medium Severity
  • SRG-OS-000437-GPOS-00194

    <GroupDescription></GroupDescription>
    Group
  • The Ubuntu operating system must be configured so that Advance package Tool (APT) removes all software components after updated versions have been installed.

    &lt;VulnDiscussion&gt;Previous versions of software components that are not removed from the information system after updates have been installed m...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • The Ubuntu operating system must not have the Network Information Service (NIS) package installed.

    &lt;VulnDiscussion&gt;Removing the Network Information Service (NIS) package decreases the risk of the accidental (or intentional) activation of NI...
    Rule High Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules