III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000109-GPOS-00056
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must prevent direct login into the root account.
<VulnDiscussion>To assure individual accountability and prevent unauthorized access, organizational users must be individually identified and...Rule Medium Severity -
SRG-OS-000134-GPOS-00068
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must be configured so that only users who need access to security functions are part of the sudo group.
<VulnDiscussion>An isolation boundary provides access control and protects the integrity of the hardware, software, and firmware that perform...Rule High Severity -
SRG-OS-000228-GPOS-00088
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting any publically accessible connection to the system.
<VulnDiscussion>Display of a standardized and approved use notification before granting access to the Ubuntu operating system ensures privacy...Rule Medium Severity -
SRG-OS-000069-GPOS-00037
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used.
<VulnDiscussion>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...Rule Low Severity -
SRG-OS-000070-GPOS-00038
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must enforce password complexity by requiring that at least one lower-case character be used.
<VulnDiscussion>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...Rule Low Severity -
SRG-OS-000071-GPOS-00039
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must enforce password complexity by requiring that at least one numeric character be used.
<VulnDiscussion>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...Rule Low Severity -
SRG-OS-000072-GPOS-00040
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must require the change of at least 8 characters when passwords are changed.
<VulnDiscussion>If the Ubuntu operating system allows the user to consecutively reuse extensive portions of passwords, this increases the cha...Rule Low Severity -
SRG-OS-000073-GPOS-00041
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
<VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are...Rule Medium Severity -
SRG-OS-000074-GPOS-00042
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must not have the telnet package installed.
<VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are...Rule High Severity -
SRG-OS-000075-GPOS-00043
<GroupDescription></GroupDescription>Group -
The Ubuntu operating system must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.
<VulnDiscussion>Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enfo...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.