Skip to content

II - Mission Support Public

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000120-GPOS-00061

    <GroupDescription></GroupDescription>
    Group
  • AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

    &lt;VulnDiscussion&gt;FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules utilize authentication...
    Rule Medium Severity
  • SRG-OS-000069-GPOS-00037

    <GroupDescription></GroupDescription>
    Group
  • AIX must enforce password complexity by requiring that at least one upper-case character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule High Severity
  • SRG-OS-000070-GPOS-00038

    <GroupDescription></GroupDescription>
    Group
  • AIX must enforce password complexity by requiring that at least one lower-case character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule High Severity
  • SRG-OS-000071-GPOS-00039

    <GroupDescription></GroupDescription>
    Group
  • AIX must enforce password complexity by requiring that at least one numeric character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule High Severity
  • SRG-OS-000072-GPOS-00040

    <GroupDescription></GroupDescription>
    Group
  • AIX must require the change of at least 50% of the total number of characters when passwords are changed.

    &lt;VulnDiscussion&gt;If the operating system allows the user to consecutively reuse extensive portions of passwords, this increases the chances of...
    Rule High Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules