III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000096-GPOS-00050
<GroupDescription></GroupDescription>Group -
The Photon operating system must disable the loading of unnecessary kernel modules.
<VulnDiscussion>To support the requirements and principles of least functionality, the operating system must provide only essential capabilit...Rule Medium Severity -
SRG-OS-000104-GPOS-00051
<GroupDescription></GroupDescription>Group -
The Photon operating system must not have duplicate User IDs (UIDs).
<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational users must be uniquely identified and authenticat...Rule Medium Severity -
SRG-OS-000118-GPOS-00060
<GroupDescription></GroupDescription>Group -
The Photon operating system must disable new accounts immediately upon password expiration.
<VulnDiscussion>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potenti...Rule Medium Severity -
SRG-OS-000142-GPOS-00071
<GroupDescription></GroupDescription>Group -
The Photon operating system must use Transmission Control Protocol (TCP) syncookies.
<VulnDiscussion>A TCP SYN flood attack can cause a denial of service by filling a system's TCP connection table with connections in the SYN_R...Rule Medium Severity -
SRG-OS-000163-GPOS-00072
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to disconnect idle Secure Shell (SSH) sessions.
<VulnDiscussion>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take c...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.