III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000324-GPOS-00125
<GroupDescription></GroupDescription>Group -
The Photon operating system must enable symlink access control protection in the kernel.
<VulnDiscussion>By enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a stick...Rule High Severity -
SRG-OS-000327-GPOS-00127
<GroupDescription></GroupDescription>Group -
The Photon operating system must audit the execution of privileged functions.
<VulnDiscussion>Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external enti...Rule Medium Severity -
SRG-OS-000329-GPOS-00128
<GroupDescription></GroupDescription>Group -
The Photon operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts in 15 minutes occur.
<VulnDiscussion>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise...Rule Medium Severity -
SRG-OS-000341-GPOS-00132
<GroupDescription></GroupDescription>Group -
The Photon operating system must allocate audit record storage capacity to store audit records when audit records are not immediately sent to a central audit record storage facility.
<VulnDiscussion>Audit logs are most useful when accessible by date, rather than size. This can be accomplished through a combination of an au...Rule Low Severity -
SRG-OS-000343-GPOS-00134
<GroupDescription></GroupDescription>Group -
The Photon operating system must immediately notify the SA and ISSO when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
<VulnDiscussion>If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to pla...Rule Low Severity -
SRG-OS-000366-GPOS-00153
<GroupDescription></GroupDescription>Group -
The Photon operating system TDNF package management tool must cryptographically verify the authenticity of all software packages during installation.
<VulnDiscussion>Installation of any nontrusted software, patches, service packs, device drivers, or operating system components can significa...Rule High Severity -
SRG-OS-000373-GPOS-00156
<GroupDescription></GroupDescription>Group -
The Photon operating system must require users to reauthenticate for privilege escalation.
<VulnDiscussion>Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operat...Rule Medium Severity -
SRG-OS-000433-GPOS-00193
<GroupDescription></GroupDescription>Group -
The Photon operating system must implement address space layout randomization to protect its memory from unauthorized code execution.
<VulnDiscussion>Some adversaries launch attacks with the intent of executing code in nonexecutable regions of memory or in memory locations t...Rule Medium Severity -
SRG-OS-000437-GPOS-00194
<GroupDescription></GroupDescription>Group -
The Photon operating system must remove all software components after updated versions have been installed.
<VulnDiscussion>Previous versions of software components that are not removed from the information system after updates have been installed m...Rule Medium Severity -
SRG-OS-000470-GPOS-00214
<GroupDescription></GroupDescription>Group -
The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur.
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficu...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.