Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must not have the rsh-server package installed.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule High Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must cover or disable the built-in or attached camera when not in use.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Low Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must disable the controller area network (CAN) protocol.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Low Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must disable the stream control transmission protocol (SCTP).

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Low Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Low Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must disable mounting of cramfs.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Low Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must disable IEEE 1394 (FireWire) Support.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Low Severity
  • SRG-OS-000096-GPOS-00050

    <GroupDescription></GroupDescription>
    Group
  • RHEL 8 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments.

    &lt;VulnDiscussion&gt;To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embeddi...
    Rule Medium Severity
  • SRG-OS-000114-GPOS-00059

    <GroupDescription></GroupDescription>
    Group
  • The RHEL 8 file system automounter must be disabled unless required.

    &lt;VulnDiscussion&gt;Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.&lt...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules