Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000383-GPOS-00166

    <GroupDescription></GroupDescription>
    Group
  • If Network Security Services (NSS) is being used by SLEM 5 it must prohibit the use of cached authentications after one day.

    &lt;VulnDiscussion&gt;If cached authentication information is out of date, the validity of the authentication information may be questionable.&lt;/...
    Rule Medium Severity
  • SRG-OS-000383-GPOS-00166

    <GroupDescription></GroupDescription>
    Group
  • SLEM 5 must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use of cached offline authentications after one day.

    &lt;VulnDiscussion&gt;If cached authentication information is out of date, the validity of the authentication information may be questionable.&lt;/...
    Rule Medium Severity
  • SRG-OS-000066-GPOS-00034

    <GroupDescription></GroupDescription>
    Group
  • SLEM 5, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.

    &lt;VulnDiscussion&gt;Without path validation, an informed trust decision by the relying party cannot be made when presented with any certificate n...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • SLEM 5 must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes.

    &lt;VulnDiscussion&gt;The "pam-config" command line utility automatically generates a system PAM configuration as packages are installed, updated, ...
    Rule Medium Severity
  • SRG-OS-000363-GPOS-00150

    <GroupDescription></GroupDescription>
    Group
  • SLEM 5 must use a file integrity tool to verify correct operation of all security functions.

    &lt;VulnDiscussion&gt;Without verification of the security functions, security functions may not operate correctly, and the failure may go unnotice...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules