Skip to content

II - Mission Support Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • TOSS must restrict exposed kernel pointer addresses access.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • TOSS must restrict privilege elevation to authorized personnel.

    &lt;VulnDiscussion&gt;The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their pa...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • TOSS must use reverse path filtering on all IPv4 interfaces.

    &lt;VulnDiscussion&gt;It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • TOSS network interfaces must not be in promiscuous mode.

    &lt;VulnDiscussion&gt;Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized in...
    Rule Medium Severity
  • SRG-OS-000312-GPOS-00122

    <GroupDescription></GroupDescription>
    Group
  • TOSS must enable kernel parameters to enforce discretionary access control on symlinks.

    &lt;VulnDiscussion&gt;Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have di...
    Rule Medium Severity
  • SRG-OS-000312-GPOS-00122

    <GroupDescription></GroupDescription>
    Group
  • TOSS must enable kernel parameters to enforce discretionary access control on hardlinks.

    &lt;VulnDiscussion&gt;Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have di...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules