III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000468-GPOS-00212
Group -
Successful/unsuccessful uses of the fremovexattr system call in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000468-GPOS-00212
Group -
Successful/unsuccessful uses of the "lremovexattr" system call in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000468-GPOS-00212
Group -
Successful/unsuccessful uses of the "removexattr" system call in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000470-GPOS-00214
Group -
Successful/unsuccessful modifications to the "lastlog" file in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of "semanage" in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of the "gpasswd" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of the "mount" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of the "mount" syscall in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of the "su" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of the "umount" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of the "unix_update" in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of the "usermod" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of "unix_chkpwd" in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
Successful/unsuccessful uses of "userhelper" in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00216
Group -
Successful/unsuccessful uses of the "kmod" command in TOSS must generate an audit record.
"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an i...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The auditd service must be running in TOSS.
Configuring TOSS to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across th...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The TOSS audit system must audit local events.
Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events ...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
TOSS must resolve audit information before writing to disk.
Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events ...Rule Low Severity -
SRG-OS-000480-GPOS-00227
Group -
TOSS must have the packages required for offloading audit logs installed.
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity. TOS...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
TOSS must have the packages required for encrypting offloaded audit logs installed.
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity. TOS...Rule Medium Severity -
SRG-OS-000032-GPOS-00013
Group -
TOSS must monitor remote access methods.
Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access man...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
TOSS must force a frequent session key renegotiation for SSH connections by the client.
Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. This requirem...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
TOSS must force a frequent session key renegotiation for SSH connections to the server.
Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. This requirem...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
TOSS must implement NIST FIPS-validated cryptography for the following: to provision digital signatures; to generate cryptographic hashes; and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules adhering to the higher stand...Rule High Severity -
SRG-OS-000069-GPOS-00037
Group -
TOSS must enforce password complexity by requiring that at least one uppercase character be used.
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.