III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000057-GPOS-00027
Group -
TOSS audit log directory must be owned by user root to prevent unauthorized read access.
Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit recor...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
TOSS audit log directory must be owned by group root to prevent unauthorized read access.
Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit recor...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
The TOSS audit system must protect auditing rules from unauthorized change.
Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit recor...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
The TOSS audit system must protect logon UIDs from unauthorized change.
Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit recor...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
Group -
Successful/unsuccessful uses of the "chage" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
Group -
Successful/unsuccessful uses of the "chcon" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
Group -
Successful/unsuccessful uses of the ssh-agent in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
Group -
Successful/unsuccessful uses of the "passwd" command in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
Group -
Successful/unsuccessful uses of postdrop in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
Group -
Successful/unsuccessful uses of postqueue in TOSS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.