III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
TOSS audit log directory must be owned by user root to prevent unauthorized read access.
<VulnDiscussion>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confide...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
TOSS audit log directory must be owned by group root to prevent unauthorized read access.
<VulnDiscussion>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confide...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
The TOSS audit system must protect auditing rules from unauthorized change.
<VulnDiscussion>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confide...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
The TOSS audit system must protect logon UIDs from unauthorized change.
<VulnDiscussion>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confide...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
<GroupDescription></GroupDescription>Group -
Successful/unsuccessful uses of the "chage" command in TOSS must generate an audit record.
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficu...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
<GroupDescription></GroupDescription>Group -
Successful/unsuccessful uses of the "chcon" command in TOSS must generate an audit record.
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficu...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
<GroupDescription></GroupDescription>Group -
Successful/unsuccessful uses of the ssh-agent in TOSS must generate an audit record.
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficu...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
<GroupDescription></GroupDescription>Group -
Successful/unsuccessful uses of the "passwd" command in TOSS must generate an audit record.
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficu...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
<GroupDescription></GroupDescription>Group -
Successful/unsuccessful uses of postdrop in TOSS must generate an audit record.
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficu...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
<GroupDescription></GroupDescription>Group -
Successful/unsuccessful uses of postqueue in TOSS must generate an audit record.
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficu...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.