Skip to content
ATO Pathways
  Log In

Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide (STIG) V2R1

Rules and Groups employed by this XCCDF Profile

  • Transport Layer Security Support

    Support for Transport Layer Security (TLS), and its predecessor, the Secure Sockets Layer (SSL), is included in Red Hat Enterprise Linux in the Ope...
    Group
    Show

  • Only Allow DoD PKI-established CAs

    The operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sess...
    Rule Medium Severity
    Show

  • File Permissions and Masks

    Traditional Unix security relies heavily on file and directory permissions to prevent unauthorized users from reading or modifying files to which t...
    Group
    Show

  • Verify Permissions on Important Files and Directories

    Permissions for many files on a system must be set restrictively to ensure sensitive information is properly protected. This section discusses impo...
    Group
    Show

  • Verify that All World-Writable Directories Have Sticky Bits Set

    When the so-called 'sticky bit' is set on a directory, only the owner of a given file may remove that file from the directory. Without the sticky b...
    Rule Medium Severity
    Show

  • Verify Permissions on /etc/audit/auditd.conf

    To properly set the permissions of /etc/audit/auditd.conf, run the command: 
    $ sudo chmod 0640 /etc/audit/auditd.conf
    Rule Medium Severity
    Show

  • Verify Permissions on /etc/audit/rules.d/*.rules

    To properly set the permissions of <code>/etc/audit/rules.d/*.rules</code>, run the command: <pre>$ sudo chmod 0640 /etc/audit/rules.d/*.rules</pr...
    Rule Medium Severity
    Show

  • Verify permissions of log files

    Any operating system providing too much information in error messages risks compromising the data and security of the structure, and content of err...
    Rule Medium Severity
    Show

  • Verify Permissions on Files within /var/log Directory

    The /var/log directory contains files with logs of error messages in the system and should only be accessed by authorized personnel.
    Group
    Show

  • Verify Group Who Owns /var/log Directory

    To properly set the group owner of /var/log, run the command: 
    $ sudo chgrp syslog /var/log
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules