II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000032-GPOS-00013
Group -
NixOS must monitor remote access methods.
Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access man...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
NixOS must implement DOD-approved encryption to protect the confidentiality of remote access sessions.
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Remote access is access to DOD nonpublic information ...Rule High Severity -
SRG-OS-000037-GPOS-00015
Group -
The NixOS audit package must be installed.
Without establishing what type of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. Audit record content that may be nec...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
NixOS must generate audit records for all usage of privileged commands.
Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information. At a minimum, the organization must audit the full-text recording of privi...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
NixOS must enable auditing of processes that start prior to the audit daemon.
Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. If auditi...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
NixOS must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.
Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. If auditi...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Successful/unsuccessful uses of the mount syscall in NixOS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in NixOS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Successful/unsuccessful uses of the init_module, finit_module, and delete_module system calls in NixOS must generate an audit record.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
NixOS must generate an audit record for successful/unsuccessful modifications to the cron configuration.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.