II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000383-GPOS-00166
Group -
NixOS must prohibit the use of cached authenticators after one day.
If cached authentication information is out-of-date, the validity of the authentication information may be questionable.Rule Medium Severity -
SRG-OS-000384-GPOS-00167
Group -
For PKI-based authentication, NixOS must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.
Without configuring a local cache of revocation data, there is the potential to allow access to users who are no longer authorized (users with revoked certificates).Rule Medium Severity -
SRG-OS-000439-GPOS-00195
Group -
NixOS must run a supported release of the operating system.
Security flaws with operating systems are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (includin...Rule Medium Severity -
SRG-OS-000480-GPOS-00228
Group -
NixOS must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
Setting the most restrictive default permissions ensures that when new accounts are created they do not have unnecessary access.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.