II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000032-GPOS-00013
Group -
NixOS must monitor remote access methods.
Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access man...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
NixOS must implement DOD-approved encryption to protect the confidentiality of remote access sessions.
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Remote access is access to DOD nonpublic information ...Rule High Severity -
SRG-OS-000037-GPOS-00015
Group -
The NixOS audit package must be installed.
Without establishing what type of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. Audit record content that may be nec...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
NixOS must generate audit records for all usage of privileged commands.
Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information. At a minimum, the organization must audit the full-text recording of privi...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
NixOS must enable auditing of processes that start prior to the audit daemon.
Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. If auditi...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules