I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000031
Group -
The operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image.
A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature ...Rule Medium Severity -
SRG-OS-000032
Group -
The operating system must monitor remote access methods.
Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access man...Rule Medium Severity -
SRG-OS-000033
Group -
The operating system must implement DoD-approved encryption to protect the confidentiality of remote access sessions.
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Remote access is access to DoD nonpublic information s...Rule High Severity -
SRG-OS-000037
Group -
The operating system must produce audit records containing information to establish what type of events occurred.
Without establishing what type of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. Audit record content that may be nec...Rule Medium Severity -
SRG-OS-000038
Group -
The operating system must produce audit records containing information to establish when (date and time) the events occurred.
Without establishing when events occurred, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack. In order to compile an accurate risk assessment a...Rule Medium Severity -
SRG-OS-000039
Group -
The operating system must produce audit records containing information to establish where the events occurred.
Without establishing where events occurred, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack. In order to compile an accurate risk assessment ...Rule Medium Severity -
SRG-OS-000040
Group -
The operating system must produce audit records containing information to establish the source of the events.
Without establishing the source of the event, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack. In addition to logging where events occur with...Rule Medium Severity -
SRG-OS-000041
Group -
The operating system must produce audit records containing information to establish the outcome of the events.
Without information about the outcome of events, security personnel cannot make an accurate assessment as to whether an attack was successful or if changes were made to the security state of the sy...Rule Medium Severity -
SRG-OS-000042
Group -
The operating system must generate audit records containing the full-text recording of privileged commands.
Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information. At a minimum, the organization must audit the full-text recording of privi...Rule Medium Severity -
SRG-OS-000042
Group -
The operating system must produce audit records containing the individual identities of group account users.
Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information. At a minimum, the organization must audit the individual identities of gro...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.