III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000360
Group -
The operating system must enforce dual authorization for movement and/or deletion of all audit information, when such movement or deletion is not part of an authorized automatic process.
An authorized user may intentionally or accidentally move or delete audit records without those specific actions being authorized. All bulk manipulation of audit information must be authorized via...Rule Medium Severity -
SRG-OS-000362
Group -
The operating system must prohibit user installation of system software without explicit privileged status.
Allowing regular users to install software, without explicit privileges, creates the risk that untested or potentially malicious software will be installed on the system. Explicit privileges (escal...Rule Medium Severity -
SRG-OS-000363
Group -
The operating system must notify designated personnel if baseline configurations are changed in an unauthorized manner.
Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configuratio...Rule Medium Severity -
SRG-OS-000364
Group -
The operating system must enforce access restrictions.
Failure to provide logical access restrictions associated with changes to system configuration may have significant effects on the overall security of the system. When dealing with access restrict...Rule Medium Severity -
SRG-OS-000365
Group -
The operating system must audit the enforcement actions used to restrict access associated with changes to the system.
Without auditing the enforcement of access restrictions against changes to the application configuration, it will be difficult to identify attempted attacks and an audit trail will not be available...Rule Medium Severity -
SRG-OS-000366
Group -
The operating system must prevent the installation of patches, service packs, device drivers, or operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization.
Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has bee...Rule High Severity -
SRG-OS-000368
Group -
The operating system must prevent program execution in accordance with local policies regarding software program usage and restrictions and/or rules authorizing the terms and conditions of software program usage.
Control of program execution is a mechanism used to prevent execution of unauthorized programs. Some operating systems may provide a capability that runs counter to the mission or provides users wi...Rule Medium Severity -
SRG-OS-000370
Group -
The operating system must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs.
Utilizing a whitelist provides a configuration management method for allowing the execution of only authorized software. Using only authorized software decreases risk by limiting the number of pote...Rule Medium Severity -
SRG-OS-000373
Group -
The operating system must require users to reauthenticate for privilege escalation.
Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, ...Rule Medium Severity -
SRG-OS-000373
Group -
The operating system must require users to reauthenticate when changing roles.
Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to change security roles, it is criti...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.