III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000720
Group -
The operating system must for password-based authentication, require immediate selection of a new password upon account recovery.
Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter pass...Rule Medium Severity -
SRG-OS-000725
Group -
The operating system must for password-based authentication, allow user selection of long passwords and passphrases, including spaces and all printable characters.
Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter pass...Rule Medium Severity -
SRG-OS-000730
Group -
The operating system must, for password-based authentication, employ automated tools to assist the user in selecting strong password authenticators.
Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter pass...Rule Medium Severity -
SRG-OS-000745
Group -
The operating system must accept only external credentials that are NIST-compliant.
Acceptance of only NIST-compliant external authenticators applies to organizational systems that are accessible to the public (e.g., public-facing websites). External authenticators are issued by n...Rule Medium Severity -
SRG-OS-000755
Group -
The operating system must monitor the use of maintenance tools that execute with increased privilege.
Maintenance tools that execute with increased system privilege can result in unauthorized access to organizational information and assets that would otherwise be inaccessible.Rule Medium Severity -
SRG-OS-000775
Group -
The operating system must include only approved trust anchors in trust stores or certificate stores managed by the organization.
Public key infrastructure (PKI) certificates are certificates with visibility external to organizational systems and certificates related to the internal operations of systems, such as application-...Rule Medium Severity -
SRG-OS-000780
Group -
The operating system must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.Rule Medium Severity -
SRG-OS-000785
Group -
The operating system must synchronize system clocks within and between systems or system components.
Time synchronization of system clocks is essential for the correct execution of many system services, including identification and authentication processes that involve certificates and time-of-day...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.