III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000480-GPOS-00227
Group -
The Photon operating system must be configured to protect the Secure Shell (SSH) private host key from unauthorized access.
If an unauthorized user obtains the private SSH host key file, the host could be impersonated.Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The Photon operating system must enforce password complexity on the root account.
Password complexity rules must apply to all accounts on the system, including root. Without specifying the enforce_for_root flag, pam_pwquality does not apply complexity rules to the root user. Whi...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The Photon operating system must disable systemd fallback DNS.
Systemd contains an ability to set fallback DNS servers, which is used for DNS lookups in the event no system level DNS servers are configured or other DNS servers are specified in the Systemd reso...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The Photon operating system must generate audit records for all access and modifications to the opasswd file.
Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.Rule Medium Severity -
SRG-OS-000250-GPOS-00093
Group -
The Photon operating system must implement only approved Message Authentication Codes (MACs) to protect the integrity of remote access sessions.
Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DOD nonpublic information systems by an auth...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.