| 1.1.1/1.1.2 /tmp Partition | ACCESS CONTROL |
| 1.1.3 Set nosuid option for /tmp Partition | ACCESS CONTROL |
| 1.1.4 Set noexec option for /tmp Partition | ACCESS CONTROL |
| 1.1.5 Create Separate Partition for /var | CONFIGURATION MANAGEMENT |
| 1.1.6 Bind Mount the /var/tmp directory to /tmp | CONFIGURATION MANAGEMENT |
| 1.1.7 Create Separate Partition for /var/log | AUDIT AND ACCOUNTABILITY |
| 1.1.8 Create Separate Partition for /var/log/audit | AUDIT AND ACCOUNTABILITY |
| 1.1.9/1.1.10 /home Partition | ACCESS CONTROL |
| 1.1.11 Add nodev Option to Removable Media Partitions | ACCESS CONTROL |
| 1.1.12 Add noexec Option to Removable Media Partitions | ACCESS CONTROL |
| 1.1.13 Add nosuid Option to Removable Media Partitions | ACCESS CONTROL |
| 1.1.14 Add nodev Option to /dev/shm Partition | ACCESS CONTROL |
| 1.1.15 Add nosuid Option to /dev/shm Partition | ACCESS CONTROL |
| 1.1.16 Add noexec Option to /dev/shm Partition | ACCESS CONTROL |
| 1.1.17 Set Sticky Bit on All World-Writable Directories | ACCESS CONTROL |
| 1.2.1 Configure Connection to the RHN RPM Repositories | |
| 1.2.2 Verify Red Hat GPG Key is Installed | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3 Verify that gpgcheck is Globally Activated | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.6 Obtain Software Package Updates with yum | |
| 1.5.1/1.5.2 /etc/grub.conf Permissions and Ownership | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.3 Set Boot Loader Password | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.4 Require Authentication for Single-User Mode | ACCESS CONTROL |
| 1.5.5 Disable Interactive Boot | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1 Restrict Core Dumps '/etc/security/limits.conf - * hard core 0' | ACCESS CONTROL |
| 1.6.1 Restrict Core Dumps '/etc/sysctl.conf - fs.suid_dumpable = 0' | ACCESS CONTROL |
| 1.6.2 Configure ExecShield 'kernel.exec-shield = 1' | CONFIGURATION MANAGEMENT |
| 1.6.3 Enable Randomized Virtual Memory Region Placement 'kernel.randomize_va_space = 2' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.4 Enable XD/NX Support on 32-bit x86 Systems 'cpuinfo' | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.4 Enable XD/NX Support on 32-bit x86 Systems 'kernel-PAE' | CONFIGURATION MANAGEMENT |
| 1.6.5 Disable Prelink 'PRELINKING=no' | CONFIGURATION MANAGEMENT |
| 1.7 Use the Latest OS Release | CONFIGURATION MANAGEMENT |
| 2.1.1 Remove telnet-server | CONFIGURATION MANAGEMENT |
| 2.1.2 Remove telnet Clients | CONFIGURATION MANAGEMENT |
| 2.1.3 Remove rsh-server | CONFIGURATION MANAGEMENT |
| 2.1.4 Remove rsh | CONFIGURATION MANAGEMENT |
| 2.1.5 Remove NIS Client | CONFIGURATION MANAGEMENT |
| 2.1.6 Remove NIS Server | CONFIGURATION MANAGEMENT |
| 2.1.7 Remove tftp | CONFIGURATION MANAGEMENT |
| 2.1.8 Remove tftp-server | CONFIGURATION MANAGEMENT |
| 2.1.9 Remove talk | CONFIGURATION MANAGEMENT |
| 2.1.10 Remove talk-server | CONFIGURATION MANAGEMENT |
| 2.1.12 Disable chargen-dgram | CONFIGURATION MANAGEMENT |
| 2.1.13 Disable chargen-stream | CONFIGURATION MANAGEMENT |
| 2.1.14 Disable daytime-dgram | CONFIGURATION MANAGEMENT |
| 2.1.15 Disable daytime-stream | CONFIGURATION MANAGEMENT |
| 2.1.16 Disable echo-dgram | CONFIGURATION MANAGEMENT |
| 2.1.17 Disable echo-stream | CONFIGURATION MANAGEMENT |
| 2.1.18 Disable tcpmux-server | CONFIGURATION MANAGEMENT |
| 3.1.1 Disable Avahi Server | CONFIGURATION MANAGEMENT |
| 3.1.2 Service Only via Required Protocol 'IPv4-only - use-ipv6=no' | CONFIGURATION MANAGEMENT |
