Aug 7, 2024 Functional Update- 4.1.2.4 Ensure system notification is sent out when volume is 75% full - SA and Information System Security Officer ISSO, at a minimum, when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.
|
Jun 17, 2024 |
Jun 14, 2024 Functional Update- 6.1.1 Audit system file permissions
- 6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values
|
Oct 3, 2023 Functional Update- 1.11 Ensure anti-virus is installed and running
|
Sep 19, 2023 Functional Update- 1.1.26 Ensure all world-writable directories are group-owned.
- 1.4.4 Ensure boot loader does not allow removable media
- 1.6.1.10 Ensure system device files are labeled - device_t
- 1.6.1.10 Ensure system device files are labeled - unlabeled_t
- 5.3.36 Ensure no '.shosts' files exist on the system - .shosts files exist on the system
- 5.3.37 Ensure no 'shosts.equiv' files exist on the system - shosts.equiv files exist on the system
- 6.1.10 Ensure no world writable files exist
- 6.1.11 Ensure no unowned files or directories exist
- 6.1.12 Ensure no ungrouped files or directories exist
- 6.1.16 Ensure all world-writable directories are owned by root, sys, bin, or an application User Identifier
- 6.2.20 Ensure that all files and directories contained in local interactive user home directories are owned by the user
- 6.2.21 Ensure local interactive user is a member of the group owner.
- 6.2.22 Ensure users' files and directories within the home directory permissions are 750 or more restrictive
Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
Jul 20, 2023 Functional Update- 6.2.12 Ensure users own their home directories
|
May 19, 2023 Functional Update- 1.8.18 Ensure graphical user interface automounter is disabled - automount
- 1.8.18 Ensure graphical user interface automounter is disabled - automount-open
- 1.8.18 Ensure graphical user interface automounter is disabled - automount=false
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=true
|
Apr 12, 2023 Functional Update- 5.4.1 Ensure password creation requirements are configured - dcredit
- 5.4.1 Ensure password creation requirements are configured - lcredit
- 5.4.1 Ensure password creation requirements are configured - ocredit
- 5.4.1 Ensure password creation requirements are configured - ucredit
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - difok
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxclassrepeat
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxrepeat
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - minclass
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - minlen
- 5.5.1.10 Ensure delay between logon prompts on failure
- 5.5.1.2 Ensure minimum days between password changes is configured - login.defs
- 5.5.1.6 Ensure shadow file is configured to use only encrypted representations of passwords
- 5.5.1.7 Ensure password expiration is 60 Day maximum for new users
- 5.5.10 Ensure upon user creation a home directory is assigned.
- 5.5.8 Ensure Default user umask is 077
Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Apr 3, 2023 Functional Update- 1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers account
- 1.8.18 Ensure graphical user interface automounter is disabled - automount
- 1.8.18 Ensure graphical user interface automounter is disabled - automount-open
- 1.8.18 Ensure graphical user interface automounter is disabled - automount-open=false
- 1.8.18 Ensure graphical user interface automounter is disabled - automount=false
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=true
- 6.2.13 Ensure users' home directories permissions are 750 or more restrictive
|
Mar 20, 2023 Functional Update- 5.3.10 Ensure SSH IgnoreRhosts is enabled
|
