Jul 2, 2021 Miscellaneous- Audit deprecated.
- Metadata updated.
- References updated.
|
Jun 17, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Oct 20, 2020 Functional Update- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)
- 4.1.11 Ensure events that modify user/group information are collected - '/etc/group'
- 4.1.11 Ensure events that modify user/group information are collected - '/etc/gshadow'
- 4.1.11 Ensure events that modify user/group information are collected - '/etc/passwd'
- 4.1.11 Ensure events that modify user/group information are collected - '/etc/security/opasswd'
- 4.1.11 Ensure events that modify user/group information are collected - '/etc/shadow'
- 4.1.12 Ensure successful file system mounts are collected
- 4.1.12 Ensure successful file system mounts are collected - b64
- 4.1.14 Ensure file deletion events by users are collected - x64
- 4.1.14 Ensure file deletion events by users are collected - x86
- 4.1.15 Ensure kernel module loading and unloading is collected - insmod
- 4.1.15 Ensure kernel module loading and unloading is collected - modprobe
- 4.1.15 Ensure kernel module loading and unloading is collected - modules
- 4.1.15 Ensure kernel module loading and unloading is collected - rmmod
- 4.1.16 Ensure system administrator actions (sudolog) are collected - actions
- 4.1.17 Ensure the audit configuration is immutable
- 4.1.3 Ensure changes to system administration scope (sudoers) is collected - sudoers
- 4.1.3 Ensure changes to system administration scope (sudoers) is collected - sudoers.d
- 4.1.4 Ensure login and logout events are collected - /var/log/faillog
- 4.1.4 Ensure login and logout events are collected - /var/log/lastlog
- 4.1.5 Ensure session initiation information is collected - btmp
- 4.1.5 Ensure session initiation information is collected - utmp
- 4.1.5 Ensure session initiation information is collected - wtmp
- 4.1.6 Ensure events that modify date and time information are collected - /etc/localtime
- 4.1.6 Ensure events that modify date and time information are collected - adjtimex
- 4.1.6 Ensure events that modify date and time information are collected - adjtimex x64
- 4.1.6 Ensure events that modify date and time information are collected - clock_settime
- 4.1.6 Ensure events that modify date and time information are collected - clock_settime x64
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - *.rules /etc/selinux/
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - *.rules /usr/share/selinux/
- 4.1.8 Ensure events that modify the system's network environment are collected - /etc/hosts
- 4.1.8 Ensure events that modify the system's network environment are collected - /etc/sysconfig/network
- 4.1.8 Ensure events that modify the system's network environment are collected - issue
- 4.1.8 Ensure events that modify the system's network environment are collected - issue.net
- 4.1.8 Ensure events that modify the system's network environment are collected - sethostname (32-bit)
- 4.1.8 Ensure events that modify the system's network environment are collected - sethostname (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr
- 4.1.9 Ensure discretionary access control permission modification events are collected - xattr (64-bit)
|
Oct 5, 2020 Functional Update- 1.1.1.2 Ensure mounting of vFAT filesystems is limited - lsmod
- 1.1.1.2 Ensure mounting of vFAT filesystems is limited - modprobe
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - *.rules /etc/selinux/
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - *.rules /usr/share/selinux/
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/
|
Sep 29, 2020 |
Jul 14, 2020 |
Jun 29, 2020 Functional Update- 4.1.13 Ensure use of privileged commands is collected
Informational Update- 4.1.13 Ensure use of privileged commands is collected
Added- 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration
Removed- 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - enforcing = 0
- 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux = 0
|
Apr 17, 2020 |
Feb 25, 2020 |
