Revision 1.5Sep 30, 2022
Functional Update
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit)
- 4.1.12 Ensure successful file system mounts are collected - 32-bit
- 4.1.12 Ensure successful file system mounts are collected - 64-bit
- 4.1.12 Ensure successful file system mounts are collected - auditctl (32-bit)
- 4.1.12 Ensure successful file system mounts are collected - auditctl (64-bit)
- 4.1.13 Ensure file deletion events by users are collected - 32-bit
- 4.1.13 Ensure file deletion events by users are collected - 64-bit
- 4.1.13 Ensure file deletion events by users are collected - auditctl (32-bit)
- 4.1.13 Ensure file deletion events by users are collected - auditctl (64-bit)
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b32
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b32 auditctl
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b64
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b64 auditctl
- 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)
- 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)
- 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit)
- 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - adjtimex (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - adjtimex (64-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex (64-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime (64-bit)
- 4.1.3 Ensure events that modify date and time information are collected - clock_settime (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - clock_settime (64-bit)
- 4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (32-bit)
- 4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)
- 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (32-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl setxattr/lsetxattr/fsetxattr/removexattr
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl xattr (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr
- 4.1.9 Ensure discretionary access control permission modification events are collected - xattr (64-bit)