| DISA_STIG_Red_Hat_Enterprise_Linux_9_v2r2.audit from DISA Red Hat Enterprise Linux 9 v2r2 STIG | |
| RHEL-09-211010 - RHEL 9 must be a vendor-supported release. | CONFIGURATION MANAGEMENT |
| RHEL-09-211015 - RHEL 9 vendor packaged system security patches and updates must be installed and up to date. | CONFIGURATION MANAGEMENT |
| RHEL-09-211020 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon. | ACCESS CONTROL |
| RHEL-09-211030 - The graphical display manager must not be the default target on RHEL 9 unless approved. | CONFIGURATION MANAGEMENT |
| RHEL-09-211035 - RHEL 9 must enable the hardware random number generator entropy gatherer service. | CONFIGURATION MANAGEMENT |
| RHEL-09-211040 - RHEL 9 systemd-journald service must be enabled. | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-211045 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-211050 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-211055 - RHEL 9 debug-shell systemd service must be disabled. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-212010 - RHEL 9 must require a boot loader superuser password. | ACCESS CONTROL |
| RHEL-09-212015 - RHEL 9 must disable the ability of systemd to spawn an interactive boot process. | CONFIGURATION MANAGEMENT |
| RHEL-09-212020 - RHEL 9 must require a unique superusers name upon booting into single-user and maintenance modes. | ACCESS CONTROL |
| RHEL-09-212025 - RHEL 9 /boot/grub2/grub.cfg file must be group-owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-09-212030 - RHEL 9 /boot/grub2/grub.cfg file must be owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-09-212035 - RHEL 9 must disable virtual system calls. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-212045 - RHEL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks. | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities. | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-212055 - RHEL 9 must enable auditing of processes that start prior to the audit daemon. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-213010 - RHEL 9 must restrict access to the kernel message buffer. | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users. | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213020 - RHEL 9 must prevent the loading of a new kernel for later execution. | CONFIGURATION MANAGEMENT |
| RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks. | ACCESS CONTROL |
| RHEL-09-213035 - RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks. | ACCESS CONTROL |
| RHEL-09-213040 - RHEL 9 must disable the kernel.core_pattern. | CONFIGURATION MANAGEMENT |
| RHEL-09-213045 - RHEL 9 must be configured to disable the Asynchronous Transfer Mode kernel module. | CONFIGURATION MANAGEMENT |
| RHEL-09-213050 - RHEL 9 must be configured to disable the Controller Area Network kernel module. | CONFIGURATION MANAGEMENT |
| RHEL-09-213055 - RHEL 9 must be configured to disable the FireWire kernel module. | CONFIGURATION MANAGEMENT |
| RHEL-09-213060 - RHEL 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module. | CONFIGURATION MANAGEMENT |
| RHEL-09-213065 - RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module. | CONFIGURATION MANAGEMENT |
| RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution. | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213075 - RHEL 9 must disable access to network bpf system call from nonprivileged processes. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213085 - RHEL 9 must disable core dump backtraces. | CONFIGURATION MANAGEMENT |
| RHEL-09-213090 - RHEL 9 must disable storing core dumps. | CONFIGURATION MANAGEMENT |
| RHEL-09-213095 - RHEL 9 must disable core dumps for all users. | CONFIGURATION MANAGEMENT |
| RHEL-09-213100 - RHEL 9 must disable acquiring, saving, and processing core dumps. | CONFIGURATION MANAGEMENT |
| RHEL-09-213105 - RHEL 9 must disable the use of user namespaces. | CONFIGURATION MANAGEMENT |
| RHEL-09-213110 - RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution. | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213115 - The kdump service on RHEL 9 must be disabled. | CONFIGURATION MANAGEMENT |
| RHEL-09-214010 - RHEL 9 must ensure cryptographic verification of vendor software packages. | CONFIGURATION MANAGEMENT |
| RHEL-09-214015 - RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation. | CONFIGURATION MANAGEMENT |
| RHEL-09-214020 - RHEL 9 must check the GPG signature of locally installed software packages before installation. | CONFIGURATION MANAGEMENT |
| RHEL-09-214025 - RHEL 9 must have GPG signature verification enabled for all software repositories. | CONFIGURATION MANAGEMENT |
| RHEL-09-214030 - RHEL 9 must be configured so that the cryptographic hashes of system files match vendor values. | CONFIGURATION MANAGEMENT |
| RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed. | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-215010 - RHEL 9 subscription-manager package must be installed. | CONFIGURATION MANAGEMENT |
| RHEL-09-215015 - RHEL 9 must not have a File Transfer Protocol (FTP) server package installed. | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
