DISA STIG Ubuntu 18.04 LTS v2r4

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Ubuntu 18.04 LTS v2r4

Updated: 6/10/2022

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.4

Estimated Item Count: 428

Audit Items

Description	Categories
DISA_STIG_Ubuntu_18.04_LTS_v2r4.audit from DISA Canonical Ubuntu 18.04 LTS v2r4 STIG
UBTU-18-010000 - Ubuntu operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.	SYSTEM AND INFORMATION INTEGRITY
UBTU-18-010001 - Ubuntu operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.	SYSTEM AND INFORMATION INTEGRITY
UBTU-18-010002 - The Ubuntu operating system must initiate session audits at system startup.	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
UBTU-18-010003 - Ubuntu operating systems handling data requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.	SYSTEM AND COMMUNICATIONS PROTECTION
UBTU-18-010005 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.	SYSTEM AND COMMUNICATIONS PROTECTION
UBTU-18-010006 - The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity - action_mail_acct	AUDIT AND ACCOUNTABILITY
UBTU-18-010006 - The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity - space_left	AUDIT AND ACCOUNTABILITY
UBTU-18-010006 - The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity - space_left_action	AUDIT AND ACCOUNTABILITY
UBTU-18-010006 - The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity - space_left_action syslog	AUDIT AND ACCOUNTABILITY
UBTU-18-010007 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system in real time, if the system is interconnected - active=yes	AUDIT AND ACCOUNTABILITY
UBTU-18-010007 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system in real time, if the system is interconnected - installed	AUDIT AND ACCOUNTABILITY
UBTU-18-010007 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system in real time, if the system is interconnected - remote_server	AUDIT AND ACCOUNTABILITY
UBTU-18-010008 - The Ubuntu operating system must have a crontab script running weekly to off-load audit events of standalone systems.	AUDIT AND ACCOUNTABILITY
UBTU-18-010016 - Advance package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization.	CONFIGURATION MANAGEMENT
UBTU-18-010017 - The Ubuntu operating system must be configured so that Advance package Tool (APT) removes all software components after updated versions have been installed - Remove-Unused-Dependencies	SYSTEM AND INFORMATION INTEGRITY
UBTU-18-010017 - The Ubuntu operating system must be configured so that Advance package Tool (APT) removes all software components after updated versions have been installed - Remove-Unused-Kernel-Packages	SYSTEM AND INFORMATION INTEGRITY
UBTU-18-010018 - The Ubuntu operating system must not have the Network Information Service (NIS) package installed.	CONFIGURATION MANAGEMENT
UBTU-18-010019 - The Ubuntu operating system must not have the rsh-server package installed.	CONFIGURATION MANAGEMENT
UBTU-18-010021 - The Ubuntu operating system must deploy Endpoint Security for Linux Threat Prevention (ENSLTP) - package	SYSTEM AND INFORMATION INTEGRITY
UBTU-18-010021 - The Ubuntu operating system must deploy Endpoint Security for Linux Threat Prevention (ENSLTP) - service	SYSTEM AND INFORMATION INTEGRITY
UBTU-18-010022 - The Ubuntu operating system must be configured to preserve log records from failure events - active	SYSTEM AND COMMUNICATIONS PROTECTION
UBTU-18-010022 - The Ubuntu operating system must be configured to preserve log records from failure events - enabled	CONFIGURATION MANAGEMENT
UBTU-18-010022 - The Ubuntu operating system must be configured to preserve log records from failure events - installed	AUDIT AND ACCOUNTABILITY
UBTU-18-010023 - The Ubuntu operating system must have an application firewall installed in order to control remote access methods.	ACCESS CONTROL
UBTU-18-010025 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited - active	AUDIT AND ACCOUNTABILITY
UBTU-18-010025 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited - auditd is-active	AUDIT AND ACCOUNTABILITY
UBTU-18-010025 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited - installed	AUDIT AND ACCOUNTABILITY
UBTU-18-010025 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited - remote_server	AUDIT AND ACCOUNTABILITY
UBTU-18-010030 - The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day - /etc/sssd/conf.d/*	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010030 - The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day - /etc/sssd/sssd.conf	CONFIGURATION MANAGEMENT
UBTU-18-010031 - The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.	CONFIGURATION MANAGEMENT
UBTU-18-010032 - The Ubuntu operating system must display the date and time of the last successful account logon upon logon.	ACCESS CONTROL
UBTU-18-010033 - The Ubuntu operating system must be configured so that three consecutive invalid logon attempts by a user automatically locks the account until released by an administrator.	ACCESS CONTROL
UBTU-18-010035 - The Ubuntu operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local access to the system via a graphical user logon - banner text	ACCESS CONTROL
UBTU-18-010035 - The Ubuntu operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local access to the system via a graphical user logon - banner-message-enable	ACCESS CONTROL
UBTU-18-010036 - The Ubuntu operating system must prevent direct login into the root account.	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010037 - The Ubuntu operating system must be configured so that only users who need access to security functions are part of the sudo group.	ACCESS CONTROL
UBTU-18-010038 - The Ubuntu operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting any publically accessible connection to the system.	ACCESS CONTROL
UBTU-18-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used - ucredit	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010101 - The Ubuntu operating system must enforce password complexity by requiring that at least one lower-case character be used - lcredit	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010102 - The Ubuntu operating system must enforce password complexity by requiring that at least one numeric character be used - dcredit	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010103 - The Ubuntu operating system must require the change of at least 8 characters when passwords are changed - difok	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010104 - The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.	SYSTEM AND COMMUNICATIONS PROTECTION
UBTU-18-010105 - The Ubuntu operating system must not have the telnet package installed.	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
UBTU-18-010106 - The Ubuntu operating system must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010107 - The Ubuntu operating system must enforce a 60-day maximum password lifetime restriction. Passwords for new users must have a 60-day maximum password lifetime restriction.	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010108 - The Ubuntu operating system must prohibit password reuse for a minimum of five generations.	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010109 - The Ubuntu operating system must enforce a minimum 15-character password length.	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010110 - The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords - ENCRYPT_METHOD	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

DISA STIG Ubuntu 18.04 LTS v2r4

Warning! Audit Deprecated

Audit Details

Audit Items