Detections
Analytics

Item Search

NameAudit NamePluginCategory
ALMA-09-001560 - AlmaLinux OS 9 must prevent a user from overriding the session lock-delay setting for the graphical user interface.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-002770 - AlmaLinux OS 9 must log SSH connection attempts and failures to the server.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-002880 - All AlmaLinux OS 9 remote access methods must be monitored.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-003870 - AlmaLinux OS 9 IP tunnels must use FIPS 140-3 approved cryptographic algorithms.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-004970 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

ALMA-09-005080 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

ALMA-09-006510 - AlmaLinux OS 9 must require authentication to access single-user mode.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-006950 - The AlmaLinux OS 9 debug-shell systemd service must be disabled.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-007170 - AlmaLinux OS 9 must enable kernel parameters to enforce discretionary access control (DAC) on symlinks.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-007610 - AlmaLinux OS 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-007830 - AlmaLinux OS 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-008050 - AlmaLinux OS 9 must log username information when unsuccessful logon attempts occur.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

ALMA-09-008380 - AlmaLinux OS 9 must configure the appropriate SELinux context on the nondefault faillock tally directory.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-008820 - AlmaLinux OS 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via an SSH user logon.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

ACCESS CONTROL

ALMA-09-009920 - AlmaLinux OS 9 must check the GPG signature of repository metadata before package installation.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

CONFIGURATION MANAGEMENT

ALMA-09-033460 - The pcscd socket on AlmaLinux OS 9 must be active.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-034340 - AlmaLinux OS 9 must use the CAC smart card driver.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-034780 - AlmaLinux OS 9 must not permit direct logons to the root account using remote access via SSH.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-034890 - AlmaLinux OS 9 must disable the graphical user interface automount function unless required.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-035550 - AlmaLinux OS 9 must not have the autofs package installed.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-036540 - AlmaLinux OS 9 passwords must be created with a minimum of 15 characters.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-036650 - AlmaLinux OS 9 must enforce password complexity by requiring that at least one numeric character be used.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-038300 - Passwords for new users or password changes must have a 24-hour minimum password lifetime restriction in /etc/login.defs.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-038630 - AlmaLinux OS 9 must prohibit the use of cached authenticators after one day.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-038850 - For PKI-based authentication, AlmaLinux OS 9 must enforce authorized access to the corresponding private key.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-041160 - AlmaLinux OS 9 must prevent kernel profiling by nonprivileged users.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-041270 - AlmaLinux OS 9 must only allow the use of DOD PKI-established certificate authorities for authentication in the establishment of protected sessions to the operating system.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-041490 - AlmaLinux OS 9 systemd-journald service must be enabled.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-041930 - AlmaLinux OS 9 must use a Linux Security Module configured to enforce limits on system services.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-042810 - All AlmaLinux OS 9 networked systems must implement SSH to protect the confidentiality and integrity of transmitted and received information, including information being prepared for transmission.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-043800 - AlmaLinux OS 9 must not show boot up messages.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

ALMA-09-044570 - AlmaLinux OS 9 must implement nonexecutable data to protect its memory from unauthorized code execution.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

ALMA-09-046880 - AlmaLinux OS 9 must produce audit records containing information to establish the identity of any individual or process associated with the event.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-048090 - AlmaLinux OS 9 must audit all uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

ALMA-09-048200 - AlmaLinux OS 9 must generate audit records for any use of the "chacl" command.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

ALMA-09-049520 - AlmaLinux OS 9 must generate audit records for any use of the "passwd" command.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

ALMA-09-050400 - AlmaLinux OS 9 must generate audit records for any use of the "setsebool" command.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

ALMA-09-050840 - AlmaLinux OS 9 must generate audit records for any use of the "pam_timestamp_check" command.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

ALMA-09-051940 - AlmaLinux OS 9 must use a separate file system for the system audit data path.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-052380 - AlmaLinux OS 9 must take appropriate action when the internal event queue is full.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-052490 - AlmaLinux OS 9 must be configured to offload audit records onto a different system from the system being audited via syslog.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-052820 - AlmaLinux OS 9 must encrypt, via the gtls driver, the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-053370 - AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-053480 - AlmaLinux OS 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-053590 - AlmaLinux OS 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent usage.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-054140 - AlmaLinux OS 9 audit system must take appropriate action when the audit storage volume is full.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-054690 - AlmaLinux OS 9 must periodically flush audit records to disk to prevent the loss of audit records.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-055240 - AlmaLinux OS 9 must have the chrony package installed.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-055350 - AlmaLinux OS 9 must securely compare internal information system clocks at least every 24 hours.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY

ALMA-09-056890 - AlmaLinux OS 9 must use cryptographic mechanisms to protect the integrity of audit tools.DISA Cloud Linux AlmaLinux OS 9 STIG v1r5Unix

AUDIT AND ACCOUNTABILITY