| RHEL-09-232220 - RHEL 9 audit tools must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-232240 - All RHEL 9 world-writable directories must be owned by root, sys, bin, or an application user. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-251040 - RHEL 9 network interfaces must not be in promiscuous mode. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-252040 - RHEL 9 must configure a DNS processing mode in Network Manager. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253035 - RHEL 9 must use reverse path filtering on all IPv4 interfaces. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255020 - RHEL 9 must have the openssh-clients package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255035 - RHEL 9 SSHD must accept public key authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-255050 - RHEL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | MAINTENANCE |
| RHEL-09-255064 - The RHEL 9 SSH client must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-255140 - RHEL 9 SSH daemon must not allow Kerberos authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255155 - RHEL 9 SSH daemon must disable remote X connections for interactive users. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271050 - RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-271055 - RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-271085 - RHEL 9 must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-271095 - RHEL 9 must disable the ability of a user to restart the system from the login screen. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-291010 - RHEL 9 must be configured to disable USB mass storage. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-411010 - RHEL 9 user account passwords for new users or password changes must have a 60-day maximum password lifetime restriction in /etc/login.defs. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-411020 - All RHEL 9 local interactive user accounts must be assigned a home directory upon creation. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411025 - RHEL 9 must set the umask value to 077 for all local interactive user accounts. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411065 - All RHEL 9 local interactive user home directories defined in the /etc/passwd file must exist. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411100 - The root account must be the only account having unrestricted access to RHEL 9 system. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411105 - RHEL 9 must ensure account lockouts persist. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-411110 - RHEL 9 groups must have unique Group ID (GID). | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-412065 - RHEL 9 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-412075 - RHEL 9 must display the date and time of the last successful account logon upon logon. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-431025 - RHEL 9 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-432015 - RHEL 9 must require reauthentication when using the "sudo" command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-432020 - RHEL 9 must use the invoking user's password for privilege escalation when using "sudo". | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611010 - RHEL 9 must ensure the password complexity module in the system-auth file is configured for three retries or less. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611040 - RHEL 9 must ensure the password complexity module is enabled in the password-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611060 - RHEL 9 must enforce password complexity rules for the root account. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611065 - RHEL 9 must enforce password complexity by requiring that at least one lowercase character be used. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611115 - RHEL 9 must require the change of at least eight characters when passwords are changed. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611135 - RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-651020 - RHEL 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652055 - RHEL 9 must be configured to forward audit records via TCP to a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653060 - RHEL 9 must label all offloaded audit logs before sending them to the central log server. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653105 - RHEL 9 must write audit records to disk. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-653110 - RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653125 - RHEL 9 must have mail aliases to notify the information system security officer (ISSO) and system administrator (SA) (at a minimum) in the event of an audit processing failure. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654020 - RHEL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654040 - RHEL 9 must audit all uses of the setfacl command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654070 - RHEL 9 must audit all uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654080 - RHEL 9 must audit all uses of the init_module and finit_module system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654090 - RHEL 9 must audit all uses of the chsh command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654100 - RHEL 9 must audit all uses of the gpasswd command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654120 - RHEL 9 must audit all uses of the passwd command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654145 - RHEL 9 must audit all uses of the su command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654165 - RHEL 9 must audit all uses of the unix_update command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
