800-53|SI-6a.

Title

SECURITY FUNCTION VERIFICATION

Description

Verifies the correct operation of [Assignment: organization-defined security functions];

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6.1.3 Ensure SELinux policy is configuredUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.5 Ensure the SELinux mode is enforcingUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
APPL-14-005100 - The macOS system must ensure secure boot level set to full.UnixDISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-15-005100 - The macOS system must ensure Secure Boot level is set to 'full'.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
ESXI-80-000085 The ESXi host must implement Secure Boot enforcement.UnixDISA VMware vSphere 8.0 ESXi STIG OS v2r1
GEN006570 - The file integrity tool must be configured to verify ACLs - configUnixDISA STIG Solaris 10 X86 v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs - configUnixDISA STIG Solaris 10 SPARC v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs - usedUnixDISA STIG Solaris 10 X86 v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs - usedUnixDISA STIG Solaris 10 SPARC v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006571 - The file integrity tool must be configured to verify extended attributes - configUnixDISA STIG Solaris 10 X86 v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes - configUnixDISA STIG Solaris 10 SPARC v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes - usedUnixDISA STIG Solaris 10 SPARC v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes - usedUnixDISA STIG Solaris 10 X86 v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes.UnixDISA STIG for Oracle Linux 5 v2r1
OL07-00-020029 - The Oracle Linux operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA Oracle Linux 7 STIG v2r14
OL07-00-020210 - The Oracle Linux operating system must enable SELinux.UnixDISA Oracle Linux 7 STIG v2r14
OL07-00-020220 - The Oracle Linux operating system must enable the SELinux targeted policy.UnixDISA Oracle Linux 7 STIG v2r14
OL08-00-010359 - The OL 8 operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA Oracle Linux 8 STIG v2r1
OL08-00-010450 - OL 8 must enable the SELinux targeted policy.UnixDISA Oracle Linux 8 STIG v2r1
PHTN-30-000013 - The Photon operating system must have the auditd service running.UnixDISA STIG VMware vSphere 7.0 Photon OS v1r3
PHTN-67-000018 - The Photon operating system must have the auditd service running.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
RHEL-06-000017 - The system must use a Linux Security Module at boot time.UnixDISA Red Hat Enterprise Linux 6 STIG v2r2
RHEL-07-020029 - The Red Hat Enterprise Linux operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA Red Hat Enterprise Linux 7 STIG v3r15
RHEL-07-020210 - The Red Hat Enterprise Linux operating system must enable SELinux.UnixDISA Red Hat Enterprise Linux 7 STIG v3r15
RHEL-07-020220 - The Red Hat Enterprise Linux operating system must enable the SELinux targeted policy.UnixDISA Red Hat Enterprise Linux 7 STIG v3r15
RHEL-08-010359 - The RHEL 8 operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA Red Hat Enterprise Linux 8 STIG v2r1
RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.UnixDISA Red Hat Enterprise Linux 8 STIG v2r1
RHEL-09-431010 - RHEL 9 must use a Linux Security Module configured to enforce limits on system services.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
RHEL-09-431015 - RHEL 9 must enable the SELinux targeted policy.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
RHEL-09-651010 - RHEL 9 must have the AIDE package installed.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
SLES-12-010499 - The SUSE operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA SLES 12 STIG v2r13
SLES-12-010500 - Advanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly.UnixDISA SLES 12 STIG v2r13
SLES-15-010419 - The SUSE operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA SLES 15 STIG v2r1
SLES-15-010420 - Advanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly.UnixDISA SLES 15 STIG v2r1
SOL-11.1-090250 - The operating system must verify the correct operation of security functions in accordance with organization-defined conditions and in accordance with organization-defined frequency (if periodic verification).UnixDISA STIG Solaris 11 X86 v3r1
SOL-11.1-090250 - The operating system must verify the correct operation of security functions in accordance with organization-defined conditions and in accordance with organization-defined frequency (if periodic verification).UnixDISA STIG Solaris 11 SPARC v3r1
SOL-11.1-090270 - The operating system must identify potentially security-relevant error conditions.UnixDISA STIG Solaris 11 SPARC v3r1
SOL-11.1-090270 - The operating system must identify potentially security-relevant error conditions.UnixDISA STIG Solaris 11 X86 v3r1
UBTU-16-010500 - A file integrity tool must be installed to verify correct operation of all security functions in the Ubuntu operating system.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010515 - The Ubuntu operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA STIG Ubuntu 18.04 LTS v2r15
UBTU-20-010450 - The Ubuntu operating system must use a file integrity tool to verify correct operation of all security functions.UnixDISA STIG Ubuntu 20.04 LTS v2r1
UBTU-22-651010 - Ubuntu 22.04 LTS must use a file integrity tool to verify correct operation of all security functions.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2
UBTU-22-651015 - Ubuntu 22.04 LTS must configure AIDE to perform file integrity checking on the file system.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2