Sep 19, 2023 Functional Update- 4.1.12 Ensure use of privileged commands is collected
- 4.1.2 Ensure auditd service is enabled
Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
Jul 5, 2023 Functional Update- 4.1.1.2 Ensure system is disabled when audit logs are full - 'action_mail_acct'
- 4.1.1.2 Ensure system is disabled when audit logs are full - 'admin_space_left_action'
- 4.1.1.2 Ensure system is disabled when audit logs are full - 'space_left_action'
|
Apr 12, 2023 Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jan 4, 2023 |
Dec 7, 2022 |
Apr 25, 2022 |
Mar 29, 2022 Miscellaneous- Metadata updated.
- Platform check updated.
- References updated.
|
Jun 17, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Oct 5, 2020 Functional Update- 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration
- 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - 'enforcing'
- 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration -'selinux'
- 1.6.1.2 Ensure the SELinux state is enforcing
- 1.6.1.2 Ensure the SELinux state is enforcing - 'Current mode'
- 1.6.1.2 Ensure the SELinux state is enforcing - 'Mode from config file'
- 1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'
- 1.6.1.2 Ensure the SELinux state is enforcing - 'SELinux status'
- 1.6.1.3 Ensure SELinux policy is configured
- 1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'
- 1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'
- 1.6.1.4 Ensure no unconfined daemons exist
- 1.6.2.1 Ensure AppArmor is not disabled in bootloader configuration
- 1.6.2.2 Ensure all AppArmor Profiles are enforcing
- 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'complian mode'
- 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'profiles loaded'
- 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'unconfined processes'
- 1.6.3 Ensure SELinux or AppArmor are installed
- 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chmod (64-bit)'
- 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chown (64-bit)'
- 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl setxattr (64-bit)'
- 4.1.10 Ensure discretionary access control permission modification events are collected - 'chmod' (64-bit)
- 4.1.10 Ensure discretionary access control permission modification events are collected - 'chown' (64-bit)
- 4.1.10 Ensure discretionary access control permission modification events are collected - 'setxattr' (64-bit)
- 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EACCES' (64-bit)
- 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EPERM' (64-bit)
- 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'auditctl EACCES (64-bit)'
- 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'auditctl EPERM (64-bit)'
- 4.1.13 Ensure successful file system mounts are collected - 'auditctl mounts (64-bit)'
- 4.1.13 Ensure successful file system mounts are collected - 'mount' (64-bit)
- 4.1.14 Ensure file deletion events by users are collected (64-bit)
- 4.1.14 Ensure file deletion events by users are collected - auditctl delete (64-bit)
- 4.1.17 Ensure kernel module loading and unloading is collected - '32bit'
- 4.1.17 Ensure kernel module loading and unloading is collected - '64bit'
- 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl 32-bit'
- 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl 64-bit'
- 4.1.4 Ensure events that modify date and time information are collected - 'adjtimex - 64bit'
- 4.1.4 Ensure events that modify date and time information are collected - 'auditctl adjtimex (64-bit)'
- 4.1.4 Ensure events that modify date and time information are collected - 'auditctl clock_settime (64-bit)'
- 4.1.4 Ensure events that modify date and time information are collected - 'clock_settime - 64bit'
- 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl sethostname/setdomainname (64-bit)'
- 4.1.6 Ensure events that modify the system's network environment are collected - 'sethostname/setdomainname' (64-bit)
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor.d/'
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor/'
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/selinux/'
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/usr/share/selinux/'
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor.d/'
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor/'
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/selinux/'
- 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /usr/share/selinux/'
|
