Detections
Analytics

Revision 1.8

Oct 5, 2020
Functional Update
  • 1.1.21 Disable Automounting
  • 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration
  • 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - 'enforcing'
  • 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration -'selinux'
  • 1.6.1.2 Ensure the SELinux state is enforcing
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'Current mode'
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'Mode from config file'
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'SELinux status'
  • 1.6.1.3 Ensure SELinux policy is configured
  • 1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'
  • 1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'
  • 1.6.1.4 Ensure no unconfined daemons exist
  • 1.6.2.1 Ensure AppArmor is not disabled in bootloader configuration
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'complian mode'
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'profiles loaded'
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'unconfined processes'
  • 1.6.3 Ensure SELinux or AppArmor are installed
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chmod (64-bit)'
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chown (64-bit)'
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl setxattr (64-bit)'
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'chmod' (64-bit)
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'chown' (64-bit)
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'setxattr' (64-bit)
  • 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EACCES' (64-bit)
  • 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EPERM' (64-bit)
  • 4.1.13 Ensure successful file system mounts are collected - 'auditctl mounts (64-bit)'
  • 4.1.13 Ensure successful file system mounts are collected - 'mount' (64-bit)
  • 4.1.14 Ensure file deletion events by users are collected (64-bit)
  • 4.1.14 Ensure file deletion events by users are collected - auditctl delete (64-bit)
  • 4.1.17 Ensure kernel module loading and unloading is collected - '32bit'
  • 4.1.17 Ensure kernel module loading and unloading is collected - '64bit'
  • 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl 32-bit'
  • 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl 64-bit'
  • 4.1.4 Ensure events that modify date and time information are collected - 'adjtimex - 64bit'
  • 4.1.4 Ensure events that modify date and time information are collected - 'auditctl adjtimex (64-bit)'
  • 4.1.4 Ensure events that modify date and time information are collected - 'auditctl clock_settime (64-bit)'
  • 4.1.4 Ensure events that modify date and time information are collected - 'clock_settime - 64bit'
  • 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl sethostname/setdomainname (64-bit)'
  • 4.1.6 Ensure events that modify the system's network environment are collected - 'sethostname/setdomainname' (64-bit)
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor.d/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/selinux/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/usr/share/selinux/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor.d/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/selinux/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /usr/share/selinux/'
Miscellaneous
  • Platform check updated.