Revision 1.18Jul 15, 2020
Functional Update
- 5.2.11 Ensure only approved MAC algorithms are used
- 5.4.1.1 Ensure password expiration is 90 days or less - users
- 5.4.1.2 Ensure minimum days between password changes is 7 or more - users
- 5.4.1.3 Ensure password expiration warning days is 7 or more - users
- 5.4.1.4 Ensure inactive password lock is 30 days or less - users
- 5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'
- 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.d/*.sh
- 6.2.10 Ensure users' dot files are not group or world writable
- 6.2.9 Ensure users own their home directories
