| DISA_STIG_VMware_vSphere_7.0_Photon_OS_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance Photon OS v1r2 STIG | |
| PHTN-30-000001 - The Photon operating system must audit all account creations. | ACCESS CONTROL |
| PHTN-30-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur. | ACCESS CONTROL |
| PHTN-30-000003 - The Photon operating system must display the Standard Mandatory DOD Notice and Consent Banner before granting Secure Shell (SSH) access. | ACCESS CONTROL |
| PHTN-30-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | ACCESS CONTROL |
| PHTN-30-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less. | ACCESS CONTROL, MAINTENANCE |
| PHTN-30-000006 - The Photon operating system must have the sshd SyslogFacility set to 'authpriv'. | ACCESS CONTROL |
| PHTN-30-000007 - The Photon operating system must have sshd authentication logging enabled. | ACCESS CONTROL |
| PHTN-30-000008 - The Photon operating system must have the sshd LogLevel set to 'INFO' | ACCESS CONTROL |
| PHTN-30-000009 - The Photon operating system must configure sshd to use approved encryption algorithms. | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000010 - The Photon operating system must configure auditd to log to disk. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000011 - The Photon operating system must configure auditd to use the correct log format. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000012 - The Photon operating system must be configured to audit the execution of privileged functions. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000013 - The Photon operating system must have the auditd service running. | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| PHTN-30-000014 - The Photon operating system audit log must log space limit problems to syslog. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000015 - The Photon operating system audit log must attempt to log audit failures to syslog. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000016 - The Photon operating system audit log must have correct permissions. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000017 - The Photon operating system audit log must be owned by root. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000018 - The Photon operating system audit log must be group-owned by root. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000019 - The Photon operating system must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited - or individuals or roles appointed by the ISSM to select which auditable events are to be audited. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-30-000021 - The Photon operating system must enforce password complexity by requiring that at least one uppercase character be used. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000022 - The Photon operating system must enforce password complexity by requiring that at least one lowercase character be used. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000023 - The Photon operating system must enforce password complexity by requiring that at least one numeric character be used. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000024 - The Photon operating system must require that new passwords are at least four characters different from the old password. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000025 - The Photon operating system must store only encrypted representations of passwords. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000026 - The Photon operating system must use an OpenSSH server version that does not support protocol 1. | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000027 - The Photon operating system must be configured so that passwords for new users are restricted to a 24-hour minimum lifetime. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000028 - The Photon operating system must be configured so that passwords for new users are restricted to a 90-day maximum lifetime. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000029 - The Photon operating system must prohibit password reuse for a minimum of five generations. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000030 - The Photon operating system must enforce a minimum eight-character password length. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000031 - The Photon operating system must require authentication upon booting into single-user and maintenance modes. | ACCESS CONTROL |
| PHTN-30-000032 - The Photon operating system must disable the loading of unnecessary kernel modules. | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000033 - The Photon operating system must not have duplicate User IDs (UIDs). | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000035 - The Photon operating system must disable new accounts immediately upon password expiration. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000036 - The Photon operating system must use Transmission Control Protocol (TCP) syncookies. | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000037 - The Photon operating system must configure sshd to disconnect idle Secure Shell (SSH) sessions. | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000038 - The Photon operating system must configure sshd to disconnect idle Secure Shell (SSH) sessions. | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000040 - The Photon operating system '/var/log' directory must be owned by root. | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-30-000041 - The Photon operating system messages file must have the correct ownership and file permissions. | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-30-000042 - The Photon operating system must audit all account modifications. | ACCESS CONTROL |
| PHTN-30-000043 - The Photon operating system must audit all account modifications. | ACCESS CONTROL |
| PHTN-30-000044 - The Photon operating system must audit all account disabling actions. | ACCESS CONTROL |
| PHTN-30-000045 - The Photon operating system must audit all account removal actions. | ACCESS CONTROL |
| PHTN-30-000046 - The Photon operating system must initiate auditing as part of the boot process. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000047 - The Photon operating system audit files and directories must have correct permissions. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000048 - The Photon operating system must protect audit tools from unauthorized modification and deletion. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000050 - The Photon operating system must enforce password complexity by requiring that at least one special character be used. | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000051 - The Photon operating system package files must not be modified. | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000054 - The Photon operating system must audit the execution of privileged functions. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
