InformationConfigure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only.
Security configuration requirements vary from site to site. Some sites may mandate a policy that is stricter than the default policy, which is perfectly acceptable. This item is intended to ensure that at least the default recommendations are met.
SolutionEdit the /etc/selinux/config file to set the SELINUXTYPE parameter:
If your organization requires stricter policies, ensure that they are set in the /etc/selinux/config file.
NIST SP 800-53 Rev. 5: