| ALMA-09-018170 - AlmaLinux OS 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-018280 - AlmaLinux OS 9 must be configured so that the file integrity tool verifies extended attributes. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-018500 - AlmaLinux OS 9 must not accept router advertisements on all IPv6 interfaces. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-018940 - AlmaLinux OS 9 must limit the number of bogus Internet Control Message Protocol (ICMP) response errors logs. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-019380 - AlmaLinux OS 9 must log packets with impossible addresses. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-020260 - Alma Linux OS 9 must not accept IPv4 source-routed packets by default. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-021250 - AlmaLinux OS 9 SSH daemon must display the date and time of the last successful account logon upon an SSH logon. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-021690 - If the Trivial File Transfer Protocol (TFTP) server is required, the TFTP daemon must be configured to operate in secure mode. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-022350 - The kdump service on AlmaLinux OS 9 must be disabled. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-022680 - AlmaLinux OS 9 must prevent special devices on file systems that are used with removable media. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-023120 - AlmaLinux OS 9 must prevent special devices on file systems that are imported via Network File System (NFS). | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-023230 - AlmaLinux OS 9 must prevent code execution on file systems that are imported via Network File System (NFS). | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-025980 - AlmaLinux OS 9 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-026420 - AlmaLinux OS 9 must prevent files with the setuid and setgid bit set from being executed on the /boot directory. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-026750 - AlmaLinux OS 9 must mount /dev/shm with the nosuid option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027300 - AlmaLinux OS 9 must mount /var/log/audit with the noexec option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027410 - AlmaLinux OS 9 must mount /var/log/audit with the nosuid option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027520 - AlmaLinux OS 9 must mount /var/log with the nodev option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-029390 - AlmaLinux OS 9 must not have the cups package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-030050 - AlmaLinux OS 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-030380 - AlmaLinux OS 9 must disable mounting of udf. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-031150 - AlmaLinux OS 9 must not have the ypserv package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-035990 - AlmaLinux OS 9 must ensure the password complexity module in the system-auth file is configured for three retries or less. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037310 - AlmaLinux OS 9 must be configured so that libuser is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037420 - AlmaLinux OS 9 must be configured so that the system's shadow file is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037640 - AlmaLinux OS 9 must be configured so that interactive user account passwords are using strong password hashes. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037970 - Passwords for existing users must have a 60-day maximum password lifetime restriction in /etc/shadow. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-040500 - AlmaLinux OS 9 must terminate idle user sessions. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-041600 - AlmaLinux OS 9 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-042480 - AlmaLinux OS 9 must be configured to use TCP syncookies. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-043030 - AlmaLinux OS 9 must not allow users to override SSH environment variables. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-043140 - AlmaLinux OS 9 must implement DOD-approved encryption in the bind package. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-044460 - AlmaLinux OS 9 /var/log directory must have mode 0755 or less permissive. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-044790 - AlmaLinux OS 9 must clear memory when it is freed to prevent use-after-free attacks. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-045670 - AlmaLinux OS 9 audit system must audit local events. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-045890 - AlmaLinux OS 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-046000 - Successful/unsuccessful uses of the init command in AlmaLinux OS 9 must generate an audit record. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-046770 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/tallylog. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-047650 - AlmaLinux OS 9 must generate audit records for any use of the "mount" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-047980 - AlmaLinux OS 9 must enable auditing of processes that start prior to the audit daemon. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048310 - AlmaLinux OS 9 must generate audit records for any use of the "chage" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048530 - AlmaLinux OS 9 must audit all uses of the chmod, fchmod, and fchmodat system calls. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049300 - AlmaLinux OS 9 must audit all uses of the kmod command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049740 - AlmaLinux OS 9 must generate audit records for any use of the "postqueue" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050950 - AlmaLinux OS 9 must generate audit records for any use of the "unix_chkpwd" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051830 - AlmaLinux OS 9 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052600 - AlmaLinux OS 9 must authenticate the remote logging server for offloading audit logs via rsyslog. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052930 - AlmaLinux OS 9 must have the rsyslog package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-054250 - AlmaLinux OS 9 must take appropriate action when a critical audit processing failure occurs. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-054580 - AlmaLinux OS 9 audit system must retain an optimal number of audit records. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
