| ALMA-09-022460 - AlmaLinux OS 9 must disable the ability of a user to restart the system from the login screen. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-022570 - AlmaLinux OS 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical user interface. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-022900 - AlmaLinux OS 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are used with removable media. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-023560 - AlmaLinux OS 9 must configure a DNS processing mode set be Network Manager. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-024110 - AlmaLinux OS 9 must clear the page allocator to prevent use-after-free attacks. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-024330 - AlmaLinux OS 9 security patches and updates must be installed and up to date. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-024440 - AlmaLinux OS 9 policycoreutils-python-utils package must be installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-024550 - AlmaLinux OS 9 must enable the hardware random number generator entropy gatherer service. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-025320 - AlmaLinux OS 9 must use a separate file system for /var/log. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-026530 - AlmaLinux OS 9 must mount /dev/shm with the nodev option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027630 - AlmaLinux OS 9 must mount /var/log with the noexec option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027740 - AlmaLinux OS 9 must mount /var/log with the nosuid option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-028070 - AlmaLinux OS 9 must mount /var/tmp with the noexec option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-028180 - AlmaLinux OS 9 must mount /var/tmp with the nosuid option. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-028730 - AlmaLinux OS 9 must not have the iprutils package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-029500 - AlmaLinux OS 9 must not have the gssproxy package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-029830 - AlmaLinux OS 9 must disable the Controller Area Network (CAN) kernel module. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-030600 - AlmaLinux OS 9 must not have the nfs-utils package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-031370 - AlmaLinux OS 9 must be configured to disable USB mass storage. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-031920 - AlmaLinux OS 9 must require users to provide authentication for privilege escalation. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | ACCESS CONTROL |
| ALMA-09-032470 - AlmaLinux OS 9 must restrict the use of the "su" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | ACCESS CONTROL |
| ALMA-09-033790 - AlmaLinux OS 9 must enable certificate based smart card authentication. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-035220 - AlmaLinux OS 9 must have the USBGuard package enabled. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-035440 - AlmaLinux OS 9 must block unauthorized peripherals before establishing a connection. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-036980 - AlmaLinux OS 9 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037200 - AlmaLinux OS 9 PAM must be configured to use a sufficient number of password hashing rounds. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037530 - AlmaLinux OS 9 must be configured so that the Pluggable Authentication Module is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037750 - AlmaLinux OS 9 must not have any File Transfer Protocol (FTP) packages installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-039290 - AlmaLinux 9 cryptographic policy must not be overridden. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-042920 - All AlmaLinux OS 9 networked systems must have the OpenSSH server installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-044020 - AlmaLinux OS 9 /var/log/messages file must be group-owned by root. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-044130 - AlmaLinux OS 9 /var/log/messages file must be owned by root. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-044240 - AlmaLinux OS 9 /var/log/messages file must have mode 0640 or less permissive. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-044350 - AlmaLinux OS 9 /var/log directory must be owned by root. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-044900 - AlmaLinux OS 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-045450 - AlmaLinux OS 9 must routinely check the baseline configuration for unauthorized changes and notify the system administrator when anomalies in the operation of any security functions are discovered. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-045780 - AlmaLinux OS 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-047100 - The audit package must be installed on AlmaLinux OS 9. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-047760 - AlmaLinux OS 9 must generate audit records for any use of the "umount" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048865 - AlmaLinux OS 9 must audit any script or executable called by cron as root or by any privileged user. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-048970 - AlmaLinux OS 9 must audit all uses of the rename, unlink, rmdir, renameat, and unlinkat system calls. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049960 - AlmaLinux OS 9 must generate audit records for any use of the "sudo" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050290 - AlmaLinux OS 9 must generate audit records for any use of the "setfiles" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050620 - AlmaLinux OS 9 must generate audit records for any use of the "ssh-keysign" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051390 - AlmaLinux OS 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-052270 - AlmaLinux OS 9 must label all offloaded audit logs before sending them to the central log server. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-053150 - The rsyslog service on AlmaLinux OS 9 must be active. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-053810 - AlmaLinux OS 9 System Administrator (SA) and/or information system security officer (ISSO) (at a minimum) must be alerted of an audit processing failure event. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-054360 - AlmaLinux OS 9 audit system must make full use of the audit storage space. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-055680 - AlmaLinux OS 9 audit log directory must be owned by root to prevent unauthorized read access. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
