| OL09-00-000065 - OL 9 must enable the SELinux targeted policy. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000070 - OL 9 must enable FIPS mode. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000115 - OL 9 must not have the gssproxy package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000125 - OL 9 must not have the tuned package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000135 - OL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000221 - OL 9 must be configured so that the firewalld service is active. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| OL09-00-000250 - OL 9 networked systems must have SSH installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000254 - OL 9 SSH server must be configured to use only ciphers employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000262 - OL 9 SSH client must be configured to use only DOD-approved Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000280 - OL 9 must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000300 - OL 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000303 - OL 9 must be configured so that the file integrity tool verifies Access Control Lists (ACLs). | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000355 - OL 9 must have the packages required for encrypting offloaded audit logs installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000380 - OL 9 must have the nss-tools package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000390 - OL 9 must have the pcsc-lite package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000450 - OL 9 must have the audispd-plugins package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000496 - OL 9 must check the GPG signature of locally installed software packages before installation. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000497 - OL 9 must check the GPG signature of software packages originating from external software repositories before installation. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000505 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000515 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000555 - OL 9 must audit all uses of the chcon command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000590 - OL 9 must audit all uses of the passwd command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000600 - OL 9 must audit all uses of the postqueue command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000605 - OL 9 must audit all uses of the ssh-agent command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000635 - OL 9 must audit all uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000655 - OL 9 must audit all uses of the setfiles command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000680 - OL 9 must audit all uses of the rename, unlink, rmdir, renameat, and unlinkat system calls. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000720 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/faillock. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000755 - OL 9 must label all offloaded audit logs before sending them to the central log server. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000760 - OL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000765 - OL 9 audit system must take appropriate action when the audit storage volume is full. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000880 - OL 9 must write audit records to disk. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000885 - OL 9 must act when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000905 - OL 9, for PKI-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000940 - OL 9 must use the CAC smart card driver. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001010 - OL 9 must ensure the password complexity module is enabled in the password-auth file. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001080 - OL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001090 - OL 9 passwords must have a 24-hour minimum password lifetime restriction in /etc/shadow. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001125 - OL 9 must prevent the use of dictionary words for passwords. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002011 - OL 9 must prevent special devices on file systems that are imported via Network File System (NFS). | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002012 - OL 9 must prevent code from being executed on file systems that are imported via Network File System (NFS). | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002013 - OL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002020 - OL 9 must prevent code from being executed on file systems that are used with removable media. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002031 - OL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot directory. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002050 - OL 9 must mount /tmp with the nodev option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002064 - OL 9 must mount /var/log/audit with the nodev option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002071 - OL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002101 - OL 9 must disable the graphical user interface autorun function unless required. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002122 - OL 9 must prevent a user from overriding the banner-message-enable setting for the graphical user interface. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-002160 - OL 9 must be able to directly initiate a session lock for all connection types using smart card when the smart card is removed. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
