| OL09-00-000242 - OL 9 must not allow the cryptographic policy to be overridden. | DISA Oracle Linux 9 STIG v1r4 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000251 - OL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000301 - OL 9 must routinely check the baseline configuration for unauthorized changes and notify the system administrator (SA) when anomalies in the operation of any security functions are discovered. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000302 - OL 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000311 - OL 9 must enable the chronyd service. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000320 - OL 9 must have the USBGuard package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000350 - OL 9 must have the rsyslog package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000351 - OL 9 must be configured so that the rsyslog service is active. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000410 - OL 9 must have the libreswan package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000500 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000520 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000530 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000535 - OL 9 must audit all uses of the unix_update command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000595 - OL 9 must audit all uses of the postdrop command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000610 - OL 9 must audit all uses of the ssh-keysign command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000640 - OL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000645 - OL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000660 - OL 9 must audit all uses of the setsebool command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000670 - OL 9 must audit all uses of the sudo command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000685 - OL 9 must audit all uses of the delete_module system call. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000715 - OL 9 must audit uses of the execve system call. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000725 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/tallylog. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000745 - OL 9 must be configured so that successful/unsuccessful uses of the shutdown command generate an audit record. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000750 - OL 9 must enable auditing of processes that start prior to the audit daemon. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000775 - OL 9 must periodically flush audit records to disk to prevent the loss of audit records. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000825 - The OL 9 system administrator (SA) and/or information system security officer (ISSO) (at a minimum) must be alerted of an audit processing failure event. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000845 - OL 9 must be configured so that successful/unsuccessful uses of the umount2 system call generate an audit record. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000875 - OL 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000935 - OL 9 must prohibit the use of cached authenticators after one day. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001005 - OL 9 must enforce password complexity by requiring that at least one uppercase character be used. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001020 - OL 9 must enforce password complexity by requiring that at least one numeric character be used. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001030 - OL 9 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001055 - OL 9 must be configured to use the shadow file to store only encrypted representations of passwords. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001095 - OL 9 user account passwords for new users or password changes must have a 60-day maximum password lifetime restriction in /etc/login.defs. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001105 - OL 9 passwords must be created with a minimum of 15 characters. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-002042 - OL 9 must mount /dev/shm with the nosuid option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002051 - OL 9 must mount /tmp with the noexec option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002065 - OL 9 must mount /var/log/audit with the noexec option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002067 - OL 9 must mount /var/tmp with the nodev option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002068 - OL 9 must mount /var/tmp with the noexec option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002069 - OL 9 must mount /var/tmp with the nosuid option. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002070 - OL 9 must prevent device files from being interpreted on file systems that contain user home directories. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002121 - OL 9 must prevent a user from overriding the disabling of the graphical user interface autorun function. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-002123 - OL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-002151 - OL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-002320 - OL 9 must disable the chrony daemon from acting as a server. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002331 - OL 9 must block unauthorized peripherals before establishing a connection. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-002340 - OL 9 must log SSH connection attempts and failures to the server. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-002345 - OL 9 must not permit direct logons to the root account using remote access via SSH. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-002348 - OL 9 SSH daemon must not allow rhosts authentication. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
