| RHEL-10-400110 - RHEL 10 must be configured so that library files are owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-400125 - RHEL 10 must be configured so that library directories are group-owned by "root" or a system account. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-400205 - RHEL 10 must enforce mode "755" or less permissive for system commands. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-400215 - RHEL 10 must enforce mode "755" or less permissive for library files. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-400270 - RHEL 10 must enforce mode "0644" or less permissive for "/etc/passwd-" file to prevent unauthorized access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400285 - RHEL 10 must be configured so that all local files and directories have a valid group owner. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400290 - RHEL 10 must be configured so that all local files and directories must have a valid owner. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400300 - RHEL 10 must be configured so that audit tools are owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-400405 - RHEL 10 must mount "/var/log/audit" with the "noexec" option. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-500030 - RHEL 10 must allocate an "audit_backlog_limit" of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500420 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "chage" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500440 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "crontab" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500450 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "gpasswd" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500500 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "postdrop" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500520 - RHEL 10 must generate audit records for successful and unsuccessful uses of the ssh-agent command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500560 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "sudoedit" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500570 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "unix_chkpwd" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500580 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "unix_update" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500730 - RHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/passwd". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-500750 - RHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/var/log/faillock". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-10-600130 - RHEL 10 must not allow duplicate user IDs (UIDs) to exist for interactive users. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600150 - RHEL 10 must assign a primary group to all interactive users. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600230 - RHEL 10 must enforce password complexity by requiring at least one special character to be used. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600240 - RHEL 10 must enforce password complexity by requiring that at least one lowercase character be used. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600250 - RHEL 10 must enforce password complexity by requiring that at least one uppercase character be used. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600455 - RHEL 10 must not allow blank or null passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600460 - RHEL 10 must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600500 - RHEL 10 must restrict the use of the "su" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600550 - RHEL 10 must use the invoking user's password for privilege escalation when using "sudo". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600630 - RHEL 10 must ensure the password complexity module is enabled in the "system-auth" file. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600640 - RHEL 10 must enable the Pluggable Authentication Module (PAM) interface for SSHD. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | MAINTENANCE |
| RHEL-10-600730 - RHEL 10 must employ FIPS 140-3-approved cryptographic hashing algorithms for all stored passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600750 - RHEL 10 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-700030 - RHEL 10 must prevent a user from overriding the banner-message-enable setting for the graphical user interface. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700040 - RHEL 10 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user login. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700195 - RHEL 10 must mount "/var/tmp" with the "nosuid" option. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-700720 - RHEL 10 must not allow unattended or automatic login via the graphical user interface. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700860 - RHEL 10 must disable Bluetooth. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-10-701000 - RHEL 10 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-701020 - RHEL 10 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-701040 - RHEL 10 must prevent kernel profiling by nonprivileged users. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-701050 - RHEL 10 must prevent the loading of a new kernel for later execution. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-701120 - RHEL 10 must disable the Transparent Inter Process Communication (TIPC) kernel module. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-701170 - RHEL 10 must disable core dumps for all users. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-701180 - RHEL 10 must disable acquiring, saving, and processing core dumps. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-701210 - RHEL 10 must disable file system automount function unless required. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-800040 - RHEL 10 must securely compare internal information system clocks at least every 24 hours. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-800060 - RHEL 10 must have at least two name servers configured for systems using Domain Name Server (DNS) resolution. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-800090 - RHEL 10 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-800150 - RHEL 10 must not forward Internet Protocol version 4 (IPv4) source-routed packets by default. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
