| RHEL-08-010030 - All RHEL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010070 - All RHEL 8 remote access methods must be monitored. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010171 - RHEL 8 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010270 - RHEL 8 cryptographic policy must not be overridden. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010330 - RHEL 8 library files must have mode 755 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010340 - RHEL 8 library files must be owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010420 - RHEL 8 must implement non-executable data to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010610 - RHEL 8 must prevent code from being executed on file systems that are used with removable media. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010740 - All RHEL 8 local interactive user home directories must be group-owned by the home directory owner's primary group. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010750 - All RHEL 8 local interactive user home directories defined in the /etc/passwd file must exist. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010770 - All RHEL 8 local initialization files must have mode 0740 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010820 - Unattended or automatic logon via the RHEL 8 graphical user interface must not be allowed. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020025 - RHEL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020031 - RHEL 8 must initiate a session lock for graphical user interfaces when the screensaver is activated. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020060 - RHEL 8 must automatically lock graphical user sessions after 15 minutes of inactivity. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020270 - RHEL 8 must automatically expire temporary accounts within 72 hours. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020320 - RHEL 8 must not have unnecessary accounts. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020353 - RHEL 8 must define default permissions for logon and non-logon shells. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030061 - The RHEL 8 audit system must audit local events. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-800190 - RHEL 10 must not send Internet Control Message Protocol (ICMP) redirects. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-800280 - RHEL 10 must not forward Internet Protocol version 6 (IPv6) source-routed packets by default. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-800300 - RHEL 10 must configure a DNS processing mode in Network Manager to avoid conflicts with other Domain Name Server (DNS) managers and to not leak DNS queries to untrusted networks. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-900100 - RHEL 10 must prevent unauthorized changes to the audit system. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
