| RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030181 - RHEL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030710 - RHEL 8 must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040004 - RHEL 8 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040320 - The graphical display manager must not be installed on RHEL 8 unless approved. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040400 - RHEL 8 must prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-09-171011 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-211045 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-212020 - RHEL 9 must require a unique superusers name upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-212030 - RHEL 9 /boot/grub2/grub.cfg file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-212035 - RHEL 9 must disable virtual system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-212055 - RHEL 9 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-213020 - RHEL 9 must prevent the loading of a new kernel for later execution. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213115 - The kdump service on RHEL 9 must be disabled. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215090 - RHEL 9 must have the rng-tools package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215095 - RHEL 9 must have the s-nail package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215101 - RHEL 9 must have the Postfix package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-215105 - RHEL 9 must implement a FIPS 140-3-compliant systemwide cryptographic policy. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-231035 - RHEL 9 must use a separate file system for /var/tmp. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231070 - RHEL 9 must prevent code from being executed on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231085 - RHEL 9 must prevent special devices on file systems that are used with removable media. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
