| RHEL-08-010030 - All RHEL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010049 - RHEL 8 must display a banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-010070 - All RHEL 8 remote access methods must be monitored. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-271095 - RHEL 9 must disable the ability of a user to restart the system from the login screen. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271105 - RHEL 9 must disable the ability of a user to accidentally press Ctrl-Alt-Del and cause a system to shut down or reboot. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271110 - RHEL 9 must prevent a user from overriding the Ctrl-Alt-Del sequence settings for the graphical user interface. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-291010 - RHEL 9 must be configured to disable USB mass storage. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-411015 - RHEL 9 user account passwords must have a 60-day maximum password lifetime restriction. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-411025 - RHEL 9 must set the umask value to 077 for all local interactive user accounts. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411095 - RHEL 9 must not have unauthorized accounts. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411110 - RHEL 9 groups must have unique Group ID (GID). | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-412040 - RHEL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-412065 - RHEL 9 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-412075 - RHEL 9 must display the date and time of the last successful account logon upon logon. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-431010 - RHEL 9 must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-431015 - RHEL 9 must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-431025 - RHEL 9 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-432015 - RHEL 9 must require reauthentication when using the "sudo" command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-433010 - RHEL 9 fapolicy module must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611025 - RHEL 9 must not allow blank or null passwords. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611050 - RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611080 - RHEL 9 passwords must have a 24 hours minimum password lifetime restriction in /etc/shadow. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611120 - RHEL 9 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611180 - The pcscd service on RHEL 9 must be active. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611195 - RHEL 9 must require authentication to access emergency mode. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-652030 - All RHEL 9 remote access methods must be monitored. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-652060 - RHEL 9 must use cron logging. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-653030 - RHEL 9 must allocate audit record storage capacity to store at least one week's worth of audit records. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653050 - RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653080 - RHEL 9 audit logs must be group-owned by root or by a restricted logging group to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-653085 - RHEL 9 audit log directory must be owned by root to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-654010 - RHEL 9 must audit uses of the "execve" system call. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-654055 - RHEL 9 must audit all uses of the setfiles command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654060 - RHEL 9 must audit all uses of the setsebool command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654110 - RHEL 9 must audit all uses of the newgrp command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654115 - RHEL 9 must audit all uses of the pam_timestamp_check command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654120 - RHEL 9 must audit all uses of the passwd command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654125 - RHEL 9 must audit all uses of the postdrop command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654150 - RHEL 9 must audit all uses of the sudo command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654155 - RHEL 9 must audit all uses of the sudoedit command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654165 - RHEL 9 must audit all uses of the unix_update command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654225 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654230 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654235 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654240 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-672050 - RHEL 9 must implement DOD-approved encryption in the bind package. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
