From 51c80e3a837586261c1ae11a08c283122c304be9 Mon Sep 17 00:00:00 2001 From: Alexander Scheel Date: Thu, 8 Jul 2021 13:55:25 -0400 Subject: [PATCH] Manually add missing disa & srg references Also sort some stuff &c. Co-Authored-By: Eduardo Barretto Signed-off-by: Alexander Scheel --- .../services/apt/apt_conf_disallow_unauthenticated/rule.yml | 2 ++ linux_os/guide/services/base/service_kdump_disabled/rule.yml | 4 ++-- .../services/deprecated/package_telnetd_removed/rule.yml | 2 ++ .../sshd_use_approved_ciphers_ordered_stig/rule.yml | 2 +- .../ssh_server/sshd_use_approved_macs_ordered_stig/rule.yml | 2 +- .../set_password_hashing_algorithm_logindefs/rule.yml | 4 ++-- .../smart_card_login/install_smartcard_packages/rule.yml | 2 +- .../smart_card_login/package_opensc_installed/rule.yml | 1 - .../accounts_password_set_min_life_existing/rule.yml | 2 +- linux_os/guide/system/apparmor/apparmor_configured/rule.yml | 2 +- .../audit_rules_execution_chacl/rule.yml | 2 +- .../audit_rules_execution_setfacl/rule.yml | 2 +- .../audit_rules_execution_chcon/rule.yml | 2 +- .../audit_rules_unsuccessful_file_modification_creat/rule.yml | 2 +- .../rule.yml | 2 +- .../audit_rules_unsuccessful_file_modification_open/rule.yml | 2 +- .../rule.yml | 2 +- .../rule.yml | 2 +- .../rule.yml | 2 +- .../audit_rules_kernel_module_loading_delete/rule.yml | 2 +- .../audit_rules_kernel_module_loading_finit/rule.yml | 2 +- .../audit_rules_kernel_module_loading_init/rule.yml | 2 +- .../audit_rules_login_events_faillog/rule.yml | 2 +- .../audit_rules_login_events_lastlog/rule.yml | 2 +- .../audit_rules_login_events_tallylog/rule.yml | 2 +- .../audit_rules_privileged_commands_chage/rule.yml | 2 +- .../audit_rules_privileged_commands_chsh/rule.yml | 2 +- .../audit_rules_privileged_commands_crontab/rule.yml | 2 +- .../audit_rules_privileged_commands_gpasswd/rule.yml | 2 +- .../audit_rules_privileged_commands_modprobe/rule.yml | 2 +- .../audit_rules_privileged_commands_mount/rule.yml | 2 +- .../audit_rules_privileged_commands_newgrp/rule.yml | 2 +- .../rule.yml | 2 +- .../audit_rules_privileged_commands_passwd/rule.yml | 2 +- .../audit_rules_privileged_commands_ssh_agent/rule.yml | 2 +- .../audit_rules_privileged_commands_ssh_keysign/rule.yml | 2 +- .../audit_rules_privileged_commands_su/rule.yml | 2 +- .../audit_rules_privileged_commands_sudo/rule.yml | 2 +- .../audit_rules_privileged_commands_sudoedit/rule.yml | 3 ++- .../audit_rules_privileged_commands_usermod/rule.yml | 2 +- .../rule.yml | 2 +- .../auditing/package_audit-audispd-plugins_installed/rule.yml | 2 +- .../guide/system/auditing/service_auditd_enabled/rule.yml | 2 +- .../system/logging/ensure_rtc_utc_configuration/rule.yml | 2 +- .../guide/system/logging/service_rsyslog_enabled/rule.yml | 4 ++-- .../system/network/network-ufw/package_ufw_installed/rule.yml | 3 +++ .../system/network/network-ufw/service_ufw_enabled/rule.yml | 3 +++ .../dir_permissions_library_dirs/rule.yml | 1 + .../software-integrity/aide/package_aide_installed/rule.yml | 4 ++-- 49 files changed, 59 insertions(+), 48 deletions(-) diff --git a/linux_os/guide/services/apt/apt_conf_disallow_unauthenticated/rule.yml b/linux_os/guide/services/apt/apt_conf_disallow_unauthenticated/rule.yml index 83e1d2e2ae6..3eee6f5ca2c 100644 --- a/linux_os/guide/services/apt/apt_conf_disallow_unauthenticated/rule.yml +++ b/linux_os/guide/services/apt/apt_conf_disallow_unauthenticated/rule.yml @@ -15,4 +15,6 @@ severity: unknown references: anssi: BP28(R15) + disa: CCI-001749 + srg: SRG-OS-000366-GPOS-00153 stigid@ubuntu2004: UBTU-20-010438 diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml index ce021c74a64..a9c91ec7ca9 100644 --- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml +++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml @@ -29,7 +29,7 @@ identifiers: references: cis-csc: 11,12,14,15,3,8,9 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06 - disa: CCI-000366 + disa: CCI-000366,CCI-001190 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e) isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' @@ -37,7 +37,7 @@ references: nist: CM-7(a),CM-7(b),CM-6(a) nist-csf: PR.AC-3,PR.IP-1,PR.PT-3,PR.PT-4 ospp: FMT_SMF_EXT.1.1 - srg: SRG-OS-000480-GPOS-00227 + srg: SRG-OS-000184-GPOS-00078,SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-021300 stigid@rhel7: RHEL-07-021300 stigid@rhel8: RHEL-08-010670 diff --git a/linux_os/guide/services/deprecated/package_telnetd_removed/rule.yml b/linux_os/guide/services/deprecated/package_telnetd_removed/rule.yml index 7bd4eb3e4d5..1b9502009e1 100644 --- a/linux_os/guide/services/deprecated/package_telnetd_removed/rule.yml +++ b/linux_os/guide/services/deprecated/package_telnetd_removed/rule.yml @@ -20,11 +20,13 @@ references: anssi: BP28(R1),NT007(R03) cis-csc: 11,12,14,15,3,8,9 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06 + disa: CCI-000197 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.9.1.2 nist: CM-7(a),CM-7(b),CM-6(a) nist-csf: PR.AC-3,PR.IP-1,PR.PT-3,PR.PT-4 + srg: SRG-OS-000074-GPOS-00042 stigid@ubuntu2004: UBTU-20-010405 template: diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/rule.yml index e164cf3c00a..218f8ca2611 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/rule.yml @@ -31,7 +31,7 @@ identifiers: references: disa: CCI-000068,CCI-000366,CCI-000803,CCI-000877,CCI-002890,CCI-003123 - srg: SRG-OS-000033-GPOS-00014,SRG-OS-000120-GPOS-00061,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174 + srg: SRG-OS-000033-GPOS-00014,SRG-OS-000120-GPOS-00061,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000424-GPOS-00188 stigid@ol7: OL07-00-040110 stigid@rhel7: RHEL-07-040110 stigid@sle15: SLES-15-010160 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/rule.yml index b6c5e7f4b0d..dc0d1f2c1da 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/rule.yml @@ -24,7 +24,7 @@ identifiers: references: disa: CCI-000068,CCI-000803,CCI-000877,CCI-001453,CCI-003123 - srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000394-GPOS-00174 + srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000394-GPOS-00174,SRG-OS-000424-GPOS-00188,SRG-OS-000393-GPOS-00173 stigid@ol7: OL07-00-040400 stigid@rhel7: RHEL-07-040400 stigid@sle15: SLES-15-010270 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml index 7183cf0e538..8a3db48de8e 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml @@ -31,7 +31,7 @@ references: cjis: 5.6.2.2 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.13.11 - disa: CCI-000196 + disa: CCI-000196,CCI-000803 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0418,1055,1402 @@ -39,7 +39,7 @@ references: nist: IA-5(c),IA-5(1)(c),CM-6(a) nist-csf: PR.AC-1,PR.AC-6,PR.AC-7 pcidss: Req-8.2.1 - srg: SRG-OS-000073-GPOS-00041 + srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061 stigid@ol7: OL07-00-010210 stigid@rhel7: RHEL-07-010210 stigid@rhel8: RHEL-08-010110 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml index c6b1af3eb2a..8ddf6a1323d 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml @@ -43,7 +43,7 @@ identifiers: cce@sle15: CCE-83292-3 references: - disa: CCI-000765,CCI-001948,CCI-001953,CCI-001954 + disa: CCI-000765,CCI-000766,CCI-000767,CCI-001948,CCI-001953,CCI-001954 nist: CM-6(a) srg: SRG-OS-000105-GPOS-00052,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000377-GPOS-00162 stigid@ol7: OL07-00-041001 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml index bb43c8516c8..5d88eb4d76c 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml @@ -38,7 +38,6 @@ references: stigid@rhel8: RHEL-08-010410 stigid@ubuntu2004: UBTU-20-010064 vmmsrg: SRG-OS-000376-VMM-001520 - stigid@ubuntu2004: UBTU-20-010064 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml index fec713cdca3..60cd7237f44 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml @@ -25,8 +25,8 @@ identifiers: cce@sle15: CCE-85710-2 references: - disa: CCI-000198 cis@ubuntu2004: 5.4.1.2 + disa: CCI-000198 nist: IA-5(f),IA-5(1)(d),CM-6(a) nist@sle15: IA-5(1).1(v) srg: SRG-OS-000075-GPOS-00043 diff --git a/linux_os/guide/system/apparmor/apparmor_configured/rule.yml b/linux_os/guide/system/apparmor/apparmor_configured/rule.yml index 5dd160b4fc7..5af464f52fd 100644 --- a/linux_os/guide/system/apparmor/apparmor_configured/rule.yml +++ b/linux_os/guide/system/apparmor/apparmor_configured/rule.yml @@ -42,7 +42,7 @@ identifiers: references: disa: CCI-001764,CCI-001774,CCI-002165,CCI-002233,CCI-002235 nist: AC-3(4),AC-6(8),AC-6(10),CM-7(5)(b),CM-7(2),SC-7(21),CM-6(a) - srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123SRG-OS-000312-GPOS-00124,SRG-OS-000324-GPOS-00125,SRG-OS-000326-GPOS-00126,SRG-OS-000370-GPOS-00155,SRG-OS-000480-GPOS-00230,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232 + srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000312-GPOS-00124,SRG-OS-000324-GPOS-00125,SRG-OS-000326-GPOS-00126,SRG-OS-000368-GPOS-00154,SRG-OS-000370-GPOS-00155,SRG-OS-000480-GPOS-00230,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232 stigid@sle12: SLES-12-010600 stigid@sle15: SLES-15-010390 stigid@ubuntu2004: UBTU-20-010439 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml index 735817e4f0c..887dd60469d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml @@ -34,7 +34,7 @@ identifiers: references: disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 stigid@rhel8: RHEL-08-030570 stigid@sle12: SLES-12-020620 stigid@sle15: SLES-15-030440 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml index 341790d7ddc..c73c50fc199 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml @@ -34,7 +34,7 @@ identifiers: references: disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@rhel8: RHEL-08-030330 stigid@sle12: SLES-12-020610 stigid@sle15: SLES-15-030430 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml index 4a5f43376ae..07035b136d9 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml @@ -56,7 +56,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii)AU-12.1(iv),MA-4(1)(a) ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209 stigid@ol7: OL07-00-030580 stigid@rhel7: RHEL-07-030580 stigid@rhel8: RHEL-08-030260 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml index 5c751cb230e..5c19fc7acd3 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml @@ -57,7 +57,7 @@ references: nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000474-GPOS-00219 stigid@ol7: OL07-00-030500 stigid@rhel7: RHEL-07-030500 stigid@rhel8: RHEL-08-030470 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml index 76bcea154bf..5af2e7c8982 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml @@ -60,7 +60,7 @@ references: nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000474-GPOS-00219 stigid@ol7: OL07-00-030550 stigid@rhel7: RHEL-07-030550 stigid@rhel8: RHEL-08-030460 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml index 7c6764d2a01..590c8323b2e 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml @@ -60,7 +60,7 @@ references: nist@sle15: AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),AU-3,AU-3.1,MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000474-GPOS-00219 stigid@ol7: OL07-00-030510 stigid@rhel7: RHEL-07-030510 stigid@rhel8: RHEL-08-030440 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml index 9bb5ffe3fcb..359889d41bf 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml @@ -56,7 +56,7 @@ references: nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000474-GPOS-00219 stigid@ol7: OL07-00-030530 stigid@rhel7: RHEL-07-030530 stigid@rhel8: RHEL-08-030450 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml index c99656cc744..781c29888ae 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml @@ -60,7 +60,7 @@ references: nist@sle15: AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),AU-3,AU-3.1,MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 stigid@ol7: OL07-00-030520 stigid@rhel7: RHEL-07-030520 stigid@rhel8: RHEL-08-030430 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml index 12771beb7e0..3f72c449c44 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml @@ -59,7 +59,7 @@ references: nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 stigid@ol7: OL07-00-030540 stigid@rhel7: RHEL-07-030540 stigid@rhel8: RHEL-08-030420 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml index 052d21b4f05..c95eedb8f26 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml @@ -48,7 +48,7 @@ references: nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 stigid@ol7: OL07-00-030830 stigid@rhel7: RHEL-07-030830 stigid@rhel8: RHEL-08-030390 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml index aa170023215..e79c7653b82 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml @@ -47,7 +47,7 @@ references: nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 stigid@ol7: OL07-00-030821 stigid@rhel7: RHEL-07-030821 stigid@rhel8: RHEL-08-030380 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml index 1d8260432e1..b2d0470fe74 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml @@ -47,7 +47,7 @@ references: nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 stigid@ol7: OL07-00-030820 stigid@rhel7: RHEL-07-030820 stigid@rhel8: RHEL-08-030360 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillog/rule.yml index 97d6874e98f..3e3be3d0d20 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillog/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillog/rule.yml @@ -31,7 +31,7 @@ references: cis@ubuntu2004: 4.1.7 disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a) - srg: SRG-OS-000037-GPOS-00015 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000064-GPOS-00033,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218 stigid@sle12: SLES-12-020760 stigid@ubuntu2004: UBTU-20-010170 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml index 25f578b1f64..289fb9b2a5b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml @@ -48,7 +48,7 @@ references: nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 ospp: FAU_GEN.1.1.c pcidss: Req-10.2.3 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000470-GPOS-00214 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000470-GPOS-00214 stigid@ol7: OL07-00-030620 stigid@rhel7: RHEL-07-030620 stigid@rhel8: RHEL-08-030600 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml index 0da922289c0..fd146b1411b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml @@ -46,7 +46,7 @@ references: nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 ospp: FAU_GEN.1.1.c pcidss: Req-10.2.3 - srg: SRG-OS-000392-GPOS-00172,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218 + srg: SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218 stigid@rhel7: RHEL-07-030600 stigid@sle12: SLES-12-020650 stigid@sle15: SLES-15-030470 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml index b5a9e29d2ec..bc35363401f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml @@ -55,7 +55,7 @@ references: nerc-cip: CIP-004-3 R2.2.2,CIP-004-3 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030660 stigid@rhel7: RHEL-07-030660 stigid@rhel8: RHEL-08-030250 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml index 8cc2b236a9f..94c9c86b58c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml @@ -55,7 +55,7 @@ references: nerc-cip: CIP-004-3 R2.2.2,CIP-004-3 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030720 stigid@rhel7: RHEL-07-030720 stigid@rhel8: RHEL-08-030410 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml index 86633fb6060..0e111fe89c7 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml @@ -54,7 +54,7 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030800 stigid@rhel7: RHEL-07-030800 stigid@rhel8: RHEL-08-030400 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml index ac5bfb2cc57..61be4bfaca0 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml @@ -56,7 +56,7 @@ references: nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030650 stigid@rhel7: RHEL-07-030650 stigid@rhel8: RHEL-08-030370 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml index f70c537064c..d69c9c1d0d3 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml @@ -41,7 +41,7 @@ references: cis@ubuntu2004: 4.1.16 disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist: AU-12(a),AU-12.1(ii),AU-3,AU-3.1,AU-12(c),AU-12.1(iv),MA-4(1)(a) - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000477-GPOS-00222 stigid@sle15: SLES-15-030400 stigid@ubuntu2004: UBTU-20-010296 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml index 4ec785cc53e..66a381c603d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml @@ -45,7 +45,7 @@ references: disa: CCI-000135,CCI-000172,CCI-002884 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000392-GPOS-00172 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030740 stigid@rhel7: RHEL-07-030740 stigid@rhel8: RHEL-08-030300 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml index 4c14ea509c0..4d6c9d0233b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml @@ -56,7 +56,7 @@ references: nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030710 stigid@rhel7: RHEL-07-030710 stigid@rhel8: RHEL-08-030350 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml index c34eeb54c43..51114a5be84 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml @@ -62,7 +62,7 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030810 stigid@rhel7: RHEL-07-030810 stigid@rhel8: RHEL-08-030340 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml index 2af86f50428..374b4cd3ca5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml @@ -55,7 +55,7 @@ references: nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030630 stigid@rhel7: RHEL-07-030630 stigid@rhel8: RHEL-08-030290 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml index f2ebca45506..544dec6b64f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml @@ -36,7 +36,7 @@ references: cis@ubuntu2004: 4.1.11 disa: CCI-000130,CCI-000169,CCI-000172 nist@sle12: AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@rhel8: RHEL-08-030280 stigid@sle12: SLES-12-020310 stigid@sle15: SLES-15-030370 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml index 157101e852d..2e777c8c87a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml @@ -63,7 +63,7 @@ references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030780 stigid@rhel7: RHEL-07-030780 stigid@rhel8: RHEL-08-030320 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml index 87a81ee0c4d..bb97bc98c75 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml @@ -55,7 +55,7 @@ references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-0003,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 stigid@ol7: OL07-00-030680 stigid@rhel7: RHEL-07-030680 stigid@rhel8: RHEL-08-030190 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml index e9890918362..908bce3a200 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml @@ -56,7 +56,7 @@ references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 stigid@ol7: OL07-00-030690 stigid@rhel7: RHEL-07-030690 stigid@rhel8: RHEL-08-030550 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml index 2c2ba644839..adc7374476a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml @@ -51,7 +51,8 @@ references: nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv) ospp: FAU_GEN.1.1.c - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + stigid@rhel7: RHEL-07-030730 stigid@sle15: SLES-15-030330 stigid@ubuntu2004: UBTU-20-010162 vmmsrg: SRG-OS-000471-VMM-001910 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml index 7089016151f..fe083ac6d24 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml @@ -38,7 +38,7 @@ identifiers: references: disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a) - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 stigid@rhel8: RHEL-08-030560 stigid@sle12: SLES-12-020700 stigid@sle15: SLES-15-030500 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml index a7f7a069f7f..9bdab38d95a 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml @@ -44,7 +44,7 @@ references: nist@sle15: AU-4 srg: SRG-OS-000341-GPOS-00132,SRG-OS-000342-GPOS-00133 stigid@rhel8: RHEL-08-030660 - stigid@sle12: SLES-12-020020 + stigid@sle12: SLES-12-020020 stigid@sle15: SLES-15-030660 stigid@ubuntu2004: UBTU-20-010215 diff --git a/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml b/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml index baedd831262..0647fc44c07 100644 --- a/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml +++ b/linux_os/guide/system/auditing/package_audit-audispd-plugins_installed/rule.yml @@ -17,7 +17,7 @@ ocil_clause: 'the package is not installed' references: disa: CCI-001851 nist@sle12: AU-4(1) - srg: SRG-OS-000342-GPOS-00133 + srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224 stigid@sle12: SLES-12-020070 stigid@sle15: SLES-15-030670 stigid@ubuntu2004: UBTU-20-010216 diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml index 1424a905e73..d25b8a3c475 100644 --- a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml +++ b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml @@ -49,7 +49,7 @@ references: nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle12: AU-3,AU-3(1),AU-3(1).1(ii),AU-3.1,AU-6(4),AU-6(4).1,AU-7(1),AU-7(1).1,AU-7(a),AU-14(1),AU-14(1).1,CM-6(b),CM-6.1(iv),MA-4(1)(a) pcidss: Req-10.1 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000480-GPOS-00227,SRG-OS-000062-GPOS-00031 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00020,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000062-GPOS-00031,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220,SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-030000 stigid@rhel7: RHEL-07-030000 stigid@rhel8: RHEL-08-030181 diff --git a/linux_os/guide/system/logging/ensure_rtc_utc_configuration/rule.yml b/linux_os/guide/system/logging/ensure_rtc_utc_configuration/rule.yml index f4d4d91b9e1..363a9a60d61 100644 --- a/linux_os/guide/system/logging/ensure_rtc_utc_configuration/rule.yml +++ b/linux_os/guide/system/logging/ensure_rtc_utc_configuration/rule.yml @@ -17,7 +17,7 @@ rationale: |- severity: high identifiers: - cce@sle12: CCE-83197-4 + cce@sle12: CCE-83197-4 cce@sle15: CCE-85724-3 references: diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml index 04349e68211..16558d5d9f6 100644 --- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml +++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml @@ -24,14 +24,14 @@ references: cis@rhel8: 4.2.1.2 cis@ubuntu2004: 4.2.1.2 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO13.01,BAI03.05,BAI04.04,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 - disa: CCI-001311,CCI-001312,CCI-001557,CCI-001851,CCI-000366 + disa: CCI-001311,CCI-001312,CCI-001557,CCI-001665,CCI-001851,CCI-000366 hipaa: 164.312(a)(2)(ii) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2,SR 7.1,SR 7.2' iso27001-2013: A.12.1.3,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2,A.17.2.1 nist: CM-6(a),AU-4(1) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.DS-4,PR.PT-1 - srg: SRG-OS-000480-GPOS-00227 + srg: SRG-OS-000269-GPOS-00103,SRG-OS-000480-GPOS-00227 stigid@rhel8: RHEL-08-010561 stigid@ubuntu2004: UBTU-20-010432 diff --git a/linux_os/guide/system/network/network-ufw/package_ufw_installed/rule.yml b/linux_os/guide/system/network/network-ufw/package_ufw_installed/rule.yml index 1b9730c53fa..1e4b25304c9 100644 --- a/linux_os/guide/system/network/network-ufw/package_ufw_installed/rule.yml +++ b/linux_os/guide/system/network/network-ufw/package_ufw_installed/rule.yml @@ -20,6 +20,9 @@ severity: medium references: cis@ubuntu2004: 3.5.1.1 + disa: CCI-002314 + srg: SRG-OS-000297-GPOS-00115 + stigid@ubuntu2004: UBTU-20-010433 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/system/network/network-ufw/service_ufw_enabled/rule.yml b/linux_os/guide/system/network/network-ufw/service_ufw_enabled/rule.yml index 60a729b3fbc..2a34d08853d 100644 --- a/linux_os/guide/system/network/network-ufw/service_ufw_enabled/rule.yml +++ b/linux_os/guide/system/network/network-ufw/service_ufw_enabled/rule.yml @@ -16,6 +16,9 @@ severity: medium references: cis@ubuntu2004: 3.5.1.3 + disa: CCI-002314 + srg: SRG-OS-000297-GPOS-00115 + stigid@ubuntu2004: UBTU-20-010434 ocil: |- {{{ ocil_service_enabled(service="ufw") }}} diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml index a0f5aeb949f..145c266c4e8 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml @@ -40,6 +40,7 @@ references: disa: CCI-001499 nerc-cip: CIP-003-3 R6 nist: CM-5,CM-5(6),CM-5(6).1 + srg: SRG-OS-000259-GPOS-00100 stigid@sle12: SLES-12-010872 stigid@sle15: SLES-15-010352 stigid@ubuntu2004: UBTU-20-010427 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml index 51adb67143f..1866e56c044 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml @@ -27,7 +27,7 @@ references: cis@ubuntu2004: 1.4.1 cjis: 5.10.1.3 cobit5: APO01.06,BAI01.06,BAI02.01,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS04.07,DSS05.02,DSS05.03,DSS05.05,DSS05.07,DSS06.02,DSS06.06 - disa: CCI-002699,CCI-001744 + disa: CCI-002696,CCI-002699,CCI-001744 isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4 isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 4.1,SR 6.2,SR 7.6' ism: 1034,1288,1341,1417 @@ -35,7 +35,7 @@ references: nist: CM-6(a) nist-csf: DE.CM-1,DE.CM-7,PR.DS-1,PR.DS-6,PR.DS-8,PR.IP-1,PR.IP-3 pcidss: Req-11.5 - srg: SRG-OS-000363-GPOS-00150 + srg: SRG-OS-000363-GPOS-00150,SRG-OS-000445-GPOS-00199 stigid@rhel8: RHEL-08-010360 stigid@sle12: SLES-12-010500 stigid@sle15: SLES-15-010420