diff --git a/component-definitions/fedora/fedora-cis_fedora-l1_server/component-definition.json b/component-definitions/fedora/fedora-cis_fedora-l1_server/component-definition.json index 1269a6d95..1193ae343 100644 --- a/component-definitions/fedora/fedora-cis_fedora-l1_server/component-definition.json +++ b/component-definitions/fedora/fedora-cis_fedora-l1_server/component-definition.json @@ -3,8 +3,8 @@ "uuid": "77a62ff1-d5eb-47f8-a08f-063352e9479f", "metadata": { "title": "Component definition for fedora", - "last-modified": "2025-12-11T18:31:36.606568+00:00", - "version": "1.5", + "last-modified": "2025-12-17T11:20:02.273422+00:00", + "version": "1.6", "oscal-version": "1.1.3" }, "components": [ @@ -689,7 +689,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -707,7 +707,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -9921,7 +9921,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -9939,7 +9939,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/fedora/fedora-cis_fedora-l1_workstation/component-definition.json b/component-definitions/fedora/fedora-cis_fedora-l1_workstation/component-definition.json index 3bae2d701..5b0be5fa2 100644 --- a/component-definitions/fedora/fedora-cis_fedora-l1_workstation/component-definition.json +++ b/component-definitions/fedora/fedora-cis_fedora-l1_workstation/component-definition.json @@ -3,8 +3,8 @@ "uuid": "e4c9973a-dbda-48c4-8081-bf2dbfe65692", "metadata": { "title": "Component definition for fedora", - "last-modified": "2025-12-11T18:32:22.407336+00:00", - "version": "1.5", + "last-modified": "2025-12-17T11:20:51.860810+00:00", + "version": "1.6", "oscal-version": "1.1.3" }, "components": [ @@ -689,7 +689,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -707,7 +707,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -9701,7 +9701,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -9719,7 +9719,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/fedora/fedora-cis_fedora-l2_server/component-definition.json b/component-definitions/fedora/fedora-cis_fedora-l2_server/component-definition.json index 48f1b5fbb..6373fcf5b 100644 --- a/component-definitions/fedora/fedora-cis_fedora-l2_server/component-definition.json +++ b/component-definitions/fedora/fedora-cis_fedora-l2_server/component-definition.json @@ -3,8 +3,8 @@ "uuid": "76afcd42-7a9d-433c-b495-ef156395719c", "metadata": { "title": "Component definition for fedora", - "last-modified": "2025-12-11T18:30:49.925024+00:00", - "version": "1.7", + "last-modified": "2025-12-17T11:19:11.439838+00:00", + "version": "1.8", "oscal-version": "1.1.3" }, "components": [ @@ -869,7 +869,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -887,7 +887,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -12963,7 +12963,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -12981,7 +12981,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/fedora/fedora-cis_fedora-l2_workstation/component-definition.json b/component-definitions/fedora/fedora-cis_fedora-l2_workstation/component-definition.json index 22adf3375..93a5f7f87 100644 --- a/component-definitions/fedora/fedora-cis_fedora-l2_workstation/component-definition.json +++ b/component-definitions/fedora/fedora-cis_fedora-l2_workstation/component-definition.json @@ -3,8 +3,8 @@ "uuid": "5c3c7cf2-7b25-40ff-b6fe-74a80316f83a", "metadata": { "title": "Component definition for fedora", - "last-modified": "2025-12-11T18:33:12.953082+00:00", - "version": "1.7", + "last-modified": "2025-12-17T11:21:49.392170+00:00", + "version": "1.8", "oscal-version": "1.1.3" }, "components": [ @@ -869,7 +869,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -887,7 +887,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -12817,7 +12817,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -12835,7 +12835,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/fedora/fedora-cusp_fedora-default/component-definition.json b/component-definitions/fedora/fedora-cusp_fedora-default/component-definition.json index 264e5eca4..834e2c9c2 100644 --- a/component-definitions/fedora/fedora-cusp_fedora-default/component-definition.json +++ b/component-definitions/fedora/fedora-cusp_fedora-default/component-definition.json @@ -3,8 +3,8 @@ "uuid": "2d7b24b2-1bb9-4f44-b6d1-9c6b27c84fe0", "metadata": { "title": "Component definition for fedora", - "last-modified": "2025-12-11T18:33:57.584736+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:22:40.240960+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -473,7 +473,7 @@ { "name": "Parameter_Value_Alternatives_24", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -491,7 +491,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -6387,7 +6387,7 @@ { "name": "Parameter_Value_Alternatives_24", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -6405,7 +6405,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel10/rhel10-anssi-enhanced/component-definition.json b/component-definitions/rhel10/rhel10-anssi-enhanced/component-definition.json index b276b43fb..75685c449 100644 --- a/component-definitions/rhel10/rhel10-anssi-enhanced/component-definition.json +++ b/component-definitions/rhel10/rhel10-anssi-enhanced/component-definition.json @@ -3,8 +3,8 @@ "uuid": "e2f03e22-a04d-43b6-b9bd-963705759d02", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:21:44.162974+00:00", - "version": "1.3", + "last-modified": "2025-12-17T11:09:07.029335+00:00", + "version": "1.4", "oscal-version": "1.1.3" }, "components": [ @@ -365,7 +365,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -383,7 +383,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -959,3499 +959,3511 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_password_auth", + "value": "accounts_password_pam_unix_rounds_system_auth", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - password-auth", + "value": "Set number of Password Hashing Rounds - system-auth", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_unix_rounds_password_auth", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Set number of Password Hashing Rounds - password-auth", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_password", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Boot Loader Password in grub2", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_l1tf_argument", + "value": "grub2_password", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure L1 Terminal Fault mitigations", + "value": "Set Boot Loader Password in grub2", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_page_poison_argument", + "value": "grub2_l1tf_argument", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable page allocator poisoning", + "value": "Configure L1 Terminal Fault mitigations", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_pti_argument", + "value": "grub2_page_poison_argument", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Page-Table Isolation (KPTI)", + "value": "Enable page allocator poisoning", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_slab_nomerge_argument", + "value": "grub2_pti_argument", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable merging of slabs with similar size", + "value": "Enable Kernel Page-Table Isolation (KPTI)", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_slub_debug_argument", + "value": "grub2_slab_nomerge_argument", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SLUB/SLAB allocator poisoning", + "value": "Disable merging of slabs with similar size", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_spec_store_bypass_disable_argument", + "value": "grub2_slub_debug_argument", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Speculative Store Bypass Mitigation", + "value": "Enable SLUB/SLAB allocator poisoning", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_spectre_v2_argument", + "value": "grub2_spec_store_bypass_disable_argument", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Spectre v2 mitigation", + "value": "Configure Speculative Store Bypass Mitigation", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_mds_argument", + "value": "grub2_spectre_v2_argument", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Microarchitectural Data Sampling mitigation", + "value": "Enforce Spectre v2 mitigation", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_mce_argument", + "value": "grub2_mds_argument", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Force kernel panic on uncorrected MCEs", + "value": "Configure Microarchitectural Data Sampling mitigation", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_page_alloc_shuffle_argument", + "value": "grub2_mce_argument", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable randomization of the page allocator", + "value": "Force kernel panic on uncorrected MCEs", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_rng_core_default_quality_argument", + "value": "grub2_page_alloc_shuffle_argument", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the confidence in TPM for entropy", + "value": "Enable randomization of the page allocator", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_vm_mmap_min_addr", + "value": "grub2_rng_core_default_quality_argument", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent applications from mapping low portion of virtual memory", + "value": "Configure the confidence in TPM for entropy", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_vm_mmap_min_addr", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Prevent applications from mapping low portion of virtual memory", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_pid_max", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure maximum number of process identifiers", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_event_max_sample_rate", + "value": "sysctl_kernel_pid_max", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit sampling frequency of the Perf system", + "value": "Configure maximum number of process identifiers", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_cpu_time_max_percent", + "value": "sysctl_kernel_perf_event_max_sample_rate", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit CPU consumption of the Perf system", + "value": "Limit sampling frequency of the Perf system", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_event_paranoid", + "value": "sysctl_kernel_perf_cpu_time_max_percent", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disallow kernel profiling by unprivileged users", + "value": "Limit CPU consumption of the Perf system", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "sysctl_kernel_perf_event_paranoid", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Disallow kernel profiling by unprivileged users", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_sysrq", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disallow magic SysRq key", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_unprivileged_bpf_disabled", + "value": "sysctl_kernel_sysrq", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", + "value": "Disallow magic SysRq key", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_panic_on_oops", + "value": "sysctl_kernel_unprivileged_bpf_disabled", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Kernel panic on oops", + "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "sysctl_kernel_panic_on_oops", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Kernel panic on oops", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_core_bpf_jit_harden", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Harden the operation of the BPF just-in-time compiler", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_core_bpf_jit_harden", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Harden the operation of the BPF just-in-time compiler", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_local", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Packets Routed Between Local Interfaces", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_local", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Disable Accepting Packets Routed Between Local Interfaces", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_shared_media", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_shared_media", + "value": "sysctl_net_ipv4_conf_all_shared_media", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Sending and Accepting Shared Media Redirects by Default", + "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_shared_media", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Configure Sending and Accepting Shared Media Redirects by Default", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_arp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure ARP filtering for All IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_arp_ignore", + "value": "sysctl_net_ipv4_conf_all_arp_filter", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", + "value": "Configure ARP filtering for All IPv4 Interfaces", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_route_localnet", + "value": "sysctl_net_ipv4_conf_all_arp_ignore", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", + "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", + "value": "sysctl_net_ipv4_conf_all_route_localnet", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", + "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_local_port_range", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Kernel Parameter to Increase Local Port Range", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_rfc1337", + "value": "sysctl_net_ipv4_ip_local_port_range", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", + "value": "Set Kernel Parameter to Increase Local Port Range", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv4_tcp_rfc1337", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_router_solicitations", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_router_solicitations", + "value": "sysctl_net_ipv6_conf_all_router_solicitations", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", + "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", + "value": "sysctl_net_ipv6_conf_default_router_solicitations", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", + "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", + "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", + "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", + "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", + "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_autoconf", + "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Auto Configuration on All IPv6 Interfaces", + "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_autoconf", + "value": "sysctl_net_ipv6_conf_all_autoconf", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", + "value": "Configure Auto Configuration on All IPv6 Interfaces", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_autoconf", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_max_addresses", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_max_addresses", + "value": "sysctl_net_ipv6_conf_all_max_addresses", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", + "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_net_ipv6_conf_default_max_addresses", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_fifos", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_regular", + "value": "sysctl_fs_protected_fifos", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Regular files", + "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_symlinks", + "value": "sysctl_fs_protected_regular", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", + "value": "Enable Kernel Parameter to Enforce DAC on Regular files", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_fs_protected_symlinks", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_nodev_nonroot_local_partitions", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nodev Option to Non-Root Local Partitions", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_boot", + "value": "mount_option_nodev_nonroot_local_partitions", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /boot Located On Separate Partition", + "value": "Add nodev Option to Non-Root Local Partitions", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_boot_nosuid", + "value": "partition_for_boot", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /boot", + "value": "Ensure /boot Located On Separate Partition", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_boot_noexec", + "value": "mount_option_boot_nosuid", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /boot", + "value": "Add nosuid Option to /boot", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_opt", + "value": "mount_option_boot_noexec", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /opt Located On Separate Partition", + "value": "Add noexec Option to /boot", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_opt_nosuid", + "value": "partition_for_opt", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /opt", + "value": "Ensure /opt Located On Separate Partition", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "systemd_tmp_mount_enabled", + "value": "mount_option_opt_nosuid", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure tmp.mount Unit Is Enabled", + "value": "Add nosuid Option to /opt", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_tmp_nosuid", + "value": "systemd_tmp_mount_enabled", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /tmp", + "value": "Ensure tmp.mount Unit Is Enabled", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_tmp_noexec", + "value": "mount_option_tmp_nosuid", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /tmp", + "value": "Add nosuid Option to /tmp", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_srv", + "value": "mount_option_tmp_noexec", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /srv Located On Separate Partition", + "value": "Add noexec Option to /tmp", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_srv_nosuid", + "value": "partition_for_srv", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /srv", + "value": "Ensure /srv Located On Separate Partition", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_home", + "value": "mount_option_srv_nosuid", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /home Located On Separate Partition", + "value": "Add nosuid Option to /srv", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_home_nosuid", + "value": "partition_for_home", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /home", + "value": "Ensure /home Located On Separate Partition", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_home_noexec", + "value": "mount_option_home_nosuid", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /home", + "value": "Add nosuid Option to /home", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_usr", + "value": "mount_option_home_noexec", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /usr Located On Separate Partition", + "value": "Add noexec Option to /home", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var", + "value": "partition_for_usr", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var Located On Separate Partition", + "value": "Ensure /usr Located On Separate Partition", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_nosuid", + "value": "partition_for_var", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var", + "value": "Ensure /var Located On Separate Partition", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_noexec", + "value": "mount_option_var_nosuid", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var", + "value": "Add nosuid Option to /var", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_log", + "value": "mount_option_var_noexec", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/log Located On Separate Partition", + "value": "Add noexec Option to /var", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_log_noexec", + "value": "partition_for_var_log", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var/log", + "value": "Ensure /var/log Located On Separate Partition", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_log_nosuid", + "value": "mount_option_var_log_noexec", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var/log", + "value": "Add noexec Option to /var/log", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_tmp", + "value": "mount_option_var_log_nosuid", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/tmp Located On Separate Partition", + "value": "Add nosuid Option to /var/log", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_tmp_nosuid", + "value": "partition_for_var_tmp", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var/tmp", + "value": "Ensure /var/tmp Located On Separate Partition", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_tmp_noexec", + "value": "mount_option_var_tmp_nosuid", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var/tmp", + "value": "Add nosuid Option to /var/tmp", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "logind_session_timeout", + "value": "mount_option_var_tmp_noexec", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Logind to terminate idle sessions after certain time of inactivity", + "value": "Add noexec Option to /var/tmp", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "logind_session_timeout", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Configure Logind to terminate idle sessions after certain time of inactivity", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_direct_root_logins", + "value": "accounts_tmout", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Direct root Logins Not Allowed", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "no_direct_root_logins", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Direct root Logins Not Allowed", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sshd_disable_root_login", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Disable SSH Root Login", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands_sudo", + "value": "package_sudo_installed", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", + "value": "Install sudo Package", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "audit_rules_privileged_commands_sudo", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "service_auditd_enabled", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Enable auditd Service", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_noexec", + "value": "package_audit_installed", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_requiretty", + "value": "sudo_add_noexec", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", + "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_add_requiretty", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_ignore_dot", + "value": "sudo_add_use_pty", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_env_reset", + "value": "sudo_add_ignore_dot", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", + "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_no_root_target", + "value": "sudo_add_env_reset", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Don't target root user in the sudoers file", + "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_no_command_negation", + "value": "sudoers_no_root_target", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Don't define allowed commands in sudoers by means of exclusion", + "value": "Don't target root user in the sudoers file", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_explicit_command_args", + "value": "sudoers_no_command_negation", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Explicit arguments in sudo specifications", + "value": "Don't define allowed commands in sudoers by means of exclusion", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shadow", + "value": "sudoers_explicit_command_args", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns shadow File", + "value": "Explicit arguments in sudo specifications", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shadow", + "value": "file_owner_etc_shadow", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns shadow File", + "value": "Verify User Who Owns shadow File", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shadow", + "value": "file_groupowner_etc_shadow", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on shadow File", + "value": "Verify Group Who Owns shadow File", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_gshadow", + "value": "file_permissions_etc_shadow", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns gshadow File", + "value": "Verify Permissions on shadow File", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_gshadow", + "value": "file_owner_etc_gshadow", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns gshadow File", + "value": "Verify User Who Owns gshadow File", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_gshadow", + "value": "file_groupowner_etc_gshadow", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on gshadow File", + "value": "Verify Group Who Owns gshadow File", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_passwd", + "value": "file_permissions_etc_gshadow", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns passwd File", + "value": "Verify Permissions on gshadow File", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_passwd", + "value": "file_owner_etc_passwd", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns passwd File", + "value": "Verify User Who Owns passwd File", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_passwd", + "value": "file_groupowner_etc_passwd", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on passwd File", + "value": "Verify Group Who Owns passwd File", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_group", + "value": "file_permissions_etc_passwd", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns group File", + "value": "Verify Permissions on passwd File", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_group", + "value": "file_owner_etc_group", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns group File", + "value": "Verify User Who Owns group File", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_group", + "value": "file_groupowner_etc_group", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on group File", + "value": "Verify Group Who Owns group File", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shells", + "value": "file_permissions_etc_group", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Who Owns /etc/shells File", + "value": "Verify Permissions on group File", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shells", + "value": "file_owner_etc_shells", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/shells File", + "value": "Verify Who Owns /etc/shells File", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shells", + "value": "file_groupowner_etc_shells", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/shells File", + "value": "Verify Group Who Owns /etc/shells File", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_group_ownership", + "value": "file_permissions_etc_shells", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Group-Owned By The Primary Group", + "value": "Verify Permissions on /etc/shells File", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_user_ownership", + "value": "accounts_user_dot_group_ownership", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Owned By the Primary User", + "value": "User Initialization Files Must Be Group-Owned By The Primary Group", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_users_home_files_groupownership", + "value": "accounts_user_dot_user_ownership", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", + "value": "User Initialization Files Must Be Owned By the Primary User", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_users_home_files_ownership", + "value": "accounts_users_home_files_groupownership", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", + "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_users_home_files_permissions", + "value": "accounts_users_home_files_ownership", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", + "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permission_user_init_files", + "value": "accounts_users_home_files_permissions", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", + "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_system_commands_group_root_owned", + "value": "file_permission_user_init_files", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that system commands directories have root as a group owner", + "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_system_commands_root_owned", + "value": "dir_system_commands_group_root_owned", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that system commands directories have root ownership", + "value": "Verify that system commands directories have root as a group owner", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_system_commands_dirs", + "value": "dir_system_commands_root_owned", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that system commands files are group owned by root or a system account", + "value": "Verify that system commands directories have root ownership", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_binary_dirs", + "value": "file_groupownership_system_commands_dirs", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Root Ownership", + "value": "Verify that system commands files are group owned by root or a system account", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_binary_dirs", + "value": "file_ownership_binary_dirs", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Restrictive Permissions", + "value": "Verify that System Executables Have Root Ownership", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_permissions_binary_dirs", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify that System Executables Have Restrictive Permissions", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "file_owner_sshd_config", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_etc_selinux", + "value": "file_permissions_sshd_config", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/selinux Directory", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_etc_selinux", + "value": "directory_owner_etc_selinux", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/selinux Directory", + "value": "Verify User Who Owns /etc/selinux Directory", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_etc_selinux", + "value": "directory_groupowner_etc_selinux", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/selinux Directory", + "value": "Verify Group Who Owns /etc/selinux Directory", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_sestatus_conf", + "value": "directory_permissions_etc_selinux", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/sestatus.conf File", + "value": "Verify Permissions On /etc/selinux Directory", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_sestatus_conf", + "value": "file_owner_etc_sestatus_conf", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/sestatus.conf File", + "value": "Verify User Who Owns /etc/sestatus.conf File", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_sestatus_conf", + "value": "file_groupowner_etc_sestatus_conf", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/sestatus.conf File", + "value": "Verify Group Who Owns /etc/sestatus.conf File", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_etc_ipsecd", + "value": "file_permissions_etc_sestatus_conf", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/ipsec.d Directory", + "value": "Verify Permissions On /etc/sestatus.conf File", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_etc_ipsecd", + "value": "directory_owner_etc_ipsecd", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/ipsec.d Directory", + "value": "Verify User Who Owns /etc/ipsec.d Directory", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_etc_ipsecd", + "value": "directory_groupowner_etc_ipsecd", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/ipsec.d Directory", + "value": "Verify Group Who Owns /etc/ipsec.d Directory", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_ipsec_conf", + "value": "directory_permissions_etc_ipsecd", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/ipsec.conf File", + "value": "Verify Permissions On /etc/ipsec.d Directory", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_ipsec_conf", + "value": "file_owner_etc_ipsec_conf", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/ipsec.conf File", + "value": "Verify User Who Owns /etc/ipsec.conf File", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_ipsec_conf", + "value": "file_groupowner_etc_ipsec_conf", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/ipsec.conf File", + "value": "Verify Group Who Owns /etc/ipsec.conf File", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_ipsec_secrets", + "value": "file_permissions_etc_ipsec_conf", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/ipsec.secrets File", + "value": "Verify Permissions On /etc/ipsec.conf File", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_ipsec_secrets", + "value": "file_owner_etc_ipsec_secrets", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/ipsec.secrets File", + "value": "Verify User Who Owns /etc/ipsec.secrets File", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_ipsec_secrets", + "value": "file_groupowner_etc_ipsec_secrets", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/ipsec.secrets File", + "value": "Verify Group Who Owns /etc/ipsec.secrets File", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_etc_iptables", + "value": "file_permissions_etc_ipsec_secrets", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/iptables Directory", + "value": "Verify Permissions On /etc/ipsec.secrets File", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_etc_iptables", + "value": "directory_owner_etc_iptables", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/iptables Directory", + "value": "Verify User Who Owns /etc/iptables Directory", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_etc_iptables", + "value": "directory_groupowner_etc_iptables", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/iptables Directory", + "value": "Verify Group Who Owns /etc/iptables Directory", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_etc_nftables", + "value": "directory_permissions_etc_iptables", + "remarks": "rule_set_197" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Verify Permissions On /etc/iptables Directory", "remarks": "rule_set_197" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "directory_owner_etc_nftables", + "remarks": "rule_set_198" + }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmep_argument_absent", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMEP is not disabled during boot", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmap_argument_absent", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMAP is not disabled during boot", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_enable_iommu_force", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "IOMMU configuration directive", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_modules_disabled", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable loading and unloading of kernel modules", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_grub2_cfg", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Group Ownership", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_grub2_cfg", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg User Ownership", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_grub2_cfg", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Permissions", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_user_cfg", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Group Ownership", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_user_cfg", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg User Ownership", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_user_cfg", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Permissions", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_systemmap", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns System.map Files", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_systemmap", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns System.map Files", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_systemmap", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on System.map Files", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_bashrc", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Bash Umask is Set Correctly", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_login_defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in login.defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in /etc/profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_dedicated_group", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure a dedicated group owns sudo", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sudo", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure That the sudo Binary Has the Correct Permissions", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog-gnutls_installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog-gnutls is installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_logrotate_activated", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logrotate Runs Periodically", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" } ], "control-implementations": [ { - "uuid": "cb9e849c-ffc2-4370-80c4-db782c06adb5", + "uuid": "ef8d097d-c363-4e41-bd40-fb23d5796073", "source": "trestle://profiles/rhel10-anssi-enhanced/profile.json", "description": "Control implementation for anssi_bp28_enhanced", "props": [ @@ -4687,7 +4699,7 @@ ], "implemented-requirements": [ { - "uuid": "c53f6007-bb65-43e0-89f1-a5a784d2bb70", + "uuid": "0affcff4-d7d4-4ffe-bd83-c05c9c35f3e3", "control-id": "r1", "description": "This requirement can be checked, but remediation requires manual reinstall of the OS. The content automation cannot really configure the BIOS, but can in some cases, check settings that are visible to the OS. Like for example the NX/DX setting.", "props": [ @@ -4709,7 +4721,7 @@ ] }, { - "uuid": "1450571b-b8dd-41d0-9f79-e5f2a81c2e9c", + "uuid": "fa05eb73-b9af-40eb-9c78-983b5123bf27", "control-id": "r7", "description": "No notes for control-id R7.", "props": [ @@ -4726,7 +4738,7 @@ ] }, { - "uuid": "116ea3c2-e2d0-48de-939e-b7e09330692f", + "uuid": "a0da052c-6caa-40ac-99de-38c76dc1fa64", "control-id": "r10", "description": "No notes for control-id R10.", "props": [ @@ -4743,7 +4755,7 @@ ] }, { - "uuid": "7dcde1bb-0912-41c9-913c-20ab4f6bcec2", + "uuid": "6148cb9f-8daa-4956-8eac-7f35d91b4daf", "control-id": "r29", "description": "The /boot partition mounted is essential to perform certain administrative actions, for example updating the kernel. Therefore, for better stability, in this requirement only rules to restrict the access to /boot are selected. It is not changed how the /boot is mounted.", "props": [ @@ -4800,7 +4812,7 @@ ] }, { - "uuid": "9367b740-353f-454c-949d-8615db1f79cf", + "uuid": "3fed6745-1a1e-4d8f-9cbb-fd26b2300718", "control-id": "r36", "description": "There are cases of Systemd services which would stop working in case umask would be configured to 0027 for all services. One such example is the Cups service which needs to create sockets which need to be available for all users. Therefore, this part of the requirement can't be automated.", "props": [ @@ -4827,7 +4839,7 @@ ] }, { - "uuid": "4b669eb9-f15f-405f-9805-f1b1276b636c", + "uuid": "81939b69-41f4-4220-be29-a86b30e35e7c", "control-id": "r37", "description": "Other partitioning mechanisms can include chroot and containers and are not contemplated in this requirement.", "props": [ @@ -4844,7 +4856,7 @@ ] }, { - "uuid": "385debfa-27cc-4b83-ba2e-d89728bb4117", + "uuid": "195ba972-d548-4dd8-88ac-7ac47fc10d7d", "control-id": "r38", "description": "No notes for control-id R38.", "props": [ @@ -4866,7 +4878,7 @@ ] }, { - "uuid": "1b08e27e-118b-408a-8658-5da3d1814354", + "uuid": "379392af-a33b-4fe8-9b0a-ee2f97f28e02", "control-id": "r41", "description": "The description for control-id r41.", "props": [ @@ -4879,7 +4891,7 @@ ] }, { - "uuid": "b0b3967c-88e7-482b-80e8-c8121d366d2e", + "uuid": "ced6bab8-d012-4791-b151-cbad17b41629", "control-id": "r45", "description": "No notes for control-id R45.", "props": [ @@ -4891,7 +4903,7 @@ ] }, { - "uuid": "d175d39f-7277-4860-acae-2443e85d0b09", + "uuid": "50142b6a-ae60-4c83-92e4-8b80bc4cc7cd", "control-id": "r51", "description": "This concerns two aspects, the first is administrative, and involves prompt installation of secrets or trusted elements by the sysadmin. The second involves removal of any default secret or trusted element configured by the operating system during install process, e.g. default known passwords.", "props": [ @@ -4903,7 +4915,7 @@ ] }, { - "uuid": "91b5040a-1b81-4f24-97a3-f384cdb857c4", + "uuid": "265f9773-6eb6-45c0-9705-d1aa41e03728", "control-id": "r57", "description": "The description for control-id r57.", "props": [ @@ -4916,7 +4928,7 @@ ] }, { - "uuid": "7937f8aa-8c5f-4c0d-8682-a83eecaccfde", + "uuid": "f348f527-696d-4bc3-80ea-3ba74d204e08", "control-id": "r60", "description": "The description for control-id r60.", "props": [ @@ -4929,7 +4941,7 @@ ] }, { - "uuid": "0097ff03-e38b-471f-b369-8dff892ce270", + "uuid": "442e86e4-f4b7-4e10-8cdd-b3edd21b1e4f", "control-id": "r64", "description": "SELinux policies limit the privileges of services and daemons just to those which are required. The policies should be enough to restrict the services' privileges to its essentials, but the automated content cannot assess whether they are the minimum required for the deployment.", "props": [ @@ -4946,7 +4958,7 @@ ] }, { - "uuid": "27dabb73-59c5-41d3-b4be-64ec18d70300", + "uuid": "deba73c1-87b9-4fa2-aca7-b1d6b280cf2d", "control-id": "r65", "description": "The description for control-id r65.", "props": [ @@ -4959,7 +4971,7 @@ ] }, { - "uuid": "9c06f2f3-4924-44cb-b5a4-e5b0abb37e6c", + "uuid": "c3128c33-34ac-407b-b363-7b266a3e3a40", "control-id": "r71", "description": "A lot of recommendations and requirements from the DAT-PA-012 document are administrative and hard to automate. The rules selected below address a few of the aspects that can be covered, keep in mind that these configurations should be customized for the systems deployment requirements.", "props": [ @@ -5046,7 +5058,7 @@ ] }, { - "uuid": "0086511f-dc35-4899-b7f1-56e20a3e81d6", + "uuid": "93bea96b-16d7-43fa-90ce-9614e8acadf2", "control-id": "r72", "description": "No notes for control-id R72.", "props": [ @@ -5058,7 +5070,7 @@ ] }, { - "uuid": "d109fa7a-42db-4488-b05a-866dc45ec1eb", + "uuid": "733d7eb9-0330-494b-8e37-4039d8fd338d", "control-id": "r73", "description": "No notes for control-id R73.", "props": [ @@ -5350,7 +5362,7 @@ ] }, { - "uuid": "108cfe37-4a68-4d99-86ab-138dedfc6fb3", + "uuid": "e3814227-4f0a-435b-8c00-2071b122e2c7", "control-id": "r78", "description": "The description for control-id r78.", "props": [ @@ -5363,7 +5375,7 @@ ] }, { - "uuid": "f90acfeb-67bd-4258-982a-9efb22235a39", + "uuid": "8db38de8-c210-40b3-bc85-71a1a7afd584", "control-id": "r2", "description": "The description for control-id r2.", "props": [ @@ -5376,7 +5388,7 @@ ] }, { - "uuid": "2fd26866-d60b-4de9-875f-e9bcd8261f04", + "uuid": "c6d1b67d-145d-4a50-a69c-0d8e9ee12975", "control-id": "r3", "description": "The description for control-id r3.", "props": [ @@ -5389,7 +5401,7 @@ ] }, { - "uuid": "c0fbc6e8-4c86-4483-956a-3afc46c8ad64", + "uuid": "22ce8f3b-23b7-4287-9c2b-c15922ac5393", "control-id": "r5", "description": "No notes for control-id R5.", "props": [ @@ -5406,7 +5418,7 @@ ] }, { - "uuid": "579bb1b5-b636-4c6f-a9f3-ace7681af7bb", + "uuid": "ec826bf9-cc5c-40d9-8e2c-e0b6969e2f2d", "control-id": "r8", "description": "No notes for control-id R8.", "props": [ @@ -5478,7 +5490,7 @@ ] }, { - "uuid": "a5fa48b2-cdf3-4416-9175-3dd152cd010d", + "uuid": "e93de77b-3526-4d62-817c-52c3a2a7ac14", "control-id": "r9", "description": "No notes for control-id R9.", "props": [ @@ -5540,7 +5552,7 @@ ] }, { - "uuid": "ffc55ee9-32ed-4b7f-8847-e1fc1d13806e", + "uuid": "6ad84d41-2422-4569-9413-776510a63a19", "control-id": "r11", "description": "No notes for control-id R11.", "props": [ @@ -5557,7 +5569,7 @@ ] }, { - "uuid": "3faf49bd-5c69-47ec-b42d-87b33666a0e1", + "uuid": "23c840f8-2584-4413-b846-b180fa153fac", "control-id": "r12", "description": "No notes for control-id R12.", "props": [ @@ -5684,7 +5696,7 @@ ] }, { - "uuid": "8f2e429e-c4a1-4e59-ae0a-d746973ada84", + "uuid": "529b0fcd-8b99-41fa-a0b6-73b46f88e2f5", "control-id": "r13", "description": "When IPv6 is not in use, disable it, otherwise secure the IPv6 stack. This control hardens the IPv6 stack, to disable it use the related rules instead.", "props": [ @@ -5776,7 +5788,7 @@ ] }, { - "uuid": "f956198f-9f3e-4f73-9c81-9ba064fbbafb", + "uuid": "03b61677-a9b5-42fd-9ff1-3ab5bdda1116", "control-id": "r14", "description": "The rule for the /proc file system is not implemented", "props": [ @@ -5813,7 +5825,7 @@ ] }, { - "uuid": "a4087751-e3da-4742-95f1-2155d4523e85", + "uuid": "455c8b27-9098-48b2-9ac4-89f9479777b9", "control-id": "r28", "description": "No notes for control-id R28.", "props": [ @@ -5945,7 +5957,7 @@ ] }, { - "uuid": "ddb4f984-ce3e-452e-b333-67c0c17388a1", + "uuid": "ba72227f-85d4-4c13-800a-32bc02abd41f", "control-id": "r32", "description": "ANSSI doesn't specify the length of the inactivity period, we are choosing 10 minutes as reasonable number.", "props": [ @@ -5967,7 +5979,7 @@ ] }, { - "uuid": "af22e84b-2286-4524-8835-fcca9b35d4bc", + "uuid": "302235af-20e7-40e9-ba1a-b454eb1e44b0", "control-id": "r33", "description": "By disabling direct root logins proper accountability is ensured. Users will login first, then escalate to privileged (root) access. Change of privilege operations must be based on executables to monitor the activities performed (for example sudo). Nonetheless, the content automation cannot ensure that each administrator was given a nominative administration account separate from his normal user account.", "props": [ @@ -6009,7 +6021,7 @@ ] }, { - "uuid": "4ce630a2-95d9-40f1-ab61-3d6fc0bc15ce", + "uuid": "825c4188-ea74-4342-b71d-dfe5ffd63e1a", "control-id": "r34", "description": "The description for control-id r34.", "props": [ @@ -6022,7 +6034,7 @@ ] }, { - "uuid": "b09cacb1-f0b0-4d2b-b1c7-fa6e875512a1", + "uuid": "a4d52af0-d928-4e13-b023-a34747f6a9b9", "control-id": "r35", "description": "The description for control-id r35.", "props": [ @@ -6035,7 +6047,7 @@ ] }, { - "uuid": "12fd3c2f-07f9-4e84-8f43-6cdbb91c2dad", + "uuid": "be8bc6b4-ab82-43d8-b332-0f717d444023", "control-id": "r39", "description": "No notes for control-id R39.", "props": [ @@ -6072,7 +6084,7 @@ ] }, { - "uuid": "0c2576c5-8fa4-4a24-ba9f-2c224ba0924e", + "uuid": "d40d57e0-7ebb-4c2a-9abf-a2ede74b0a77", "control-id": "r40", "description": "No notes for control-id R40.", "props": [ @@ -6089,7 +6101,7 @@ ] }, { - "uuid": "475ff88f-7d73-4b81-ac23-347a9bab9a95", + "uuid": "09c6ada9-391b-4816-82df-88611ca3a24f", "control-id": "r42", "description": "No notes for control-id R42.", "props": [ @@ -6106,7 +6118,7 @@ ] }, { - "uuid": "d6e4a5d3-9ec9-42d1-88c3-f40cadc088b9", + "uuid": "8b90e87f-7062-41d5-aeb3-9c6398848f7b", "control-id": "r43", "description": "No notes for control-id R43.", "props": [ @@ -6123,7 +6135,7 @@ ] }, { - "uuid": "e63ad4e9-49f6-485b-86c3-ec7d6ca75cef", + "uuid": "a0244651-5fb7-4dd7-aa20-368170cceda6", "control-id": "r44", "description": "The description for control-id r44.", "props": [ @@ -6136,7 +6148,7 @@ ] }, { - "uuid": "56f590e6-c6d1-4ada-ade1-520b123c6db1", + "uuid": "859e0400-49a2-49ee-94f0-f790bd72f946", "control-id": "r50", "description": "No notes for control-id R50.", "props": [ @@ -6503,7 +6515,7 @@ ] }, { - "uuid": "af6c13f4-5d21-4ccd-a849-2e5c0e126f9a", + "uuid": "5c0d74a1-6299-4bc0-a396-f5af88ba3395", "control-id": "r52", "description": "The description for control-id r52.", "props": [ @@ -6516,7 +6528,7 @@ ] }, { - "uuid": "649422fb-53ed-4214-b2c5-0efce097db7a", + "uuid": "ebf78ded-f4bf-4ab0-8713-0c3c0b92fbff", "control-id": "r55", "description": "The approach of the selected rules is to use and configure pam_namespace module.", "props": [ @@ -6548,7 +6560,7 @@ ] }, { - "uuid": "70f6165b-8062-4830-b110-c5aac31b50c5", + "uuid": "66b25c3e-a421-42dc-a1ef-55e1674d28e1", "control-id": "r63", "description": "The description for control-id r63.", "props": [ @@ -6561,7 +6573,7 @@ ] }, { - "uuid": "1e2882ee-4f06-4b9d-b8de-65a4f10dae4c", + "uuid": "99f58bc0-1718-4335-be72-20c08bab601e", "control-id": "r67", "description": "In systems where remote authentication is handled through sssd service, PAM delegates\nrequests for remote authentication to sssd service through a local Unix socket. The sssd\nservice can use IPA, AD or LDAP as a remote database containing information required for authentication.\nIn case LDAP is configured manually, there are several configuration options which should be chedked.", "props": [ @@ -6583,7 +6595,7 @@ ] }, { - "uuid": "ae495848-9160-415b-94ce-78562d426cdb", + "uuid": "09b6275d-0d8b-41b4-9efc-86783034dd71", "control-id": "r69", "description": "The description for control-id r69.", "props": [ @@ -6596,7 +6608,7 @@ ] }, { - "uuid": "a1e73295-9999-4835-a553-595ec7f58523", + "uuid": "e53ce48a-64f0-41c0-88ab-43fefb085abc", "control-id": "r70", "description": "The description for control-id r70.", "props": [ @@ -6609,7 +6621,7 @@ ] }, { - "uuid": "eb54ef83-1c1f-4472-bd50-e3c48120fbd8", + "uuid": "9b6dfdc3-a9db-458d-ac79-fdd53b7a90c7", "control-id": "r74", "description": "No notes for control-id R74.", "props": [ @@ -6626,7 +6638,7 @@ ] }, { - "uuid": "accfbccd-ff46-4b77-b931-0ce4e5f55f80", + "uuid": "693b030e-6618-4b29-9ed9-6daa95d02485", "control-id": "r75", "description": "Only the alias for root user is covered by the rule. The other services cannot be reliably covered, as there is no simple way of determining what is a service account.", "props": [ @@ -6643,7 +6655,7 @@ ] }, { - "uuid": "891aa7b3-0c69-445c-9405-e897f7bad1bd", + "uuid": "7eb20e83-ce5c-45fe-a808-116ed0643e79", "control-id": "r79", "description": "SELinux can provide confinement and monitoring of services, and AIDE provides basic integrity checking. System logs are configured as part of R43. Hardening of particular services should be done on a case by case basis and is not automated by this content.", "props": [ @@ -6670,7 +6682,7 @@ ] }, { - "uuid": "252d2ed6-2485-4f21-a336-4051e9882732", + "uuid": "99ca2904-f40c-4bde-826e-50f30976a225", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -6683,7 +6695,7 @@ ] }, { - "uuid": "ecb5ed87-c39a-4ee2-b94a-f4b5fec418d3", + "uuid": "f463ef80-e38c-4476-9f6c-172f3a3ace59", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -6755,7 +6767,7 @@ ] }, { - "uuid": "65327fe8-6842-405e-96a0-fdfb32fae7bc", + "uuid": "486826bc-a523-4d86-a371-71643391d16a", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -6777,7 +6789,7 @@ ] }, { - "uuid": "774b264a-651c-4aab-b171-c2b85a411d20", + "uuid": "9181b1c7-1c95-4c9b-af00-403e0bfdc2bc", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -6804,7 +6816,7 @@ ] }, { - "uuid": "f4830206-ae3a-459b-bbad-be31e0822f7d", + "uuid": "e78bb377-4260-4232-9096-ca453c5cf87f", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -6826,7 +6838,7 @@ ] }, { - "uuid": "08ff82ba-2142-4aff-9275-153b16056e34", + "uuid": "8f0898e0-ca5b-4579-a559-7325c08fd0c8", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -6839,7 +6851,7 @@ ] }, { - "uuid": "0f05cb4a-c6d8-4563-abde-6f48864161f1", + "uuid": "63125fef-7afb-4969-bccb-3b41ec5f9aa0", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -6867,11 +6879,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "45e6e7d1-7a11-469b-b21e-55f3b198bd7c", + "uuid": "4221c935-b01c-464c-93be-01b777670110", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -6903,7 +6920,7 @@ ] }, { - "uuid": "50ff718e-9545-4e83-8a28-7496975c44b4", + "uuid": "f36b26e8-7e7b-4a22-ae86-757001b31e14", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -6941,7 +6958,7 @@ ] }, { - "uuid": "639c7218-9e77-4594-a584-9adb48c5db0d", + "uuid": "5222a2d6-4bbd-4bbc-9a8a-9c1d6231ca3f", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -6978,7 +6995,7 @@ ] }, { - "uuid": "f99cdeb3-2ec1-4d01-bf04-0f4c4d1b285b", + "uuid": "18c25563-58c4-4598-9747-1c2a215f19cb", "control-id": "r80", "description": "The description for control-id r80.", "props": [ @@ -7363,7 +7380,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -7381,7 +7398,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -8221,6991 +8238,7015 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_apply_updates", + "remarks": "rule_set_026" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Available Updates Automatically", + "remarks": "rule_set_026" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_apply_updates", + "remarks": "rule_set_026" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Available Updates Automatically", + "remarks": "rule_set_026" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_security_updates_only", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Only Security Updates", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_security_updates_only", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Only Security Updates", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_kea_removed", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall kea Package", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_kea_removed", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall kea Package", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_telnet_removed", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove telnet Clients", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_telnet_removed", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove telnet Clients", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_telnet-server_removed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall telnet-server Package", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_telnet-server_removed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall telnet-server Package", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_tftp_removed", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove tftp Daemon", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_tftp_removed", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove tftp Daemon", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_tftp-server_removed", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall tftp-server Package", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_tftp-server_removed", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall tftp-server Package", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_system_auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - system-auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_system_auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - system-auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_password_auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - password-auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_password_auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - password-auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_password", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Boot Loader Password in grub2", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_password", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Boot Loader Password in grub2", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_l1tf_argument", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure L1 Terminal Fault mitigations", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_l1tf_argument", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure L1 Terminal Fault mitigations", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_poison_argument", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable page allocator poisoning", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_poison_argument", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable page allocator poisoning", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_pti_argument", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Page-Table Isolation (KPTI)", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_pti_argument", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Page-Table Isolation (KPTI)", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slab_nomerge_argument", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable merging of slabs with similar size", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slab_nomerge_argument", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable merging of slabs with similar size", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slub_debug_argument", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB/SLAB allocator poisoning", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slub_debug_argument", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB/SLAB allocator poisoning", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spec_store_bypass_disable_argument", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Speculative Store Bypass Mitigation", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spec_store_bypass_disable_argument", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Speculative Store Bypass Mitigation", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spectre_v2_argument", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enforce Spectre v2 mitigation", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spectre_v2_argument", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enforce Spectre v2 mitigation", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mds_argument", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Microarchitectural Data Sampling mitigation", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mds_argument", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Microarchitectural Data Sampling mitigation", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mce_argument", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force kernel panic on uncorrected MCEs", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mce_argument", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force kernel panic on uncorrected MCEs", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_alloc_shuffle_argument", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable randomization of the page allocator", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_alloc_shuffle_argument", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable randomization of the page allocator", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_rng_core_default_quality_argument", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the confidence in TPM for entropy", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_rng_core_default_quality_argument", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the confidence in TPM for entropy", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_vm_mmap_min_addr", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent applications from mapping low portion of virtual memory", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_vm_mmap_min_addr", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent applications from mapping low portion of virtual memory", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_pid_max", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure maximum number of process identifiers", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_pid_max", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure maximum number of process identifiers", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_max_sample_rate", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit sampling frequency of the Perf system", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_max_sample_rate", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit sampling frequency of the Perf system", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_cpu_time_max_percent", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit CPU consumption of the Perf system", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_cpu_time_max_percent", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit CPU consumption of the Perf system", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_paranoid", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow kernel profiling by unprivileged users", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_paranoid", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow kernel profiling by unprivileged users", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_sysrq", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow magic SysRq key", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_sysrq", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow magic SysRq key", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_panic_on_oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic on oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_panic_on_oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic on oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_local", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting Packets Routed Between Local Interfaces", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_local", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting Packets Routed Between Local Interfaces", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_redirects", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_redirects", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_redirects", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_redirects", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_secure_redirects", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_secure_redirects", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_secure_redirects", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_secure_redirects", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_shared_media", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_shared_media", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_shared_media", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects by Default", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_shared_media", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects by Default", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_source_route", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_source_route", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_source_route", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_source_route", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_filter", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure ARP filtering for All IPv4 Interfaces", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_filter", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure ARP filtering for All IPv4 Interfaces", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_ignore", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_ignore", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_route_localnet", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_route_localnet", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_rp_filter", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_rp_filter", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_rp_filter", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_rp_filter", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_send_redirects", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_send_redirects", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_send_redirects", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_send_redirects", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_local_port_range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Kernel Parameter to Increase Local Port Range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_local_port_range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Kernel Parameter to Increase Local Port Range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_rfc1337", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_rfc1337", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_syncookies", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_syncookies", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_router_solicitations", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_router_solicitations", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_router_solicitations", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_router_solicitations", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_autoconf", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_autoconf", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_autoconf", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_autoconf", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_redirects", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_redirects", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_redirects", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_redirects", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_source_route", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_source_route", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_source_route", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_source_route", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_max_addresses", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_max_addresses", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_max_addresses", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_max_addresses", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_suid_dumpable", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Core Dumps for SUID programs", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_suid_dumpable", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Core Dumps for SUID programs", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_fifos", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_fifos", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_regular", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Regular files", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_regular", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Regular files", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_nodev_nonroot_local_partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to Non-Root Local Partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_nodev_nonroot_local_partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to Non-Root Local Partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_boot", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /boot Located On Separate Partition", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_boot", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /boot Located On Separate Partition", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_nosuid", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /boot", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_nosuid", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /boot", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_noexec", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /boot", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_noexec", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /boot", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_opt", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /opt Located On Separate Partition", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_opt", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /opt Located On Separate Partition", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_opt_nosuid", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /opt", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_opt_nosuid", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /opt", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "systemd_tmp_mount_enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure tmp.mount Unit Is Enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "systemd_tmp_mount_enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure tmp.mount Unit Is Enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_nosuid", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /tmp", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_nosuid", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /tmp", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_noexec", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /tmp", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_noexec", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /tmp", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_srv", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /srv Located On Separate Partition", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_srv", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /srv Located On Separate Partition", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_srv_nosuid", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /srv", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_srv_nosuid", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /srv", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_nosuid", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /home", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_nosuid", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /home", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_noexec", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /home", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_noexec", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /home", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_usr", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /usr Located On Separate Partition", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_usr", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /usr Located On Separate Partition", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_nosuid", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_nosuid", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_noexec", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_noexec", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_noexec", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/log", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_noexec", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/log", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_nosuid", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/log", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_nosuid", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/log", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_nosuid", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/tmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_nosuid", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/tmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_noexec", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/tmp", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_noexec", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/tmp", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "logind_session_timeout", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Logind to terminate idle sessions after certain time of inactivity", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "logind_session_timeout", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Logind to terminate idle sessions after certain time of inactivity", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_tmout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interactive Session Timeout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_tmout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interactive Session Timeout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_direct_root_logins", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Direct root Logins Not Allowed", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_direct_root_logins", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Direct root Logins Not Allowed", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_noexec", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_noexec", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_root_target", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't target root user in the sudoers file", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_root_target", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't target root user in the sudoers file", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_command_negation", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't define allowed commands in sudoers by means of exclusion", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_command_negation", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't define allowed commands in sudoers by means of exclusion", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_explicit_command_args", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Explicit arguments in sudo specifications", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_explicit_command_args", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Explicit arguments in sudo specifications", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_groupownership", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_groupownership", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_ownership", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_ownership", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_permissions", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_permissions", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_group_root_owned", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root as a group owner", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_group_root_owned", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root as a group owner", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_root_owned", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root ownership", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_root_owned", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root ownership", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_system_commands_dirs", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands files are group owned by root or a system account", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_system_commands_dirs", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands files are group owned by root or a system account", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_private_key", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_private_key", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_private_key", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_private_key", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_pub_key", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_pub_key", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_pub_key", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_pub_key", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_pub_key", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Public *.pub Key Files", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_pub_key", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Public *.pub Key Files", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_sshd_config", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Owner on SSH Server config file", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_sshd_config", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Owner on SSH Server config file", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_sshd_config", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns SSH Server config file", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_sshd_config", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns SSH Server config file", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_config", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server config file", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_config", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server config file", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_selinux", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/selinux Directory", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_selinux", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/selinux Directory", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_selinux", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/selinux Directory", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_selinux", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/selinux Directory", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_selinux", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/selinux Directory", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_selinux", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/selinux Directory", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sestatus_conf", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sestatus_conf", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sestatus_conf", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sestatus_conf", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sestatus_conf", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sestatus.conf File", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sestatus_conf", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sestatus.conf File", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_ipsecd", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_ipsecd", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_ipsecd", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_ipsecd", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_ipsecd", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.d Directory", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_ipsecd", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.d Directory", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_conf", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_conf", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_conf", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_conf", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmep_argument_absent", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMEP is not disabled during boot", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmep_argument_absent", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMEP is not disabled during boot", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmap_argument_absent", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMAP is not disabled during boot", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmap_argument_absent", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMAP is not disabled during boot", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_enable_iommu_force", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "IOMMU configuration directive", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_enable_iommu_force", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "IOMMU configuration directive", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_modules_disabled", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable loading and unloading of kernel modules", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_modules_disabled", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable loading and unloading of kernel modules", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_grub2_cfg", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Group Ownership", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_grub2_cfg", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Group Ownership", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_grub2_cfg", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg User Ownership", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_grub2_cfg", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg User Ownership", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_grub2_cfg", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Permissions", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_grub2_cfg", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Permissions", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_user_cfg", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Group Ownership", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_user_cfg", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Group Ownership", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_user_cfg", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg User Ownership", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_user_cfg", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg User Ownership", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_user_cfg", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Permissions", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_user_cfg", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Permissions", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_systemmap", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns System.map Files", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_systemmap", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns System.map Files", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_systemmap", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns System.map Files", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_systemmap", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns System.map Files", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_systemmap", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on System.map Files", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_systemmap", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on System.map Files", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_bashrc", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Bash Umask is Set Correctly", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_bashrc", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Bash Umask is Set Correctly", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_login_defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in login.defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_login_defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in login.defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in /etc/profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in /etc/profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_dedicated_group", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure a dedicated group owns sudo", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_dedicated_group", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure a dedicated group owns sudo", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sudo", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure That the sudo Binary Has the Correct Permissions", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sudo", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure That the sudo Binary Has the Correct Permissions", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog-gnutls_installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog-gnutls is installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog-gnutls_installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog-gnutls is installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_logrotate_activated", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logrotate Runs Periodically", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_logrotate_activated", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logrotate Runs Periodically", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" } ], "control-implementations": [ { - "uuid": "90d68a2f-76c7-4be6-84dc-dde771944786", + "uuid": "8579db58-28a7-4e36-a329-9981c8425b4c", "source": "trestle://profiles/rhel10-anssi-enhanced/profile.json", "description": "Control implementation for anssi_bp28_enhanced", "props": [ @@ -15441,7 +15482,7 @@ ], "implemented-requirements": [ { - "uuid": "a6bbaab5-3785-4561-9146-ab881e75a675", + "uuid": "de4d2a90-e983-4275-b712-cde16a4acad2", "control-id": "r1", "description": "This requirement can be checked, but remediation requires manual reinstall of the OS. The content automation cannot really configure the BIOS, but can in some cases, check settings that are visible to the OS. Like for example the NX/DX setting.", "props": [ @@ -15463,7 +15504,7 @@ ] }, { - "uuid": "2fceddfd-6910-4308-958f-90b619fa7393", + "uuid": "063066f5-7265-4e7f-bbda-d42bcbf07a59", "control-id": "r7", "description": "No notes for control-id R7.", "props": [ @@ -15480,7 +15521,7 @@ ] }, { - "uuid": "1ad0432a-cc85-427d-8aae-c2be02600740", + "uuid": "76eeed9b-7049-4387-b7ea-32091a3c73f5", "control-id": "r10", "description": "No notes for control-id R10.", "props": [ @@ -15497,7 +15538,7 @@ ] }, { - "uuid": "19d3d174-0889-460c-bcc6-577bb98a9589", + "uuid": "28d83852-651c-4cf0-b098-05ca57c756c3", "control-id": "r29", "description": "The /boot partition mounted is essential to perform certain administrative actions, for example updating the kernel. Therefore, for better stability, in this requirement only rules to restrict the access to /boot are selected. It is not changed how the /boot is mounted.", "props": [ @@ -15554,7 +15595,7 @@ ] }, { - "uuid": "c0230a79-dc08-43ba-8429-48d5ad51ec9d", + "uuid": "08994cce-2dcd-4dce-adf4-7c78bc5e8f6f", "control-id": "r36", "description": "There are cases of Systemd services which would stop working in case umask would be configured to 0027 for all services. One such example is the Cups service which needs to create sockets which need to be available for all users. Therefore, this part of the requirement can't be automated.", "props": [ @@ -15581,7 +15622,7 @@ ] }, { - "uuid": "a646d707-ab2d-49ab-b760-21a1f8f08a70", + "uuid": "4e157b6a-8651-40a7-b90c-ae34f86c6937", "control-id": "r37", "description": "Other partitioning mechanisms can include chroot and containers and are not contemplated in this requirement.", "props": [ @@ -15598,7 +15639,7 @@ ] }, { - "uuid": "f91b613e-6ff3-49c2-b6b8-224007a0de21", + "uuid": "43950fa1-443b-4871-82e6-fc589e664414", "control-id": "r38", "description": "No notes for control-id R38.", "props": [ @@ -15620,7 +15661,7 @@ ] }, { - "uuid": "94545254-5058-4a1d-acdb-b248104dda5d", + "uuid": "8e936461-33a0-48fe-a7a0-9d73f6989728", "control-id": "r41", "description": "The description for control-id r41.", "props": [ @@ -15633,7 +15674,7 @@ ] }, { - "uuid": "51dfdd0d-1754-4fb0-b37d-6b8b22b2600d", + "uuid": "bd4c0853-e3d4-4405-ab9f-12fc96a25389", "control-id": "r45", "description": "No notes for control-id R45.", "props": [ @@ -15645,7 +15686,7 @@ ] }, { - "uuid": "74391e49-0e12-45ab-a3b7-d4c8c24de357", + "uuid": "337446a0-6ab0-4358-8bdf-91277de3711b", "control-id": "r51", "description": "This concerns two aspects, the first is administrative, and involves prompt installation of secrets or trusted elements by the sysadmin. The second involves removal of any default secret or trusted element configured by the operating system during install process, e.g. default known passwords.", "props": [ @@ -15657,7 +15698,7 @@ ] }, { - "uuid": "16ff2e9b-801e-4ce8-b112-da7e639bc9ac", + "uuid": "37d060e0-fcdb-4c37-8f5b-65623d5c64d5", "control-id": "r57", "description": "The description for control-id r57.", "props": [ @@ -15670,7 +15711,7 @@ ] }, { - "uuid": "e16ce193-e689-44aa-bef7-e9331fe4e7ce", + "uuid": "b76a2e07-d7d9-4823-98d4-8d0b727d11ad", "control-id": "r60", "description": "The description for control-id r60.", "props": [ @@ -15683,7 +15724,7 @@ ] }, { - "uuid": "565c094e-48af-44a3-867f-086f83440114", + "uuid": "da8ea1c3-4adc-401e-a286-7ee7aed15d56", "control-id": "r64", "description": "SELinux policies limit the privileges of services and daemons just to those which are required. The policies should be enough to restrict the services' privileges to its essentials, but the automated content cannot assess whether they are the minimum required for the deployment.", "props": [ @@ -15700,7 +15741,7 @@ ] }, { - "uuid": "2430676c-c3cc-4d70-bae9-33c83af22e58", + "uuid": "2d0cdbd1-5d28-4e2e-bc66-a3c2739e8427", "control-id": "r65", "description": "The description for control-id r65.", "props": [ @@ -15713,7 +15754,7 @@ ] }, { - "uuid": "d61f07fc-0b5d-41db-92e4-9cecfd563e51", + "uuid": "ae597dc5-14e3-46e2-89b9-36c82f022282", "control-id": "r71", "description": "A lot of recommendations and requirements from the DAT-PA-012 document are administrative and hard to automate. The rules selected below address a few of the aspects that can be covered, keep in mind that these configurations should be customized for the systems deployment requirements.", "props": [ @@ -15800,7 +15841,7 @@ ] }, { - "uuid": "a010fd28-82a3-46cb-9da4-2300266cce5f", + "uuid": "15aa8534-67bc-439d-b0be-3f055171677e", "control-id": "r72", "description": "No notes for control-id R72.", "props": [ @@ -15812,7 +15853,7 @@ ] }, { - "uuid": "5e258588-24a7-41da-a553-01bb0e25b1d1", + "uuid": "55bae31d-daef-4322-ac07-8aa81429a082", "control-id": "r73", "description": "No notes for control-id R73.", "props": [ @@ -16104,7 +16145,7 @@ ] }, { - "uuid": "d8320cad-952f-48de-b995-af2f5bfb13ec", + "uuid": "cec9c501-8d41-48e0-80fd-a39b3978e14d", "control-id": "r78", "description": "The description for control-id r78.", "props": [ @@ -16117,7 +16158,7 @@ ] }, { - "uuid": "a203052f-c624-47d8-9f01-478f22fd64ac", + "uuid": "abbd3dc8-235d-4375-aaf1-e784966bfbe4", "control-id": "r2", "description": "The description for control-id r2.", "props": [ @@ -16130,7 +16171,7 @@ ] }, { - "uuid": "5243338b-8fd2-4ecc-a7ca-5f583ba03bb6", + "uuid": "832d27af-9284-4108-868a-6d77a3e83830", "control-id": "r3", "description": "The description for control-id r3.", "props": [ @@ -16143,7 +16184,7 @@ ] }, { - "uuid": "424c165b-d37b-40db-a10d-f82b0ee84256", + "uuid": "d1414a10-a910-44f2-87c9-ea3321ab0edb", "control-id": "r5", "description": "No notes for control-id R5.", "props": [ @@ -16160,7 +16201,7 @@ ] }, { - "uuid": "ded0ccf6-cbf7-4fff-9fc8-a21dfec9c61e", + "uuid": "d2190bdc-cc41-467a-b925-111c347a503d", "control-id": "r8", "description": "No notes for control-id R8.", "props": [ @@ -16232,7 +16273,7 @@ ] }, { - "uuid": "79f2030f-d5f1-46de-bb3d-be01b73ee42b", + "uuid": "9b83c236-b0eb-46ea-817a-feef416ec0c0", "control-id": "r9", "description": "No notes for control-id R9.", "props": [ @@ -16294,7 +16335,7 @@ ] }, { - "uuid": "b1b5f887-d629-4809-90c4-1aa99d925121", + "uuid": "09ad6660-08c9-4be9-b42a-e3d056e6e11e", "control-id": "r11", "description": "No notes for control-id R11.", "props": [ @@ -16311,7 +16352,7 @@ ] }, { - "uuid": "8913e5c4-96a9-4dde-bcde-3976a23e6fce", + "uuid": "8c173d5d-a492-4416-a552-3a21f95e7b34", "control-id": "r12", "description": "No notes for control-id R12.", "props": [ @@ -16438,7 +16479,7 @@ ] }, { - "uuid": "b3b5da4a-ae6c-4bac-8f12-55d027d1bc6c", + "uuid": "ee50c63f-3ae9-4a10-9ac8-2c879e1e6a9f", "control-id": "r13", "description": "When IPv6 is not in use, disable it, otherwise secure the IPv6 stack. This control hardens the IPv6 stack, to disable it use the related rules instead.", "props": [ @@ -16530,7 +16571,7 @@ ] }, { - "uuid": "751e438b-22d2-4cb3-b139-82c663594fab", + "uuid": "01b31687-f4d3-4e70-9d87-d52440b3e743", "control-id": "r14", "description": "The rule for the /proc file system is not implemented", "props": [ @@ -16567,7 +16608,7 @@ ] }, { - "uuid": "ea79ae1f-238d-4103-b62a-05122e97181f", + "uuid": "aebe61dd-cdfd-4f2a-8f4b-67a77f1ad9c4", "control-id": "r28", "description": "No notes for control-id R28.", "props": [ @@ -16699,7 +16740,7 @@ ] }, { - "uuid": "85b467b1-c183-4ccb-bfae-d0cd57b73f67", + "uuid": "6140f146-6476-4a24-b21f-effbb4cbf2a2", "control-id": "r32", "description": "ANSSI doesn't specify the length of the inactivity period, we are choosing 10 minutes as reasonable number.", "props": [ @@ -16721,7 +16762,7 @@ ] }, { - "uuid": "ecfa036a-98be-4978-ae0b-a833bfe9ca5a", + "uuid": "6c854235-4781-4a87-81ec-b5000353d6d3", "control-id": "r33", "description": "By disabling direct root logins proper accountability is ensured. Users will login first, then escalate to privileged (root) access. Change of privilege operations must be based on executables to monitor the activities performed (for example sudo). Nonetheless, the content automation cannot ensure that each administrator was given a nominative administration account separate from his normal user account.", "props": [ @@ -16763,7 +16804,7 @@ ] }, { - "uuid": "8a6f6381-ee94-4482-8b5b-0e5f5bd4508b", + "uuid": "32320720-f1ad-41a1-af62-398fac3c13e8", "control-id": "r34", "description": "The description for control-id r34.", "props": [ @@ -16776,7 +16817,7 @@ ] }, { - "uuid": "ef84bb26-d889-4dca-80db-c706acc5fdf6", + "uuid": "db3bf27f-afe5-4ab8-8f20-83ac04209f00", "control-id": "r35", "description": "The description for control-id r35.", "props": [ @@ -16789,7 +16830,7 @@ ] }, { - "uuid": "bf83b284-396d-4cf5-bbe6-63937879075c", + "uuid": "2b5cfc68-77df-4d08-befa-b3e369a9748d", "control-id": "r39", "description": "No notes for control-id R39.", "props": [ @@ -16826,7 +16867,7 @@ ] }, { - "uuid": "afa21346-2bee-4b5a-8797-98c10d107787", + "uuid": "9b3175d4-91e2-45e2-b4fb-3b344250a1a8", "control-id": "r40", "description": "No notes for control-id R40.", "props": [ @@ -16843,7 +16884,7 @@ ] }, { - "uuid": "53f57e4c-b9e7-4607-b748-06b923720483", + "uuid": "34cb61ff-982c-469e-bf51-7dd14cdc40e3", "control-id": "r42", "description": "No notes for control-id R42.", "props": [ @@ -16860,7 +16901,7 @@ ] }, { - "uuid": "e21cf67b-f35b-4c1f-aa30-e5b6410bf273", + "uuid": "5e7bf3f0-ff48-4329-8ef0-7f81cf39102f", "control-id": "r43", "description": "No notes for control-id R43.", "props": [ @@ -16877,7 +16918,7 @@ ] }, { - "uuid": "741021f3-c2c3-4eae-ab88-1f157828f852", + "uuid": "d2876154-5f65-4b95-9858-5ad9a9f64b9d", "control-id": "r44", "description": "The description for control-id r44.", "props": [ @@ -16890,7 +16931,7 @@ ] }, { - "uuid": "526443a0-f0f0-4467-973e-996b3974d6f3", + "uuid": "3c607b19-5df3-45d1-a69b-ffefaebb0ba6", "control-id": "r50", "description": "No notes for control-id R50.", "props": [ @@ -17257,7 +17298,7 @@ ] }, { - "uuid": "d209451b-4ba3-4605-b441-24dfe2fbf897", + "uuid": "b786ab93-466d-4c78-b6e0-ac354916956f", "control-id": "r52", "description": "The description for control-id r52.", "props": [ @@ -17270,7 +17311,7 @@ ] }, { - "uuid": "2580b2da-331f-49bc-b417-a1d2baa121ca", + "uuid": "c4bf9573-fa94-4635-b6e7-66ae434ef1e6", "control-id": "r55", "description": "The approach of the selected rules is to use and configure pam_namespace module.", "props": [ @@ -17302,7 +17343,7 @@ ] }, { - "uuid": "d33a1937-8516-43b8-aac8-78cec23fbf66", + "uuid": "4846394c-16d6-449e-b954-ca9121e7e081", "control-id": "r63", "description": "The description for control-id r63.", "props": [ @@ -17315,7 +17356,7 @@ ] }, { - "uuid": "bb1f54e7-a807-4c54-82e2-878cd8131d54", + "uuid": "008fd208-d65e-4586-88ad-dfed9a82e2fa", "control-id": "r67", "description": "In systems where remote authentication is handled through sssd service, PAM delegates\nrequests for remote authentication to sssd service through a local Unix socket. The sssd\nservice can use IPA, AD or LDAP as a remote database containing information required for authentication.\nIn case LDAP is configured manually, there are several configuration options which should be chedked.", "props": [ @@ -17337,7 +17378,7 @@ ] }, { - "uuid": "f6e22136-1513-40a6-a49e-6e7b191c092c", + "uuid": "b101b2ce-2735-49ab-965a-283b16a4a393", "control-id": "r69", "description": "The description for control-id r69.", "props": [ @@ -17350,7 +17391,7 @@ ] }, { - "uuid": "73a1cd9f-43ef-404b-a197-74505fe8d644", + "uuid": "27df92fd-6107-42c7-b8e3-a948423e7892", "control-id": "r70", "description": "The description for control-id r70.", "props": [ @@ -17363,7 +17404,7 @@ ] }, { - "uuid": "fac5f6c2-461b-4cc9-ab92-b522dc8684c3", + "uuid": "07ace5d9-d7e5-4223-8583-4c66bc400329", "control-id": "r74", "description": "No notes for control-id R74.", "props": [ @@ -17380,7 +17421,7 @@ ] }, { - "uuid": "a7b87d6f-abeb-4fc4-8e6a-1f73a89033ec", + "uuid": "59a5d77d-66fb-4ccf-9062-730b7c8bb66a", "control-id": "r75", "description": "Only the alias for root user is covered by the rule. The other services cannot be reliably covered, as there is no simple way of determining what is a service account.", "props": [ @@ -17397,7 +17438,7 @@ ] }, { - "uuid": "ad71cee2-f34d-4345-84c5-fe18c589ad64", + "uuid": "08104407-7347-4272-8b0f-1aba7ba06096", "control-id": "r79", "description": "SELinux can provide confinement and monitoring of services, and AIDE provides basic integrity checking. System logs are configured as part of R43. Hardening of particular services should be done on a case by case basis and is not automated by this content.", "props": [ @@ -17424,7 +17465,7 @@ ] }, { - "uuid": "d4a0812e-0f73-4ad9-b439-cb50066a525f", + "uuid": "9312d90d-bb3a-4b92-8900-339ff07439b8", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -17437,7 +17478,7 @@ ] }, { - "uuid": "b3c11069-5b90-415f-9394-4abb7059faf0", + "uuid": "301ff329-bb2d-415d-8064-511d7b7e9486", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -17509,7 +17550,7 @@ ] }, { - "uuid": "f7e867a9-b612-481a-bd5e-631d4e058ab3", + "uuid": "cebe1ec3-9ffc-4ed3-865f-d43d5e112c50", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -17531,7 +17572,7 @@ ] }, { - "uuid": "177ab3dc-2379-4f9e-a00c-599f110dc5c4", + "uuid": "2ccd3307-b91e-4f6c-a34f-840780fe4cc0", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -17558,7 +17599,7 @@ ] }, { - "uuid": "293b3786-8e59-46f8-ad51-6635d6b6f607", + "uuid": "2508f3df-1ed8-49d1-91c6-926a97d6780a", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -17580,7 +17621,7 @@ ] }, { - "uuid": "bf9e455c-478e-4523-8ae7-3f05f36315b6", + "uuid": "92001064-2df7-41f9-b129-0f271e02a002", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -17593,7 +17634,7 @@ ] }, { - "uuid": "8d9ae63a-0c5f-4b1e-a6f9-78acb8af9a43", + "uuid": "2f7c28ec-941c-427a-93af-cf22b261951a", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -17621,11 +17662,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "1d7c699f-5d39-4458-8432-828799b18a2e", + "uuid": "63783a07-10fc-40ff-9252-7a1b4187007d", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -17657,7 +17703,7 @@ ] }, { - "uuid": "ff184f0d-edca-4fb3-8ce6-ce5b82598ec7", + "uuid": "ecc5b1d1-75a0-40e6-9f0e-b7c380738be6", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -17695,7 +17741,7 @@ ] }, { - "uuid": "510658e3-2fc8-49ff-b6dc-439f82c12cc8", + "uuid": "23a1650d-aa7b-433f-b5dd-ea97ff310d6b", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -17732,7 +17778,7 @@ ] }, { - "uuid": "222cfc17-12d6-4e08-9114-88ade9de2110", + "uuid": "09d379b5-eda6-4a2f-b4ed-42c926cd403a", "control-id": "r80", "description": "The description for control-id r80.", "props": [ diff --git a/component-definitions/rhel10/rhel10-anssi-high/component-definition.json b/component-definitions/rhel10/rhel10-anssi-high/component-definition.json index 10e14566f..a9f5c00a8 100644 --- a/component-definitions/rhel10/rhel10-anssi-high/component-definition.json +++ b/component-definitions/rhel10/rhel10-anssi-high/component-definition.json @@ -3,8 +3,8 @@ "uuid": "4a0dc350-a979-44df-a37c-3c868514176f", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:22:34.505501+00:00", - "version": "1.3", + "last-modified": "2025-12-17T11:10:03.358458+00:00", + "version": "1.4", "oscal-version": "1.1.3" }, "components": [ @@ -383,7 +383,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -401,7 +401,7 @@ { "name": "Parameter_Value_Alternatives_20", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -1031,4339 +1031,4351 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_password_auth", + "value": "accounts_password_pam_unix_rounds_system_auth", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - password-auth", + "value": "Set number of Password Hashing Rounds - system-auth", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_unix_rounds_password_auth", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Set number of Password Hashing Rounds - password-auth", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_password", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Boot Loader Password in grub2", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_l1tf_argument", + "value": "grub2_password", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure L1 Terminal Fault mitigations", + "value": "Set Boot Loader Password in grub2", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_page_poison_argument", + "value": "grub2_l1tf_argument", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable page allocator poisoning", + "value": "Configure L1 Terminal Fault mitigations", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_pti_argument", + "value": "grub2_page_poison_argument", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Page-Table Isolation (KPTI)", + "value": "Enable page allocator poisoning", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_slab_nomerge_argument", + "value": "grub2_pti_argument", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable merging of slabs with similar size", + "value": "Enable Kernel Page-Table Isolation (KPTI)", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_slub_debug_argument", + "value": "grub2_slab_nomerge_argument", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SLUB/SLAB allocator poisoning", + "value": "Disable merging of slabs with similar size", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_spec_store_bypass_disable_argument", + "value": "grub2_slub_debug_argument", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Speculative Store Bypass Mitigation", + "value": "Enable SLUB/SLAB allocator poisoning", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_spectre_v2_argument", + "value": "grub2_spec_store_bypass_disable_argument", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Spectre v2 mitigation", + "value": "Configure Speculative Store Bypass Mitigation", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_mds_argument", + "value": "grub2_spectre_v2_argument", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Microarchitectural Data Sampling mitigation", + "value": "Enforce Spectre v2 mitigation", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_mce_argument", + "value": "grub2_mds_argument", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Force kernel panic on uncorrected MCEs", + "value": "Configure Microarchitectural Data Sampling mitigation", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_page_alloc_shuffle_argument", + "value": "grub2_mce_argument", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable randomization of the page allocator", + "value": "Force kernel panic on uncorrected MCEs", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_rng_core_default_quality_argument", + "value": "grub2_page_alloc_shuffle_argument", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the confidence in TPM for entropy", + "value": "Enable randomization of the page allocator", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_vm_mmap_min_addr", + "value": "grub2_rng_core_default_quality_argument", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent applications from mapping low portion of virtual memory", + "value": "Configure the confidence in TPM for entropy", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_vm_mmap_min_addr", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Prevent applications from mapping low portion of virtual memory", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_pid_max", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure maximum number of process identifiers", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_event_max_sample_rate", + "value": "sysctl_kernel_pid_max", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit sampling frequency of the Perf system", + "value": "Configure maximum number of process identifiers", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_cpu_time_max_percent", + "value": "sysctl_kernel_perf_event_max_sample_rate", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit CPU consumption of the Perf system", + "value": "Limit sampling frequency of the Perf system", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_event_paranoid", + "value": "sysctl_kernel_perf_cpu_time_max_percent", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disallow kernel profiling by unprivileged users", + "value": "Limit CPU consumption of the Perf system", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "sysctl_kernel_perf_event_paranoid", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Disallow kernel profiling by unprivileged users", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_sysrq", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disallow magic SysRq key", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_unprivileged_bpf_disabled", + "value": "sysctl_kernel_sysrq", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", + "value": "Disallow magic SysRq key", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_panic_on_oops", + "value": "sysctl_kernel_unprivileged_bpf_disabled", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Kernel panic on oops", + "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "sysctl_kernel_panic_on_oops", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Kernel panic on oops", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_core_bpf_jit_harden", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Harden the operation of the BPF just-in-time compiler", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_core_bpf_jit_harden", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Harden the operation of the BPF just-in-time compiler", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_local", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Packets Routed Between Local Interfaces", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_local", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Disable Accepting Packets Routed Between Local Interfaces", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_shared_media", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_shared_media", + "value": "sysctl_net_ipv4_conf_all_shared_media", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Sending and Accepting Shared Media Redirects by Default", + "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_shared_media", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Configure Sending and Accepting Shared Media Redirects by Default", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_arp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure ARP filtering for All IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_arp_ignore", + "value": "sysctl_net_ipv4_conf_all_arp_filter", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", + "value": "Configure ARP filtering for All IPv4 Interfaces", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_route_localnet", + "value": "sysctl_net_ipv4_conf_all_arp_ignore", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", + "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", + "value": "sysctl_net_ipv4_conf_all_route_localnet", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", + "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_local_port_range", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Kernel Parameter to Increase Local Port Range", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_rfc1337", + "value": "sysctl_net_ipv4_ip_local_port_range", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", + "value": "Set Kernel Parameter to Increase Local Port Range", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv4_tcp_rfc1337", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_router_solicitations", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_router_solicitations", + "value": "sysctl_net_ipv6_conf_all_router_solicitations", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", + "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", + "value": "sysctl_net_ipv6_conf_default_router_solicitations", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", + "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", + "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", + "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", + "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", + "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_autoconf", + "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Auto Configuration on All IPv6 Interfaces", + "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_autoconf", + "value": "sysctl_net_ipv6_conf_all_autoconf", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", + "value": "Configure Auto Configuration on All IPv6 Interfaces", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_autoconf", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_max_addresses", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_max_addresses", + "value": "sysctl_net_ipv6_conf_all_max_addresses", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", + "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_net_ipv6_conf_default_max_addresses", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_fifos", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_regular", + "value": "sysctl_fs_protected_fifos", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Regular files", + "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_symlinks", + "value": "sysctl_fs_protected_regular", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", + "value": "Enable Kernel Parameter to Enforce DAC on Regular files", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_fs_protected_symlinks", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_nodev_nonroot_local_partitions", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nodev Option to Non-Root Local Partitions", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_boot", + "value": "mount_option_nodev_nonroot_local_partitions", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /boot Located On Separate Partition", + "value": "Add nodev Option to Non-Root Local Partitions", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_boot_nosuid", + "value": "partition_for_boot", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /boot", + "value": "Ensure /boot Located On Separate Partition", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_boot_noexec", + "value": "mount_option_boot_nosuid", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /boot", + "value": "Add nosuid Option to /boot", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_opt", + "value": "mount_option_boot_noexec", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /opt Located On Separate Partition", + "value": "Add noexec Option to /boot", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_opt_nosuid", + "value": "partition_for_opt", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /opt", + "value": "Ensure /opt Located On Separate Partition", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "systemd_tmp_mount_enabled", + "value": "mount_option_opt_nosuid", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure tmp.mount Unit Is Enabled", + "value": "Add nosuid Option to /opt", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_tmp_nosuid", + "value": "systemd_tmp_mount_enabled", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /tmp", + "value": "Ensure tmp.mount Unit Is Enabled", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_tmp_noexec", + "value": "mount_option_tmp_nosuid", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /tmp", + "value": "Add nosuid Option to /tmp", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_srv", + "value": "mount_option_tmp_noexec", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /srv Located On Separate Partition", + "value": "Add noexec Option to /tmp", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_srv_nosuid", + "value": "partition_for_srv", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /srv", + "value": "Ensure /srv Located On Separate Partition", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_home", + "value": "mount_option_srv_nosuid", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /home Located On Separate Partition", + "value": "Add nosuid Option to /srv", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_home_nosuid", + "value": "partition_for_home", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /home", + "value": "Ensure /home Located On Separate Partition", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_home_noexec", + "value": "mount_option_home_nosuid", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /home", + "value": "Add nosuid Option to /home", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_usr", + "value": "mount_option_home_noexec", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /usr Located On Separate Partition", + "value": "Add noexec Option to /home", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var", + "value": "partition_for_usr", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var Located On Separate Partition", + "value": "Ensure /usr Located On Separate Partition", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_nosuid", + "value": "partition_for_var", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var", + "value": "Ensure /var Located On Separate Partition", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_noexec", + "value": "mount_option_var_nosuid", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var", + "value": "Add nosuid Option to /var", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_log", + "value": "mount_option_var_noexec", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/log Located On Separate Partition", + "value": "Add noexec Option to /var", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_log_noexec", + "value": "partition_for_var_log", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var/log", + "value": "Ensure /var/log Located On Separate Partition", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_log_nosuid", + "value": "mount_option_var_log_noexec", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var/log", + "value": "Add noexec Option to /var/log", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_tmp", + "value": "mount_option_var_log_nosuid", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/tmp Located On Separate Partition", + "value": "Add nosuid Option to /var/log", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_tmp_nosuid", + "value": "partition_for_var_tmp", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var/tmp", + "value": "Ensure /var/tmp Located On Separate Partition", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_tmp_noexec", + "value": "mount_option_var_tmp_nosuid", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var/tmp", + "value": "Add nosuid Option to /var/tmp", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "logind_session_timeout", + "value": "mount_option_var_tmp_noexec", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Logind to terminate idle sessions after certain time of inactivity", + "value": "Add noexec Option to /var/tmp", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "logind_session_timeout", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Configure Logind to terminate idle sessions after certain time of inactivity", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_direct_root_logins", + "value": "accounts_tmout", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Direct root Logins Not Allowed", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "no_direct_root_logins", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Direct root Logins Not Allowed", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sshd_disable_root_login", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Disable SSH Root Login", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands_sudo", + "value": "package_sudo_installed", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", + "value": "Install sudo Package", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "audit_rules_privileged_commands_sudo", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "service_auditd_enabled", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Enable auditd Service", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_noexec", + "value": "package_audit_installed", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_requiretty", + "value": "sudo_add_noexec", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", + "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_add_requiretty", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_ignore_dot", + "value": "sudo_add_use_pty", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_env_reset", + "value": "sudo_add_ignore_dot", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", + "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_no_root_target", + "value": "sudo_add_env_reset", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Don't target root user in the sudoers file", + "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_no_command_negation", + "value": "sudoers_no_root_target", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Don't define allowed commands in sudoers by means of exclusion", + "value": "Don't target root user in the sudoers file", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_explicit_command_args", + "value": "sudoers_no_command_negation", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Explicit arguments in sudo specifications", + "value": "Don't define allowed commands in sudoers by means of exclusion", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shadow", + "value": "sudoers_explicit_command_args", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns shadow File", + "value": "Explicit arguments in sudo specifications", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shadow", + "value": "file_owner_etc_shadow", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns shadow File", + "value": "Verify User Who Owns shadow File", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shadow", + "value": "file_groupowner_etc_shadow", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on shadow File", + "value": "Verify Group Who Owns shadow File", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_gshadow", + "value": "file_permissions_etc_shadow", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns gshadow File", + "value": "Verify Permissions on shadow File", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_gshadow", + "value": "file_owner_etc_gshadow", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns gshadow File", + "value": "Verify User Who Owns gshadow File", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_gshadow", + "value": "file_groupowner_etc_gshadow", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on gshadow File", + "value": "Verify Group Who Owns gshadow File", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_passwd", + "value": "file_permissions_etc_gshadow", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns passwd File", + "value": "Verify Permissions on gshadow File", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_passwd", + "value": "file_owner_etc_passwd", + "remarks": "rule_set_151" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Verify User Who Owns passwd File", "remarks": "rule_set_151" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "file_groupowner_etc_passwd", + "remarks": "rule_set_152" + }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_groupownership", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_ownership", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_permissions", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_group_root_owned", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root as a group owner", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_root_owned", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root ownership", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_system_commands_dirs", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands files are group owned by root or a system account", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_private_key", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_private_key", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_pub_key", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_pub_key", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_pub_key", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Public *.pub Key Files", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_sshd_config", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Owner on SSH Server config file", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_sshd_config", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns SSH Server config file", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_config", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server config file", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_selinux", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/selinux Directory", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_selinux", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/selinux Directory", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_selinux", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/selinux Directory", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sestatus_conf", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sestatus_conf", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sestatus_conf", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sestatus.conf File", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_ipsecd", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_ipsecd", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_ipsecd", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.d Directory", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_conf", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_conf", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmep_argument_absent", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMEP is not disabled during boot", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmap_argument_absent", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMAP is not disabled during boot", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_enable_iommu_force", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "IOMMU configuration directive", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_modules_disabled", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable loading and unloading of kernel modules", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_grub2_cfg", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Group Ownership", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_grub2_cfg", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg User Ownership", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_grub2_cfg", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Permissions", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_user_cfg", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Group Ownership", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_user_cfg", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg User Ownership", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_user_cfg", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Permissions", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_systemmap", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns System.map Files", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_systemmap", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns System.map Files", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_systemmap", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on System.map Files", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_bashrc", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Bash Umask is Set Correctly", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_login_defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in login.defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in /etc/profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_dedicated_group", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure a dedicated group owns sudo", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sudo", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure That the sudo Binary Has the Correct Permissions", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog-gnutls_installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog-gnutls is installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_logrotate_activated", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logrotate Runs Periodically", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_strict_kernel_rwx", - "remarks": "rule_set_314" + "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the kernel text and rodata read-only", - "remarks": "rule_set_314" + "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_wx", - "remarks": "rule_set_315" + "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Warn on W+X mappings found at boot", - "remarks": "rule_set_315" + "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_fs", - "remarks": "rule_set_316" + "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kernel debugfs", - "remarks": "rule_set_316" + "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_stackprotector", - "remarks": "rule_set_317" + "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Stack Protector buffer overflow detection", - "remarks": "rule_set_317" + "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_stackprotector_strong", - "remarks": "rule_set_318" + "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Strong Stack Protector", - "remarks": "rule_set_318" + "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_sched_stack_end_check", - "remarks": "rule_set_319" + "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Detect stack corruption on calls to schedule()", - "remarks": "rule_set_319" + "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_hardened_usercopy", - "remarks": "rule_set_320" + "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden memory copies between kernel and userspace", - "remarks": "rule_set_320" + "remarks": "rule_set_321" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_vmap_stack", - "remarks": "rule_set_321" + "remarks": "rule_set_322" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User a virtually-mapped stack", - "remarks": "rule_set_321" + "remarks": "rule_set_322" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_fortify_source", - "remarks": "rule_set_322" + "remarks": "rule_set_323" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden common str/mem functions against buffer overflows", - "remarks": "rule_set_322" + "remarks": "rule_set_323" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_acpi_custom_method", - "remarks": "rule_set_323" + "remarks": "rule_set_324" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do not allow ACPI methods to be inserted/replaced at run time", - "remarks": "rule_set_323" + "remarks": "rule_set_324" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_proc_kcore", - "remarks": "rule_set_324" + "remarks": "rule_set_325" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable support for /proc/kkcore", - "remarks": "rule_set_324" + "remarks": "rule_set_325" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_compat_vdso", - "remarks": "rule_set_325" + "remarks": "rule_set_326" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the 32-bit vDSO", - "remarks": "rule_set_325" + "remarks": "rule_set_326" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security_dmesg_restrict", - "remarks": "rule_set_326" + "remarks": "rule_set_327" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict unprivileged access to the kernel syslog", - "remarks": "rule_set_326" + "remarks": "rule_set_327" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_none", - "remarks": "rule_set_327" + "remarks": "rule_set_328" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall mapping", - "remarks": "rule_set_327" + "remarks": "rule_set_328" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_emulate", - "remarks": "rule_set_328" + "remarks": "rule_set_329" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall emulation", - "remarks": "rule_set_328" + "remarks": "rule_set_329" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_xonly", - "remarks": "rule_set_329" + "remarks": "rule_set_330" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall emulate execution only", - "remarks": "rule_set_329" + "remarks": "rule_set_330" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_x86_vsyscall_emulation", - "remarks": "rule_set_330" + "remarks": "rule_set_331" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable x86 vsyscall emulation", - "remarks": "rule_set_330" + "remarks": "rule_set_331" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_credentials", - "remarks": "rule_set_331" + "remarks": "rule_set_332" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on credential management", - "remarks": "rule_set_331" + "remarks": "rule_set_332" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_notifiers", - "remarks": "rule_set_332" + "remarks": "rule_set_333" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on notifier call chains", - "remarks": "rule_set_332" + "remarks": "rule_set_333" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_list", - "remarks": "rule_set_333" + "remarks": "rule_set_334" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on linked list manipulation", - "remarks": "rule_set_333" + "remarks": "rule_set_334" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_sg", - "remarks": "rule_set_334" + "remarks": "rule_set_335" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on scatter-gather (SG) table operations", - "remarks": "rule_set_334" + "remarks": "rule_set_335" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_bug_on_data_corruption", - "remarks": "rule_set_335" + "remarks": "rule_set_336" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Trigger a kernel BUG when data corruption is detected", - "remarks": "rule_set_335" + "remarks": "rule_set_336" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_freelist_random", - "remarks": "rule_set_336" + "remarks": "rule_set_337" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize slab freelist", - "remarks": "rule_set_336" + "remarks": "rule_set_337" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_freelist_hardened", - "remarks": "rule_set_337" + "remarks": "rule_set_338" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden slab freelist metadata", - "remarks": "rule_set_337" + "remarks": "rule_set_338" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_merge_default", - "remarks": "rule_set_338" + "remarks": "rule_set_339" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow merge of slab caches", - "remarks": "rule_set_338" + "remarks": "rule_set_339" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slub_debug", - "remarks": "rule_set_339" + "remarks": "rule_set_340" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB debugging support", - "remarks": "rule_set_339" + "remarks": "rule_set_340" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_page_poisoning", - "remarks": "rule_set_340" + "remarks": "rule_set_341" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable poison of pages after freeing", - "remarks": "rule_set_340" + "remarks": "rule_set_341" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_compat_brk", - "remarks": "rule_set_341" + "remarks": "rule_set_342" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable compatibility with brk()", - "remarks": "rule_set_341" + "remarks": "rule_set_342" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_strict_module_rwx", - "remarks": "rule_set_342" + "remarks": "rule_set_343" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the module text and rodata read-only", - "remarks": "rule_set_342" + "remarks": "rule_set_343" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig", - "remarks": "rule_set_343" + "remarks": "rule_set_344" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable module signature verification", - "remarks": "rule_set_343" + "remarks": "rule_set_344" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_force", - "remarks": "rule_set_344" + "remarks": "rule_set_345" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require modules to be validly signed", - "remarks": "rule_set_344" + "remarks": "rule_set_345" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_all", - "remarks": "rule_set_345" + "remarks": "rule_set_346" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable automatic signing of all modules", - "remarks": "rule_set_345" + "remarks": "rule_set_346" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_sha512", - "remarks": "rule_set_346" + "remarks": "rule_set_347" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Sign kernel modules with SHA-512", - "remarks": "rule_set_346" + "remarks": "rule_set_347" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_hash", - "remarks": "rule_set_347" + "remarks": "rule_set_348" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify the hash to use when signing modules", - "remarks": "rule_set_347" + "remarks": "rule_set_348" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_key", - "remarks": "rule_set_348" + "remarks": "rule_set_349" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify module signing key to use", - "remarks": "rule_set_348" + "remarks": "rule_set_349" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_bug", - "remarks": "rule_set_349" + "remarks": "rule_set_350" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable support for BUG()", - "remarks": "rule_set_349" + "remarks": "rule_set_350" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_panic_on_oops", - "remarks": "rule_set_350" + "remarks": "rule_set_351" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic oops", - "remarks": "rule_set_350" + "remarks": "rule_set_351" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_panic_timeout", - "remarks": "rule_set_351" + "remarks": "rule_set_352" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic timeout", - "remarks": "rule_set_351" + "remarks": "rule_set_352" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_seccomp", - "remarks": "rule_set_352" + "remarks": "rule_set_353" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable seccomp to safely compute untrusted bytecode", - "remarks": "rule_set_352" + "remarks": "rule_set_353" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_seccomp_filter", - "remarks": "rule_set_353" + "remarks": "rule_set_354" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable use of Berkeley Packet Filter with seccomp", - "remarks": "rule_set_353" + "remarks": "rule_set_354" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security", - "remarks": "rule_set_354" + "remarks": "rule_set_355" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable different security models", - "remarks": "rule_set_354" + "remarks": "rule_set_355" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security_yama", - "remarks": "rule_set_355" + "remarks": "rule_set_356" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Yama support", - "remarks": "rule_set_355" + "remarks": "rule_set_356" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_latent_entropy", - "remarks": "rule_set_356" + "remarks": "rule_set_357" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Generate some entropy during boot and runtime", - "remarks": "rule_set_356" + "remarks": "rule_set_357" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_stackleak", - "remarks": "rule_set_357" + "remarks": "rule_set_358" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Poison kernel stack before returning from syscalls", - "remarks": "rule_set_357" + "remarks": "rule_set_358" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_structleak", - "remarks": "rule_set_358" + "remarks": "rule_set_359" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force initialization of variables containing userspace addresses", - "remarks": "rule_set_358" + "remarks": "rule_set_359" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_structleak_byref_all", - "remarks": "rule_set_359" + "remarks": "rule_set_360" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "zero-init everything passed by reference", - "remarks": "rule_set_359" + "remarks": "rule_set_360" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_randstruct", - "remarks": "rule_set_360" + "remarks": "rule_set_361" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize layout of sensitive kernel structures", - "remarks": "rule_set_360" + "remarks": "rule_set_361" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_syn_cookies", - "remarks": "rule_set_361" + "remarks": "rule_set_362" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable TCP/IP syncookie support", - "remarks": "rule_set_361" + "remarks": "rule_set_362" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_kexec", - "remarks": "rule_set_362" + "remarks": "rule_set_363" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kexec system call", - "remarks": "rule_set_362" + "remarks": "rule_set_363" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_hibernation", - "remarks": "rule_set_363" + "remarks": "rule_set_364" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable hibernation", - "remarks": "rule_set_363" + "remarks": "rule_set_364" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_binfmt_misc", - "remarks": "rule_set_364" + "remarks": "rule_set_365" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kernel support for MISC binaries", - "remarks": "rule_set_364" + "remarks": "rule_set_365" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_ptys", - "remarks": "rule_set_365" + "remarks": "rule_set_366" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable legacy (BSD) PTY support", - "remarks": "rule_set_365" + "remarks": "rule_set_366" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_default_mmap_min_addr", - "remarks": "rule_set_366" + "remarks": "rule_set_367" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Low Address Space To Protect From User Allocation", - "remarks": "rule_set_366" + "remarks": "rule_set_367" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_randomize_base", - "remarks": "rule_set_367" + "remarks": "rule_set_368" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize the address of the kernel image (KASLR)", - "remarks": "rule_set_367" + "remarks": "rule_set_368" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_randomize_memory", - "remarks": "rule_set_368" + "remarks": "rule_set_369" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize the kernel memory sections", - "remarks": "rule_set_368" + "remarks": "rule_set_369" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_ia32_emulation", - "remarks": "rule_set_369" + "remarks": "rule_set_370" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable IA32 emulation", - "remarks": "rule_set_369" + "remarks": "rule_set_370" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_modify_ldt_syscall", - "remarks": "rule_set_370" + "remarks": "rule_set_371" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the LDT (local descriptor table)", - "remarks": "rule_set_370" + "remarks": "rule_set_371" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_arm64_sw_ttbr0_pan", - "remarks": "rule_set_371" + "remarks": "rule_set_372" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Emulate Privileged Access Never (PAN)", - "remarks": "rule_set_371" + "remarks": "rule_set_372" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_unmap_kernel_at_el0", - "remarks": "rule_set_372" + "remarks": "rule_set_373" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Unmap kernel when running in userspace (aka KAISER)", - "remarks": "rule_set_372" + "remarks": "rule_set_373" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_selinuxuser_execheap", - "remarks": "rule_set_373" + "remarks": "rule_set_374" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the selinuxuser_execheap SELinux Boolean", - "remarks": "rule_set_373" + "remarks": "rule_set_374" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_deny_execmem", - "remarks": "rule_set_374" + "remarks": "rule_set_375" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the deny_execmem SELinux Boolean", - "remarks": "rule_set_374" + "remarks": "rule_set_375" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_selinuxuser_execstack", - "remarks": "rule_set_375" + "remarks": "rule_set_376" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the selinuxuser_execstack SELinux Boolean", - "remarks": "rule_set_375" + "remarks": "rule_set_376" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_ssh_sysadm_login", - "remarks": "rule_set_376" + "remarks": "rule_set_377" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the ssh_sysadm_login SELinux Boolean", - "remarks": "rule_set_376" + "remarks": "rule_set_377" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot_removed", - "remarks": "rule_set_377" + "remarks": "rule_set_378" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot Package", - "remarks": "rule_set_377" + "remarks": "rule_set_378" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot-server_removed", - "remarks": "rule_set_378" + "remarks": "rule_set_379" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot-server Package", - "remarks": "rule_set_378" + "remarks": "rule_set_379" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot-plugins_removed", - "remarks": "rule_set_379" + "remarks": "rule_set_380" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot-plugins Package", - "remarks": "rule_set_379" + "remarks": "rule_set_380" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_periodic_cron_checking", - "remarks": "rule_set_380" + "remarks": "rule_set_381" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Periodic Execution of AIDE", - "remarks": "rule_set_380" + "remarks": "rule_set_381" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_scan_notification", - "remarks": "rule_set_381" + "remarks": "rule_set_382" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Notification of Post-AIDE Scan Details", - "remarks": "rule_set_381" + "remarks": "rule_set_382" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_verify_acls", - "remarks": "rule_set_382" + "remarks": "rule_set_383" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure AIDE to Verify Access Control Lists (ACLs)", - "remarks": "rule_set_382" + "remarks": "rule_set_383" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_verify_ext_attributes", - "remarks": "rule_set_383" + "remarks": "rule_set_384" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure AIDE to Verify Extended Attributes", - "remarks": "rule_set_383" + "remarks": "rule_set_384" } ], "control-implementations": [ { - "uuid": "3118cc91-a1f0-4f45-8221-ae02e8b1123d", + "uuid": "1eb383cc-b728-47b3-aefa-3ebdc047c820", "source": "trestle://profiles/rhel10-anssi-high/profile.json", "description": "Control implementation for anssi_bp28_high", "props": [ @@ -5623,7 +5635,7 @@ ], "implemented-requirements": [ { - "uuid": "f99a9be5-3f7e-4378-afe2-9ea796dd6701", + "uuid": "0045d41a-2c30-4153-b728-7df486574354", "control-id": "r4", "description": "The description for control-id r4.", "props": [ @@ -5636,7 +5648,7 @@ ] }, { - "uuid": "1b76ae85-abdf-4546-bd88-ed53f7842cfe", + "uuid": "31bdbb2b-faad-4763-9614-d81d602b4610", "control-id": "r6", "description": "The description for control-id r6.", "props": [ @@ -5649,7 +5661,7 @@ ] }, { - "uuid": "11a0c42f-94e5-4d48-8f8b-baa646b7a716", + "uuid": "89026a72-c539-4b6c-aeed-64e1d8d004f9", "control-id": "r15", "description": "The special case of direct access to physical memory is not handled.", "props": [ @@ -5746,7 +5758,7 @@ ] }, { - "uuid": "99afee46-2edb-4832-97e1-98ad46930697", + "uuid": "1a34e07a-0043-4827-a049-2f6fb56d0fe4", "control-id": "r16", "description": "No notes for control-id R16.", "props": [ @@ -5783,7 +5795,7 @@ ] }, { - "uuid": "855f8b27-5341-4a8c-854a-62704ff99e3e", + "uuid": "cf1f1bc7-c933-4515-a7cf-2f8c1509451a", "control-id": "r17", "description": "No notes for control-id R17.", "props": [ @@ -5825,7 +5837,7 @@ ] }, { - "uuid": "f902689b-8238-4b80-a1fa-bbfc881c8b28", + "uuid": "4de39415-9fc2-4ccb-a3ec-5810a8f951d2", "control-id": "r18", "description": "No notes for control-id R18.", "props": [ @@ -5872,7 +5884,7 @@ ] }, { - "uuid": "394b2111-7010-45e4-b8f5-10cea414e7c6", + "uuid": "07c7e005-e908-4cf2-ad07-9881a0cab46c", "control-id": "r19", "description": "No notes for control-id R19.", "props": [ @@ -5899,7 +5911,7 @@ ] }, { - "uuid": "fc378499-c7ce-4298-b2fa-035f7624a399", + "uuid": "8507a27c-9ee3-4f3a-ba58-a45670c0ebae", "control-id": "r20", "description": "No notes for control-id R20.", "props": [ @@ -5931,7 +5943,7 @@ ] }, { - "uuid": "c9e1fd6d-1aa3-4a9d-97d6-9ea58b1f32f0", + "uuid": "d03ace1a-a2b7-4176-8ca2-d425867210ae", "control-id": "r21", "description": "No notes for control-id R21.", "props": [ @@ -5968,7 +5980,7 @@ ] }, { - "uuid": "ab6d228a-6a2f-4ab1-a3fa-f84ace1b92ff", + "uuid": "85eefa72-7429-4777-ba12-913e719bd51b", "control-id": "r22", "description": "This control doesn't disable the IPv6 stack, to disable it select the related rule.", "props": [ @@ -5985,7 +5997,7 @@ ] }, { - "uuid": "960ae855-d0cf-4e57-9f91-aec4b8e76f66", + "uuid": "47aed824-44dd-457f-992f-07c855af8944", "control-id": "r23", "description": "If the system can function without support for kernel modules, module support should be disabled by setting CONFIG_MODULES=n.", "props": [ @@ -6017,7 +6029,7 @@ ] }, { - "uuid": "d38b0384-9b2f-4714-8d53-0ed2f18e1110", + "uuid": "acf6c3b2-e9a1-4bd4-aa56-139a08b9cd79", "control-id": "r24", "description": "The description for control-id r24.", "props": [ @@ -6030,7 +6042,7 @@ ] }, { - "uuid": "6c8729a1-b988-4343-99cb-31ad9fbcce3b", + "uuid": "a1f8cb4b-ed1e-4e28-a94c-11ad5716c212", "control-id": "r25", "description": "No notes for control-id R25.", "props": [ @@ -6067,7 +6079,7 @@ ] }, { - "uuid": "c30bd536-7410-4d8f-915d-cc0963a3ff51", + "uuid": "ad9da471-882f-43d9-ba24-8ace4879daef", "control-id": "r26", "description": "The description for control-id r26.", "props": [ @@ -6080,7 +6092,7 @@ ] }, { - "uuid": "fd9c859a-5cdc-403d-97c4-e6cd00f8e613", + "uuid": "c8c85d15-d897-4e18-974e-9af1e5f3d9b9", "control-id": "r27", "description": "No notes for control-id R27.", "props": [ @@ -6112,7 +6124,7 @@ ] }, { - "uuid": "397b2c31-afae-4f97-82d6-0543c6dc73bf", + "uuid": "b6dce40b-44c9-47e3-b03c-940a704fc6d8", "control-id": "r46", "description": "No notes for control-id R46.", "props": [ @@ -6129,7 +6141,7 @@ ] }, { - "uuid": "756728e8-c9c2-4eb0-83d0-8cdfd290f1ef", + "uuid": "c822b576-6f7b-427e-b374-dd0011b3d6fb", "control-id": "r47", "description": "The description for control-id r47.", "props": [ @@ -6142,7 +6154,7 @@ ] }, { - "uuid": "03928543-fbff-4eaf-be82-03df36404c50", + "uuid": "f6132129-ca0c-4f16-9b15-19194fd6f176", "control-id": "r48", "description": "In RHEL, the SELinux boolean allow_execheap is renamed to selinuxuser_execheap, and the boolean allow_execstack is renamed to selinuxuser_execstack. And allow_execmem is not available, deny_execmem provides the same functionality.", "props": [ @@ -6174,7 +6186,7 @@ ] }, { - "uuid": "ef0b75ee-5ba4-4e05-b3fe-25829630d39a", + "uuid": "7fb19378-105e-45c6-8c33-4e7e8d9a2928", "control-id": "r49", "description": "No notes for control-id R49.", "props": [ @@ -6201,7 +6213,7 @@ ] }, { - "uuid": "b87fe155-ae24-4db6-a4a5-8de95c9d2bff", + "uuid": "9ae53182-0f43-4cca-b9e3-d60d2d3d333b", "control-id": "r66", "description": "The description for control-id r66.", "props": [ @@ -6214,7 +6226,7 @@ ] }, { - "uuid": "0732abf6-ecab-403c-89a8-bbde172720a9", + "uuid": "13652185-526d-41ad-befc-7418398ce7ac", "control-id": "r76", "description": "No notes for control-id R76.", "props": [ @@ -6256,7 +6268,7 @@ ] }, { - "uuid": "90359417-4057-420f-baee-db2ede242d2d", + "uuid": "28ffb4e1-dc91-4655-b43a-f5ff785c95a9", "control-id": "r77", "description": "The description for control-id r77.", "props": [ @@ -6269,7 +6281,7 @@ ] }, { - "uuid": "b235d4a2-c896-46f9-aaaa-2e703157afa7", + "uuid": "95659cb4-4438-4a27-a75e-868448790f50", "control-id": "r1", "description": "This requirement can be checked, but remediation requires manual reinstall of the OS. The content automation cannot really configure the BIOS, but can in some cases, check settings that are visible to the OS. Like for example the NX/DX setting.", "props": [ @@ -6291,7 +6303,7 @@ ] }, { - "uuid": "0c0d6868-fb82-400e-81b6-feda838bc227", + "uuid": "c772b48a-11a6-4765-9488-5b2818ffa8a5", "control-id": "r7", "description": "No notes for control-id R7.", "props": [ @@ -6308,7 +6320,7 @@ ] }, { - "uuid": "eb22fe71-9d23-4ec4-9170-e17f511b572c", + "uuid": "834061a5-eba3-4a3b-ad30-78a07c8b166d", "control-id": "r10", "description": "No notes for control-id R10.", "props": [ @@ -6325,7 +6337,7 @@ ] }, { - "uuid": "8d304ca9-e97e-4fb9-a4b0-c8db86c3e796", + "uuid": "dea42dd7-9282-4caf-abed-63ea97345c2e", "control-id": "r29", "description": "The /boot partition mounted is essential to perform certain administrative actions, for example updating the kernel. Therefore, for better stability, in this requirement only rules to restrict the access to /boot are selected. It is not changed how the /boot is mounted.", "props": [ @@ -6382,7 +6394,7 @@ ] }, { - "uuid": "b77a1ab9-d38d-4c89-84e0-9719e5f245dd", + "uuid": "3966d20e-92ed-46a8-a7ec-fd05b3a3142f", "control-id": "r36", "description": "There are cases of Systemd services which would stop working in case umask would be configured to 0027 for all services. One such example is the Cups service which needs to create sockets which need to be available for all users. Therefore, this part of the requirement can't be automated.", "props": [ @@ -6409,7 +6421,7 @@ ] }, { - "uuid": "a58346e5-1c96-4255-b2d5-30e0ae49bb7d", + "uuid": "94ede3f5-80c8-4e46-942f-4558f296023d", "control-id": "r37", "description": "Other partitioning mechanisms can include chroot and containers and are not contemplated in this requirement.", "props": [ @@ -6426,7 +6438,7 @@ ] }, { - "uuid": "ff75fde1-0121-4ccb-8411-5171660f576a", + "uuid": "8d108b6d-24a6-4b79-99d7-2b0039f8f2ce", "control-id": "r38", "description": "No notes for control-id R38.", "props": [ @@ -6448,7 +6460,7 @@ ] }, { - "uuid": "78597691-c119-4e7d-b625-7bae1dd36f33", + "uuid": "19c3f0a3-dfb8-4cd7-84fd-6ea9dc4a0c1e", "control-id": "r41", "description": "The description for control-id r41.", "props": [ @@ -6461,7 +6473,7 @@ ] }, { - "uuid": "dacc3fd2-45f6-4528-b669-4682aa9d6bb7", + "uuid": "e0b83b04-352c-459e-821f-53d4a585312e", "control-id": "r45", "description": "No notes for control-id R45.", "props": [ @@ -6473,7 +6485,7 @@ ] }, { - "uuid": "a4188a03-4d34-40c7-8793-89aa9a1ae369", + "uuid": "6042b6c8-693d-414e-b1bd-d80ceabcaeec", "control-id": "r51", "description": "This concerns two aspects, the first is administrative, and involves prompt installation of secrets or trusted elements by the sysadmin. The second involves removal of any default secret or trusted element configured by the operating system during install process, e.g. default known passwords.", "props": [ @@ -6485,7 +6497,7 @@ ] }, { - "uuid": "d1109cdd-5d21-41e4-9603-5a213771c061", + "uuid": "f7e2b142-eed7-4557-8bde-81d9d4117baa", "control-id": "r57", "description": "The description for control-id r57.", "props": [ @@ -6498,7 +6510,7 @@ ] }, { - "uuid": "63f3901f-5560-4bd8-938c-1317b34fc801", + "uuid": "637c72c1-14f5-469b-9c4c-97c96c5fb5fc", "control-id": "r60", "description": "The description for control-id r60.", "props": [ @@ -6511,7 +6523,7 @@ ] }, { - "uuid": "576f991e-ac38-4201-bb89-76e47230160d", + "uuid": "cdc7e47e-6200-43c7-8bf3-5154aede15a3", "control-id": "r64", "description": "SELinux policies limit the privileges of services and daemons just to those which are required. The policies should be enough to restrict the services' privileges to its essentials, but the automated content cannot assess whether they are the minimum required for the deployment.", "props": [ @@ -6528,7 +6540,7 @@ ] }, { - "uuid": "8d167bcd-3fa2-4325-99cf-66ac4d9840ef", + "uuid": "74cac590-ef8f-4849-97e2-82d53b61cc28", "control-id": "r65", "description": "The description for control-id r65.", "props": [ @@ -6541,7 +6553,7 @@ ] }, { - "uuid": "1b812d93-eeb4-4dfa-8a99-110bf0163ccf", + "uuid": "94cca7ac-22d7-41d5-99f0-c607e3a0133c", "control-id": "r71", "description": "A lot of recommendations and requirements from the DAT-PA-012 document are administrative and hard to automate. The rules selected below address a few of the aspects that can be covered, keep in mind that these configurations should be customized for the systems deployment requirements.", "props": [ @@ -6628,7 +6640,7 @@ ] }, { - "uuid": "54c7d1fe-e3ab-41ce-be1a-48ce5e8d6fe1", + "uuid": "27cafeab-c7a7-42a4-8bcd-7da2a990780a", "control-id": "r72", "description": "No notes for control-id R72.", "props": [ @@ -6640,7 +6652,7 @@ ] }, { - "uuid": "b0220de8-a467-43be-94e5-032ffe777ce2", + "uuid": "8b3fecff-0bc3-4998-ae73-cfb657158175", "control-id": "r73", "description": "No notes for control-id R73.", "props": [ @@ -6932,7 +6944,7 @@ ] }, { - "uuid": "9be4d8a2-948e-485d-9895-4723a8cdadab", + "uuid": "3014030f-f73f-463a-877c-e2c49890bc5e", "control-id": "r78", "description": "The description for control-id r78.", "props": [ @@ -6945,7 +6957,7 @@ ] }, { - "uuid": "ce6e2624-891b-49cb-9f88-bc9400f444ac", + "uuid": "4209ec29-f2fb-42d0-93f6-6d8b4b2157a6", "control-id": "r2", "description": "The description for control-id r2.", "props": [ @@ -6958,7 +6970,7 @@ ] }, { - "uuid": "b8a92155-00a5-4405-ad7d-3450d75a4465", + "uuid": "d6434c22-1d33-447b-b6cf-4e3ef7245da1", "control-id": "r3", "description": "The description for control-id r3.", "props": [ @@ -6971,7 +6983,7 @@ ] }, { - "uuid": "ed3278b4-8b4e-4ec7-b33d-e8cd68ac37a7", + "uuid": "527a7fb7-a256-46f7-8ee8-aa0ebd38820f", "control-id": "r5", "description": "No notes for control-id R5.", "props": [ @@ -6988,7 +7000,7 @@ ] }, { - "uuid": "05d854a4-43ce-4b5b-9a40-f12ad83db0cc", + "uuid": "0a098720-6a7b-44cd-b4c6-138bdcbab837", "control-id": "r8", "description": "No notes for control-id R8.", "props": [ @@ -7060,7 +7072,7 @@ ] }, { - "uuid": "282469b6-e1cc-4253-989f-4442efaeb662", + "uuid": "a4488aa3-6110-4120-8915-7f51383dfbdd", "control-id": "r9", "description": "No notes for control-id R9.", "props": [ @@ -7122,7 +7134,7 @@ ] }, { - "uuid": "9dd1ac6d-d6f0-4599-b9e3-73ae9e2a470f", + "uuid": "600962c1-d9de-4087-ab47-cc1b35857218", "control-id": "r11", "description": "No notes for control-id R11.", "props": [ @@ -7139,7 +7151,7 @@ ] }, { - "uuid": "f6de9404-4453-43a7-98d9-828f3ec99fe3", + "uuid": "4043a578-f427-45ca-bbfd-73c0de99e3e9", "control-id": "r12", "description": "No notes for control-id R12.", "props": [ @@ -7266,7 +7278,7 @@ ] }, { - "uuid": "aa8db05d-9b73-4826-94ba-c18a3bf7df73", + "uuid": "2c454e36-fa1d-43ab-b30e-3abcb049fb77", "control-id": "r13", "description": "When IPv6 is not in use, disable it, otherwise secure the IPv6 stack. This control hardens the IPv6 stack, to disable it use the related rules instead.", "props": [ @@ -7358,7 +7370,7 @@ ] }, { - "uuid": "4954b794-6e20-4119-8723-c76e4b9fa6e0", + "uuid": "425b0bb9-a4c5-4899-9033-c445d9dcb025", "control-id": "r14", "description": "The rule for the /proc file system is not implemented", "props": [ @@ -7395,7 +7407,7 @@ ] }, { - "uuid": "8a90f3b0-028f-42c4-b2ad-95f6c70ae330", + "uuid": "2a08a2c4-a1bc-4791-b4e3-aa24d7fec4ac", "control-id": "r28", "description": "No notes for control-id R28.", "props": [ @@ -7527,7 +7539,7 @@ ] }, { - "uuid": "a488203d-b474-481c-91fe-5964173b0d6f", + "uuid": "9bfe5d41-be54-4e93-af5c-2bb5110c29e1", "control-id": "r32", "description": "ANSSI doesn't specify the length of the inactivity period, we are choosing 10 minutes as reasonable number.", "props": [ @@ -7549,7 +7561,7 @@ ] }, { - "uuid": "895021e3-6a7c-4883-befa-6e4e13ca27ff", + "uuid": "9762d9d2-90c2-4462-91c5-2117f61e29b1", "control-id": "r33", "description": "By disabling direct root logins proper accountability is ensured. Users will login first, then escalate to privileged (root) access. Change of privilege operations must be based on executables to monitor the activities performed (for example sudo). Nonetheless, the content automation cannot ensure that each administrator was given a nominative administration account separate from his normal user account.", "props": [ @@ -7591,7 +7603,7 @@ ] }, { - "uuid": "5053cba6-0cc3-48d5-8574-a6eaabdfb498", + "uuid": "75334e5d-6a79-4373-bb3a-6644592d57de", "control-id": "r34", "description": "The description for control-id r34.", "props": [ @@ -7604,7 +7616,7 @@ ] }, { - "uuid": "f02a1ef0-c54a-496d-805c-6757e17d1712", + "uuid": "c495fa18-5edc-41a7-8449-40d48d260869", "control-id": "r35", "description": "The description for control-id r35.", "props": [ @@ -7617,7 +7629,7 @@ ] }, { - "uuid": "36fab66b-8880-490a-a35d-74a121364294", + "uuid": "6955cca1-e424-451b-827e-359ec8818ff9", "control-id": "r39", "description": "No notes for control-id R39.", "props": [ @@ -7654,7 +7666,7 @@ ] }, { - "uuid": "95001dba-a858-45df-825e-da1bdf3e2fdc", + "uuid": "b09575c3-4406-4df2-8609-934beba86a16", "control-id": "r40", "description": "No notes for control-id R40.", "props": [ @@ -7671,7 +7683,7 @@ ] }, { - "uuid": "94258b68-ea51-4274-9910-ad492502789e", + "uuid": "89adac3f-63ee-4440-b551-dcd00d040d69", "control-id": "r42", "description": "No notes for control-id R42.", "props": [ @@ -7688,7 +7700,7 @@ ] }, { - "uuid": "bc83a8ee-de66-4b04-aec8-f43714a154e5", + "uuid": "969b8f02-2c32-4a43-8694-3b8cff16a7ab", "control-id": "r43", "description": "No notes for control-id R43.", "props": [ @@ -7705,7 +7717,7 @@ ] }, { - "uuid": "a062c948-0ff1-45ba-9d23-2fb2a58a4def", + "uuid": "e214c0df-cbf5-4000-9e52-1d308c3ae380", "control-id": "r44", "description": "The description for control-id r44.", "props": [ @@ -7718,7 +7730,7 @@ ] }, { - "uuid": "a61a58e6-ed81-4f9d-b738-7b18f3e4e35a", + "uuid": "54b10039-8e09-45c9-b72e-a8f86be1841c", "control-id": "r50", "description": "No notes for control-id R50.", "props": [ @@ -8085,7 +8097,7 @@ ] }, { - "uuid": "39d02f89-084f-4eb1-b88b-2cd4f93ba8a6", + "uuid": "31efecdd-c19f-455c-a7cf-10c2bfe01254", "control-id": "r52", "description": "The description for control-id r52.", "props": [ @@ -8098,7 +8110,7 @@ ] }, { - "uuid": "821f9b57-83b2-497f-a148-ccf4cec4d6dd", + "uuid": "cd5eeb0f-28d4-4059-b8a5-95ebb562e685", "control-id": "r55", "description": "The approach of the selected rules is to use and configure pam_namespace module.", "props": [ @@ -8130,7 +8142,7 @@ ] }, { - "uuid": "ac613979-8515-4b8d-9069-07afaa5eee50", + "uuid": "5ed0c688-aa50-4bab-ae02-a9d0e72cb62e", "control-id": "r63", "description": "The description for control-id r63.", "props": [ @@ -8143,7 +8155,7 @@ ] }, { - "uuid": "1dffa59d-e70e-42aa-bb6b-2a3610c7a47d", + "uuid": "a8313bd7-f809-46d1-9ec3-8cd57a6d9d85", "control-id": "r67", "description": "In systems where remote authentication is handled through sssd service, PAM delegates\nrequests for remote authentication to sssd service through a local Unix socket. The sssd\nservice can use IPA, AD or LDAP as a remote database containing information required for authentication.\nIn case LDAP is configured manually, there are several configuration options which should be chedked.", "props": [ @@ -8165,7 +8177,7 @@ ] }, { - "uuid": "37f2291d-00af-4427-b290-a061151f91c8", + "uuid": "4ca5a5bc-65d4-4ffa-939c-1e6bd9914085", "control-id": "r69", "description": "The description for control-id r69.", "props": [ @@ -8178,7 +8190,7 @@ ] }, { - "uuid": "d4676fb6-5ac1-4025-8761-81bdda23d0d8", + "uuid": "fd1d06f4-83f2-4826-a17d-e382e78dae26", "control-id": "r70", "description": "The description for control-id r70.", "props": [ @@ -8191,7 +8203,7 @@ ] }, { - "uuid": "efae368e-f521-4481-8c70-2d902debe8e1", + "uuid": "e1921a88-2d68-4331-9aed-9fc8b8db12ba", "control-id": "r74", "description": "No notes for control-id R74.", "props": [ @@ -8208,7 +8220,7 @@ ] }, { - "uuid": "1c166e8f-137b-4bd6-a1eb-f79802704c34", + "uuid": "efc9f56f-77a4-4485-a8f5-aabce571ef68", "control-id": "r75", "description": "Only the alias for root user is covered by the rule. The other services cannot be reliably covered, as there is no simple way of determining what is a service account.", "props": [ @@ -8225,7 +8237,7 @@ ] }, { - "uuid": "1612481f-ddb5-4c11-95a7-1a1edfe8c675", + "uuid": "6a6809e2-7c62-4948-bc38-d29aadcaf528", "control-id": "r79", "description": "SELinux can provide confinement and monitoring of services, and AIDE provides basic integrity checking. System logs are configured as part of R43. Hardening of particular services should be done on a case by case basis and is not automated by this content.", "props": [ @@ -8252,7 +8264,7 @@ ] }, { - "uuid": "75fdc847-6412-4896-8400-32caee108a6a", + "uuid": "8f5d6fe8-75f9-41e0-b04e-d7f3b36a3e6a", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -8265,7 +8277,7 @@ ] }, { - "uuid": "e7538670-ea71-4250-ab0e-3501333e4782", + "uuid": "62ef48fd-455f-47f9-afa9-c196a8636e05", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -8337,7 +8349,7 @@ ] }, { - "uuid": "f9c4b66b-c48c-43d4-97b6-877ad656efde", + "uuid": "b98ca982-6688-4308-9d99-081dfce5b89f", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -8359,7 +8371,7 @@ ] }, { - "uuid": "44246709-09bd-4a6e-b682-108efa17bd8f", + "uuid": "06ad0df8-1d3c-4d1c-8bc9-7adaf324fdba", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -8386,7 +8398,7 @@ ] }, { - "uuid": "ec5530eb-aad4-499c-b58c-99016c452f1f", + "uuid": "c2d708aa-4857-4925-bb89-7d0a3c6ecbf4", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -8408,7 +8420,7 @@ ] }, { - "uuid": "3194f303-2e70-4f3a-a4b3-09a1f9854636", + "uuid": "7c8d0538-c958-455d-9b7e-7ea48279efb8", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -8421,7 +8433,7 @@ ] }, { - "uuid": "e15f0977-fa7a-42cd-bfa2-1779989c51f2", + "uuid": "20bdfe34-283d-4950-9eff-d25e60353bc9", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -8449,11 +8461,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "8170dcd6-a97d-4a6b-b3a2-928cbfbbe8d7", + "uuid": "242f2685-e082-40ce-8367-dd94295f4a49", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -8485,7 +8502,7 @@ ] }, { - "uuid": "446dd767-6729-4320-aafe-1ea786e7528a", + "uuid": "aa53bbfc-79b9-48fe-98e8-f62ae0ed9142", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -8523,7 +8540,7 @@ ] }, { - "uuid": "ab2a872a-b4da-4bf9-8b4b-83e72ab3dc2a", + "uuid": "1fbf9d66-add7-4e0a-80b8-d51b86798ccc", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -8560,7 +8577,7 @@ ] }, { - "uuid": "d1eaf809-369e-46a8-93f3-f58a5206c707", + "uuid": "70419368-23ff-47f4-9074-ef489fe0a8f9", "control-id": "r80", "description": "The description for control-id r80.", "props": [ @@ -8963,7 +8980,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -8981,7 +8998,7 @@ { "name": "Parameter_Value_Alternatives_20", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -9875,8671 +9892,8695 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_026" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_026" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_027" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_027" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_028" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_028" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_029" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_029" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_030" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_030" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_031" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_031" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_031" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_tftp-server_removed", + "remarks": "rule_set_032" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Uninstall tftp-server Package", + "remarks": "rule_set_032" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_tftp-server_removed", + "remarks": "rule_set_032" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Uninstall tftp-server Package", + "remarks": "rule_set_032" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_system_auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - system-auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_system_auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - system-auth", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_password_auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - password-auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_password_auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - password-auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_password", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Boot Loader Password in grub2", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_password", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Boot Loader Password in grub2", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_l1tf_argument", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure L1 Terminal Fault mitigations", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_l1tf_argument", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure L1 Terminal Fault mitigations", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_poison_argument", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable page allocator poisoning", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_poison_argument", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable page allocator poisoning", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_pti_argument", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Page-Table Isolation (KPTI)", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_pti_argument", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Page-Table Isolation (KPTI)", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slab_nomerge_argument", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable merging of slabs with similar size", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slab_nomerge_argument", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable merging of slabs with similar size", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slub_debug_argument", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB/SLAB allocator poisoning", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slub_debug_argument", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB/SLAB allocator poisoning", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spec_store_bypass_disable_argument", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Speculative Store Bypass Mitigation", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spec_store_bypass_disable_argument", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Speculative Store Bypass Mitigation", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spectre_v2_argument", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enforce Spectre v2 mitigation", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spectre_v2_argument", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enforce Spectre v2 mitigation", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mds_argument", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Microarchitectural Data Sampling mitigation", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mds_argument", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Microarchitectural Data Sampling mitigation", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mce_argument", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force kernel panic on uncorrected MCEs", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mce_argument", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force kernel panic on uncorrected MCEs", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_alloc_shuffle_argument", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable randomization of the page allocator", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_alloc_shuffle_argument", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable randomization of the page allocator", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_rng_core_default_quality_argument", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the confidence in TPM for entropy", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_rng_core_default_quality_argument", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the confidence in TPM for entropy", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_vm_mmap_min_addr", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent applications from mapping low portion of virtual memory", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_vm_mmap_min_addr", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent applications from mapping low portion of virtual memory", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_pid_max", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure maximum number of process identifiers", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_pid_max", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure maximum number of process identifiers", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_max_sample_rate", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit sampling frequency of the Perf system", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_max_sample_rate", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit sampling frequency of the Perf system", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_cpu_time_max_percent", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit CPU consumption of the Perf system", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_cpu_time_max_percent", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit CPU consumption of the Perf system", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_paranoid", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow kernel profiling by unprivileged users", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_paranoid", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow kernel profiling by unprivileged users", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_sysrq", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow magic SysRq key", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_sysrq", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow magic SysRq key", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_panic_on_oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic on oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_panic_on_oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic on oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_local", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting Packets Routed Between Local Interfaces", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_local", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting Packets Routed Between Local Interfaces", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_redirects", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_redirects", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_redirects", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_redirects", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_secure_redirects", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_secure_redirects", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_secure_redirects", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_secure_redirects", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_shared_media", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_shared_media", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_shared_media", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects by Default", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_shared_media", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects by Default", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_source_route", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_source_route", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_source_route", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_source_route", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_filter", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure ARP filtering for All IPv4 Interfaces", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_filter", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure ARP filtering for All IPv4 Interfaces", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_ignore", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_ignore", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_route_localnet", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_route_localnet", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_rp_filter", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_rp_filter", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_rp_filter", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_rp_filter", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_send_redirects", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_send_redirects", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_send_redirects", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_send_redirects", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_local_port_range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Kernel Parameter to Increase Local Port Range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_local_port_range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Kernel Parameter to Increase Local Port Range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_rfc1337", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_rfc1337", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_syncookies", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_syncookies", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_router_solicitations", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_router_solicitations", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_router_solicitations", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_router_solicitations", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_autoconf", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_autoconf", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_autoconf", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_autoconf", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_redirects", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_redirects", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_redirects", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_redirects", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_source_route", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_source_route", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_source_route", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_source_route", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_max_addresses", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_max_addresses", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_max_addresses", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_max_addresses", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_suid_dumpable", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Core Dumps for SUID programs", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_suid_dumpable", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Core Dumps for SUID programs", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_fifos", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_fifos", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_regular", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Regular files", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_regular", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Regular files", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_nodev_nonroot_local_partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to Non-Root Local Partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_nodev_nonroot_local_partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to Non-Root Local Partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_boot", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /boot Located On Separate Partition", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_boot", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /boot Located On Separate Partition", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_nosuid", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /boot", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_nosuid", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /boot", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_noexec", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /boot", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_noexec", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /boot", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_opt", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /opt Located On Separate Partition", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_opt", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /opt Located On Separate Partition", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_opt_nosuid", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /opt", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_opt_nosuid", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /opt", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "systemd_tmp_mount_enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure tmp.mount Unit Is Enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "systemd_tmp_mount_enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure tmp.mount Unit Is Enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_nosuid", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /tmp", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_nosuid", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /tmp", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_noexec", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /tmp", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_noexec", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /tmp", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_srv", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /srv Located On Separate Partition", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_srv", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /srv Located On Separate Partition", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_srv_nosuid", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /srv", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_srv_nosuid", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /srv", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_nosuid", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /home", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_nosuid", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /home", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_noexec", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /home", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_noexec", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /home", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_usr", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /usr Located On Separate Partition", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_usr", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /usr Located On Separate Partition", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_nosuid", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_nosuid", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_noexec", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_noexec", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_noexec", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/log", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_noexec", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/log", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_nosuid", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/log", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_nosuid", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/log", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_nosuid", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/tmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_nosuid", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/tmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_noexec", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/tmp", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_noexec", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/tmp", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "logind_session_timeout", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Logind to terminate idle sessions after certain time of inactivity", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "logind_session_timeout", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Logind to terminate idle sessions after certain time of inactivity", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_tmout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interactive Session Timeout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_tmout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interactive Session Timeout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_direct_root_logins", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Direct root Logins Not Allowed", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_direct_root_logins", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Direct root Logins Not Allowed", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_noexec", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_noexec", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_root_target", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't target root user in the sudoers file", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_root_target", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't target root user in the sudoers file", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_command_negation", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't define allowed commands in sudoers by means of exclusion", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_command_negation", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't define allowed commands in sudoers by means of exclusion", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_explicit_command_args", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Explicit arguments in sudo specifications", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_explicit_command_args", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Explicit arguments in sudo specifications", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_groupownership", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_groupownership", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_ownership", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_ownership", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_permissions", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_permissions", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_group_root_owned", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root as a group owner", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_group_root_owned", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root as a group owner", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_root_owned", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root ownership", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_root_owned", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root ownership", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_system_commands_dirs", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands files are group owned by root or a system account", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_system_commands_dirs", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands files are group owned by root or a system account", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_private_key", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_private_key", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_private_key", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_private_key", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_pub_key", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_pub_key", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_pub_key", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_pub_key", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_pub_key", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Public *.pub Key Files", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_pub_key", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Public *.pub Key Files", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_sshd_config", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Owner on SSH Server config file", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_sshd_config", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Owner on SSH Server config file", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_sshd_config", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns SSH Server config file", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_sshd_config", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns SSH Server config file", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_config", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server config file", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_config", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server config file", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_selinux", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/selinux Directory", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_selinux", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/selinux Directory", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_selinux", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/selinux Directory", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_selinux", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/selinux Directory", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_selinux", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/selinux Directory", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_selinux", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/selinux Directory", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sestatus_conf", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sestatus_conf", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sestatus_conf", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sestatus_conf", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sestatus_conf", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sestatus.conf File", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sestatus_conf", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sestatus.conf File", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_ipsecd", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_ipsecd", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_ipsecd", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_ipsecd", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_ipsecd", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.d Directory", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_ipsecd", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.d Directory", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_conf", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_conf", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_conf", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_conf", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmep_argument_absent", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMEP is not disabled during boot", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmep_argument_absent", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMEP is not disabled during boot", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmap_argument_absent", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMAP is not disabled during boot", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_nosmap_argument_absent", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SMAP is not disabled during boot", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_enable_iommu_force", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "IOMMU configuration directive", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_enable_iommu_force", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "IOMMU configuration directive", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_modules_disabled", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable loading and unloading of kernel modules", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_modules_disabled", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable loading and unloading of kernel modules", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_grub2_cfg", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Group Ownership", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_grub2_cfg", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Group Ownership", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_grub2_cfg", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg User Ownership", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_grub2_cfg", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg User Ownership", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_grub2_cfg", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Permissions", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_grub2_cfg", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/grub.cfg Permissions", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_user_cfg", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Group Ownership", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_user_cfg", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Group Ownership", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_user_cfg", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg User Ownership", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_user_cfg", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg User Ownership", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_user_cfg", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Permissions", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_user_cfg", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify /boot/grub2/user.cfg Permissions", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_systemmap", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns System.map Files", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_systemmap", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns System.map Files", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_systemmap", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns System.map Files", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_systemmap", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns System.map Files", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_systemmap", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on System.map Files", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_systemmap", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on System.map Files", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_bashrc", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Bash Umask is Set Correctly", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_bashrc", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Bash Umask is Set Correctly", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_login_defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in login.defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_login_defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in login.defs", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in /etc/profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_umask_etc_profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Default Umask is Set Correctly in /etc/profile", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_dedicated_group", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure a dedicated group owns sudo", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_dedicated_group", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure a dedicated group owns sudo", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sudo", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure That the sudo Binary Has the Correct Permissions", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sudo", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure That the sudo Binary Has the Correct Permissions", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog-gnutls_installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog-gnutls is installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog-gnutls_installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog-gnutls is installed", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_251" + "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_252" + "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_253" + "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_254" + "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_255" + "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_logrotate_activated", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logrotate Runs Periodically", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_logrotate_activated", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logrotate Runs Periodically", - "remarks": "rule_set_256" + "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_257" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_258" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_259" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_260" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_261" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_262" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_263" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_264" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_265" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_266" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_267" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_268" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_269" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_270" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_271" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_272" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_273" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_274" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_275" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_276" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_277" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_278" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_279" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_280" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_281" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_282" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_283" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_284" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_285" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_286" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_287" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_288" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_289" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_290" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_291" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_293" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_294" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_295" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_296" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - umount2", - "remarks": "rule_set_297" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_298" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_299" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_300" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_301" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_302" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_303" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_304" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_305" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_306" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_307" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - insmod", - "remarks": "rule_set_308" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - modprobe", - "remarks": "rule_set_309" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - rmmod", - "remarks": "rule_set_310" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_311" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_312" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_313" + "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_strict_kernel_rwx", - "remarks": "rule_set_314" + "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the kernel text and rodata read-only", - "remarks": "rule_set_314" + "remarks": "rule_set_315" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_strict_kernel_rwx", - "remarks": "rule_set_314" + "remarks": "rule_set_315" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the kernel text and rodata read-only", - "remarks": "rule_set_314" + "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_wx", - "remarks": "rule_set_315" + "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Warn on W+X mappings found at boot", - "remarks": "rule_set_315" + "remarks": "rule_set_316" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_wx", - "remarks": "rule_set_315" + "remarks": "rule_set_316" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Warn on W+X mappings found at boot", - "remarks": "rule_set_315" + "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_fs", - "remarks": "rule_set_316" + "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kernel debugfs", - "remarks": "rule_set_316" + "remarks": "rule_set_317" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_fs", - "remarks": "rule_set_316" + "remarks": "rule_set_317" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kernel debugfs", - "remarks": "rule_set_316" + "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_stackprotector", - "remarks": "rule_set_317" + "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Stack Protector buffer overflow detection", - "remarks": "rule_set_317" + "remarks": "rule_set_318" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_stackprotector", - "remarks": "rule_set_317" + "remarks": "rule_set_318" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Stack Protector buffer overflow detection", - "remarks": "rule_set_317" + "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_stackprotector_strong", - "remarks": "rule_set_318" + "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Strong Stack Protector", - "remarks": "rule_set_318" + "remarks": "rule_set_319" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_stackprotector_strong", - "remarks": "rule_set_318" + "remarks": "rule_set_319" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Strong Stack Protector", - "remarks": "rule_set_318" + "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_sched_stack_end_check", - "remarks": "rule_set_319" + "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Detect stack corruption on calls to schedule()", - "remarks": "rule_set_319" + "remarks": "rule_set_320" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_sched_stack_end_check", - "remarks": "rule_set_319" + "remarks": "rule_set_320" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Detect stack corruption on calls to schedule()", - "remarks": "rule_set_319" + "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_hardened_usercopy", - "remarks": "rule_set_320" + "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden memory copies between kernel and userspace", - "remarks": "rule_set_320" + "remarks": "rule_set_321" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_hardened_usercopy", - "remarks": "rule_set_320" + "remarks": "rule_set_321" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden memory copies between kernel and userspace", - "remarks": "rule_set_320" + "remarks": "rule_set_321" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_vmap_stack", - "remarks": "rule_set_321" + "remarks": "rule_set_322" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User a virtually-mapped stack", - "remarks": "rule_set_321" + "remarks": "rule_set_322" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_vmap_stack", - "remarks": "rule_set_321" + "remarks": "rule_set_322" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User a virtually-mapped stack", - "remarks": "rule_set_321" + "remarks": "rule_set_322" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_fortify_source", - "remarks": "rule_set_322" + "remarks": "rule_set_323" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden common str/mem functions against buffer overflows", - "remarks": "rule_set_322" + "remarks": "rule_set_323" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_fortify_source", - "remarks": "rule_set_322" + "remarks": "rule_set_323" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden common str/mem functions against buffer overflows", - "remarks": "rule_set_322" + "remarks": "rule_set_323" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_acpi_custom_method", - "remarks": "rule_set_323" + "remarks": "rule_set_324" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do not allow ACPI methods to be inserted/replaced at run time", - "remarks": "rule_set_323" + "remarks": "rule_set_324" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_acpi_custom_method", - "remarks": "rule_set_323" + "remarks": "rule_set_324" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do not allow ACPI methods to be inserted/replaced at run time", - "remarks": "rule_set_323" + "remarks": "rule_set_324" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_proc_kcore", - "remarks": "rule_set_324" + "remarks": "rule_set_325" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable support for /proc/kkcore", - "remarks": "rule_set_324" + "remarks": "rule_set_325" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_proc_kcore", - "remarks": "rule_set_324" + "remarks": "rule_set_325" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable support for /proc/kkcore", - "remarks": "rule_set_324" + "remarks": "rule_set_325" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_compat_vdso", - "remarks": "rule_set_325" + "remarks": "rule_set_326" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the 32-bit vDSO", - "remarks": "rule_set_325" + "remarks": "rule_set_326" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_compat_vdso", - "remarks": "rule_set_325" + "remarks": "rule_set_326" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the 32-bit vDSO", - "remarks": "rule_set_325" + "remarks": "rule_set_326" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security_dmesg_restrict", - "remarks": "rule_set_326" + "remarks": "rule_set_327" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict unprivileged access to the kernel syslog", - "remarks": "rule_set_326" + "remarks": "rule_set_327" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security_dmesg_restrict", - "remarks": "rule_set_326" + "remarks": "rule_set_327" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict unprivileged access to the kernel syslog", - "remarks": "rule_set_326" + "remarks": "rule_set_327" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_none", - "remarks": "rule_set_327" + "remarks": "rule_set_328" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall mapping", - "remarks": "rule_set_327" + "remarks": "rule_set_328" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_none", - "remarks": "rule_set_327" + "remarks": "rule_set_328" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall mapping", - "remarks": "rule_set_327" + "remarks": "rule_set_328" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_emulate", - "remarks": "rule_set_328" + "remarks": "rule_set_329" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall emulation", - "remarks": "rule_set_328" + "remarks": "rule_set_329" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_emulate", - "remarks": "rule_set_328" + "remarks": "rule_set_329" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall emulation", - "remarks": "rule_set_328" + "remarks": "rule_set_329" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_xonly", - "remarks": "rule_set_329" + "remarks": "rule_set_330" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall emulate execution only", - "remarks": "rule_set_329" + "remarks": "rule_set_330" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_vsyscall_xonly", - "remarks": "rule_set_329" + "remarks": "rule_set_330" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable vsyscall emulate execution only", - "remarks": "rule_set_329" + "remarks": "rule_set_330" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_x86_vsyscall_emulation", - "remarks": "rule_set_330" + "remarks": "rule_set_331" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable x86 vsyscall emulation", - "remarks": "rule_set_330" + "remarks": "rule_set_331" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_x86_vsyscall_emulation", - "remarks": "rule_set_330" + "remarks": "rule_set_331" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable x86 vsyscall emulation", - "remarks": "rule_set_330" + "remarks": "rule_set_331" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_credentials", - "remarks": "rule_set_331" + "remarks": "rule_set_332" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on credential management", - "remarks": "rule_set_331" + "remarks": "rule_set_332" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_credentials", - "remarks": "rule_set_331" + "remarks": "rule_set_332" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on credential management", - "remarks": "rule_set_331" + "remarks": "rule_set_332" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_notifiers", - "remarks": "rule_set_332" + "remarks": "rule_set_333" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on notifier call chains", - "remarks": "rule_set_332" + "remarks": "rule_set_333" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_notifiers", - "remarks": "rule_set_332" + "remarks": "rule_set_333" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on notifier call chains", - "remarks": "rule_set_332" + "remarks": "rule_set_333" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_list", - "remarks": "rule_set_333" + "remarks": "rule_set_334" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on linked list manipulation", - "remarks": "rule_set_333" + "remarks": "rule_set_334" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_list", - "remarks": "rule_set_333" + "remarks": "rule_set_334" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on linked list manipulation", - "remarks": "rule_set_333" + "remarks": "rule_set_334" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_sg", - "remarks": "rule_set_334" + "remarks": "rule_set_335" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on scatter-gather (SG) table operations", - "remarks": "rule_set_334" + "remarks": "rule_set_335" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_debug_sg", - "remarks": "rule_set_334" + "remarks": "rule_set_335" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable checks on scatter-gather (SG) table operations", - "remarks": "rule_set_334" + "remarks": "rule_set_335" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_bug_on_data_corruption", - "remarks": "rule_set_335" + "remarks": "rule_set_336" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Trigger a kernel BUG when data corruption is detected", - "remarks": "rule_set_335" + "remarks": "rule_set_336" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_bug_on_data_corruption", - "remarks": "rule_set_335" + "remarks": "rule_set_336" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Trigger a kernel BUG when data corruption is detected", - "remarks": "rule_set_335" + "remarks": "rule_set_336" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_freelist_random", - "remarks": "rule_set_336" + "remarks": "rule_set_337" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize slab freelist", - "remarks": "rule_set_336" + "remarks": "rule_set_337" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_freelist_random", - "remarks": "rule_set_336" + "remarks": "rule_set_337" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize slab freelist", - "remarks": "rule_set_336" + "remarks": "rule_set_337" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_freelist_hardened", - "remarks": "rule_set_337" + "remarks": "rule_set_338" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden slab freelist metadata", - "remarks": "rule_set_337" + "remarks": "rule_set_338" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_freelist_hardened", - "remarks": "rule_set_337" + "remarks": "rule_set_338" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden slab freelist metadata", - "remarks": "rule_set_337" + "remarks": "rule_set_338" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_merge_default", - "remarks": "rule_set_338" + "remarks": "rule_set_339" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow merge of slab caches", - "remarks": "rule_set_338" + "remarks": "rule_set_339" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slab_merge_default", - "remarks": "rule_set_338" + "remarks": "rule_set_339" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow merge of slab caches", - "remarks": "rule_set_338" + "remarks": "rule_set_339" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slub_debug", - "remarks": "rule_set_339" + "remarks": "rule_set_340" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB debugging support", - "remarks": "rule_set_339" + "remarks": "rule_set_340" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_slub_debug", - "remarks": "rule_set_339" + "remarks": "rule_set_340" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB debugging support", - "remarks": "rule_set_339" + "remarks": "rule_set_340" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_page_poisoning", - "remarks": "rule_set_340" + "remarks": "rule_set_341" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable poison of pages after freeing", - "remarks": "rule_set_340" + "remarks": "rule_set_341" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_page_poisoning", - "remarks": "rule_set_340" + "remarks": "rule_set_341" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable poison of pages after freeing", - "remarks": "rule_set_340" + "remarks": "rule_set_341" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_compat_brk", - "remarks": "rule_set_341" + "remarks": "rule_set_342" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable compatibility with brk()", - "remarks": "rule_set_341" + "remarks": "rule_set_342" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_compat_brk", - "remarks": "rule_set_341" + "remarks": "rule_set_342" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable compatibility with brk()", - "remarks": "rule_set_341" + "remarks": "rule_set_342" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_strict_module_rwx", - "remarks": "rule_set_342" + "remarks": "rule_set_343" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the module text and rodata read-only", - "remarks": "rule_set_342" + "remarks": "rule_set_343" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_strict_module_rwx", - "remarks": "rule_set_342" + "remarks": "rule_set_343" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the module text and rodata read-only", - "remarks": "rule_set_342" + "remarks": "rule_set_343" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig", - "remarks": "rule_set_343" + "remarks": "rule_set_344" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable module signature verification", - "remarks": "rule_set_343" + "remarks": "rule_set_344" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig", - "remarks": "rule_set_343" + "remarks": "rule_set_344" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable module signature verification", - "remarks": "rule_set_343" + "remarks": "rule_set_344" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_force", - "remarks": "rule_set_344" + "remarks": "rule_set_345" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require modules to be validly signed", - "remarks": "rule_set_344" + "remarks": "rule_set_345" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_force", - "remarks": "rule_set_344" + "remarks": "rule_set_345" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require modules to be validly signed", - "remarks": "rule_set_344" + "remarks": "rule_set_345" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_all", - "remarks": "rule_set_345" + "remarks": "rule_set_346" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable automatic signing of all modules", - "remarks": "rule_set_345" + "remarks": "rule_set_346" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_all", - "remarks": "rule_set_345" + "remarks": "rule_set_346" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable automatic signing of all modules", - "remarks": "rule_set_345" + "remarks": "rule_set_346" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_sha512", - "remarks": "rule_set_346" + "remarks": "rule_set_347" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Sign kernel modules with SHA-512", - "remarks": "rule_set_346" + "remarks": "rule_set_347" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_sha512", - "remarks": "rule_set_346" + "remarks": "rule_set_347" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Sign kernel modules with SHA-512", - "remarks": "rule_set_346" + "remarks": "rule_set_347" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_hash", - "remarks": "rule_set_347" + "remarks": "rule_set_348" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify the hash to use when signing modules", - "remarks": "rule_set_347" + "remarks": "rule_set_348" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_hash", - "remarks": "rule_set_347" + "remarks": "rule_set_348" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify the hash to use when signing modules", - "remarks": "rule_set_347" + "remarks": "rule_set_348" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_key", - "remarks": "rule_set_348" + "remarks": "rule_set_349" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify module signing key to use", - "remarks": "rule_set_348" + "remarks": "rule_set_349" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_module_sig_key", - "remarks": "rule_set_348" + "remarks": "rule_set_349" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify module signing key to use", - "remarks": "rule_set_348" + "remarks": "rule_set_349" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_bug", - "remarks": "rule_set_349" + "remarks": "rule_set_350" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable support for BUG()", - "remarks": "rule_set_349" + "remarks": "rule_set_350" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_bug", - "remarks": "rule_set_349" + "remarks": "rule_set_350" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable support for BUG()", - "remarks": "rule_set_349" + "remarks": "rule_set_350" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_panic_on_oops", - "remarks": "rule_set_350" + "remarks": "rule_set_351" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic oops", - "remarks": "rule_set_350" + "remarks": "rule_set_351" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_panic_on_oops", - "remarks": "rule_set_350" + "remarks": "rule_set_351" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic oops", - "remarks": "rule_set_350" + "remarks": "rule_set_351" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_panic_timeout", - "remarks": "rule_set_351" + "remarks": "rule_set_352" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic timeout", - "remarks": "rule_set_351" + "remarks": "rule_set_352" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_panic_timeout", - "remarks": "rule_set_351" + "remarks": "rule_set_352" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic timeout", - "remarks": "rule_set_351" + "remarks": "rule_set_352" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_seccomp", - "remarks": "rule_set_352" + "remarks": "rule_set_353" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable seccomp to safely compute untrusted bytecode", - "remarks": "rule_set_352" + "remarks": "rule_set_353" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_seccomp", - "remarks": "rule_set_352" + "remarks": "rule_set_353" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable seccomp to safely compute untrusted bytecode", - "remarks": "rule_set_352" + "remarks": "rule_set_353" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_seccomp_filter", - "remarks": "rule_set_353" + "remarks": "rule_set_354" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable use of Berkeley Packet Filter with seccomp", - "remarks": "rule_set_353" + "remarks": "rule_set_354" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_seccomp_filter", - "remarks": "rule_set_353" + "remarks": "rule_set_354" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable use of Berkeley Packet Filter with seccomp", - "remarks": "rule_set_353" + "remarks": "rule_set_354" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security", - "remarks": "rule_set_354" + "remarks": "rule_set_355" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable different security models", - "remarks": "rule_set_354" + "remarks": "rule_set_355" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security", - "remarks": "rule_set_354" + "remarks": "rule_set_355" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable different security models", - "remarks": "rule_set_354" + "remarks": "rule_set_355" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security_yama", - "remarks": "rule_set_355" + "remarks": "rule_set_356" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Yama support", - "remarks": "rule_set_355" + "remarks": "rule_set_356" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_security_yama", - "remarks": "rule_set_355" + "remarks": "rule_set_356" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Yama support", - "remarks": "rule_set_355" + "remarks": "rule_set_356" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_latent_entropy", - "remarks": "rule_set_356" + "remarks": "rule_set_357" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Generate some entropy during boot and runtime", - "remarks": "rule_set_356" + "remarks": "rule_set_357" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_latent_entropy", - "remarks": "rule_set_356" + "remarks": "rule_set_357" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Generate some entropy during boot and runtime", - "remarks": "rule_set_356" + "remarks": "rule_set_357" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_stackleak", - "remarks": "rule_set_357" + "remarks": "rule_set_358" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Poison kernel stack before returning from syscalls", - "remarks": "rule_set_357" + "remarks": "rule_set_358" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_stackleak", - "remarks": "rule_set_357" + "remarks": "rule_set_358" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Poison kernel stack before returning from syscalls", - "remarks": "rule_set_357" + "remarks": "rule_set_358" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_structleak", - "remarks": "rule_set_358" + "remarks": "rule_set_359" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force initialization of variables containing userspace addresses", - "remarks": "rule_set_358" + "remarks": "rule_set_359" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_structleak", - "remarks": "rule_set_358" + "remarks": "rule_set_359" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force initialization of variables containing userspace addresses", - "remarks": "rule_set_358" + "remarks": "rule_set_359" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_structleak_byref_all", - "remarks": "rule_set_359" + "remarks": "rule_set_360" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "zero-init everything passed by reference", - "remarks": "rule_set_359" + "remarks": "rule_set_360" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_structleak_byref_all", - "remarks": "rule_set_359" + "remarks": "rule_set_360" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "zero-init everything passed by reference", - "remarks": "rule_set_359" + "remarks": "rule_set_360" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_randstruct", - "remarks": "rule_set_360" + "remarks": "rule_set_361" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize layout of sensitive kernel structures", - "remarks": "rule_set_360" + "remarks": "rule_set_361" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_gcc_plugin_randstruct", - "remarks": "rule_set_360" + "remarks": "rule_set_361" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize layout of sensitive kernel structures", - "remarks": "rule_set_360" + "remarks": "rule_set_361" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_syn_cookies", - "remarks": "rule_set_361" + "remarks": "rule_set_362" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable TCP/IP syncookie support", - "remarks": "rule_set_361" + "remarks": "rule_set_362" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_syn_cookies", - "remarks": "rule_set_361" + "remarks": "rule_set_362" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable TCP/IP syncookie support", - "remarks": "rule_set_361" + "remarks": "rule_set_362" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_kexec", - "remarks": "rule_set_362" + "remarks": "rule_set_363" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kexec system call", - "remarks": "rule_set_362" + "remarks": "rule_set_363" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_kexec", - "remarks": "rule_set_362" + "remarks": "rule_set_363" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kexec system call", - "remarks": "rule_set_362" + "remarks": "rule_set_363" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_hibernation", - "remarks": "rule_set_363" + "remarks": "rule_set_364" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable hibernation", - "remarks": "rule_set_363" + "remarks": "rule_set_364" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_hibernation", - "remarks": "rule_set_363" + "remarks": "rule_set_364" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable hibernation", - "remarks": "rule_set_363" + "remarks": "rule_set_364" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_binfmt_misc", - "remarks": "rule_set_364" + "remarks": "rule_set_365" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kernel support for MISC binaries", - "remarks": "rule_set_364" + "remarks": "rule_set_365" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_binfmt_misc", - "remarks": "rule_set_364" + "remarks": "rule_set_365" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable kernel support for MISC binaries", - "remarks": "rule_set_364" + "remarks": "rule_set_365" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_ptys", - "remarks": "rule_set_365" + "remarks": "rule_set_366" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable legacy (BSD) PTY support", - "remarks": "rule_set_365" + "remarks": "rule_set_366" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_legacy_ptys", - "remarks": "rule_set_365" + "remarks": "rule_set_366" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable legacy (BSD) PTY support", - "remarks": "rule_set_365" + "remarks": "rule_set_366" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_default_mmap_min_addr", - "remarks": "rule_set_366" + "remarks": "rule_set_367" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Low Address Space To Protect From User Allocation", - "remarks": "rule_set_366" + "remarks": "rule_set_367" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_default_mmap_min_addr", - "remarks": "rule_set_366" + "remarks": "rule_set_367" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Low Address Space To Protect From User Allocation", - "remarks": "rule_set_366" + "remarks": "rule_set_367" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_randomize_base", - "remarks": "rule_set_367" + "remarks": "rule_set_368" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize the address of the kernel image (KASLR)", - "remarks": "rule_set_367" + "remarks": "rule_set_368" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_randomize_base", - "remarks": "rule_set_367" + "remarks": "rule_set_368" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize the address of the kernel image (KASLR)", - "remarks": "rule_set_367" + "remarks": "rule_set_368" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_randomize_memory", - "remarks": "rule_set_368" + "remarks": "rule_set_369" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize the kernel memory sections", - "remarks": "rule_set_368" + "remarks": "rule_set_369" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_randomize_memory", - "remarks": "rule_set_368" + "remarks": "rule_set_369" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Randomize the kernel memory sections", - "remarks": "rule_set_368" + "remarks": "rule_set_369" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_ia32_emulation", - "remarks": "rule_set_369" + "remarks": "rule_set_370" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable IA32 emulation", - "remarks": "rule_set_369" + "remarks": "rule_set_370" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_ia32_emulation", - "remarks": "rule_set_369" + "remarks": "rule_set_370" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable IA32 emulation", - "remarks": "rule_set_369" + "remarks": "rule_set_370" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_modify_ldt_syscall", - "remarks": "rule_set_370" + "remarks": "rule_set_371" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the LDT (local descriptor table)", - "remarks": "rule_set_370" + "remarks": "rule_set_371" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_modify_ldt_syscall", - "remarks": "rule_set_370" + "remarks": "rule_set_371" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the LDT (local descriptor table)", - "remarks": "rule_set_370" + "remarks": "rule_set_371" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_arm64_sw_ttbr0_pan", - "remarks": "rule_set_371" + "remarks": "rule_set_372" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Emulate Privileged Access Never (PAN)", - "remarks": "rule_set_371" + "remarks": "rule_set_372" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_arm64_sw_ttbr0_pan", - "remarks": "rule_set_371" + "remarks": "rule_set_372" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Emulate Privileged Access Never (PAN)", - "remarks": "rule_set_371" + "remarks": "rule_set_372" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_unmap_kernel_at_el0", - "remarks": "rule_set_372" + "remarks": "rule_set_373" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Unmap kernel when running in userspace (aka KAISER)", - "remarks": "rule_set_372" + "remarks": "rule_set_373" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_config_unmap_kernel_at_el0", - "remarks": "rule_set_372" + "remarks": "rule_set_373" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Unmap kernel when running in userspace (aka KAISER)", - "remarks": "rule_set_372" + "remarks": "rule_set_373" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_selinuxuser_execheap", - "remarks": "rule_set_373" + "remarks": "rule_set_374" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the selinuxuser_execheap SELinux Boolean", - "remarks": "rule_set_373" + "remarks": "rule_set_374" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_selinuxuser_execheap", - "remarks": "rule_set_373" + "remarks": "rule_set_374" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the selinuxuser_execheap SELinux Boolean", - "remarks": "rule_set_373" + "remarks": "rule_set_374" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_deny_execmem", - "remarks": "rule_set_374" + "remarks": "rule_set_375" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the deny_execmem SELinux Boolean", - "remarks": "rule_set_374" + "remarks": "rule_set_375" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_deny_execmem", - "remarks": "rule_set_374" + "remarks": "rule_set_375" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the deny_execmem SELinux Boolean", - "remarks": "rule_set_374" + "remarks": "rule_set_375" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_selinuxuser_execstack", - "remarks": "rule_set_375" + "remarks": "rule_set_376" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the selinuxuser_execstack SELinux Boolean", - "remarks": "rule_set_375" + "remarks": "rule_set_376" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_selinuxuser_execstack", - "remarks": "rule_set_375" + "remarks": "rule_set_376" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the selinuxuser_execstack SELinux Boolean", - "remarks": "rule_set_375" + "remarks": "rule_set_376" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_ssh_sysadm_login", - "remarks": "rule_set_376" + "remarks": "rule_set_377" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the ssh_sysadm_login SELinux Boolean", - "remarks": "rule_set_376" + "remarks": "rule_set_377" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_ssh_sysadm_login", - "remarks": "rule_set_376" + "remarks": "rule_set_377" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the ssh_sysadm_login SELinux Boolean", - "remarks": "rule_set_376" + "remarks": "rule_set_377" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot_removed", - "remarks": "rule_set_377" + "remarks": "rule_set_378" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot Package", - "remarks": "rule_set_377" + "remarks": "rule_set_378" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot_removed", - "remarks": "rule_set_377" + "remarks": "rule_set_378" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot Package", - "remarks": "rule_set_377" + "remarks": "rule_set_378" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot-server_removed", - "remarks": "rule_set_378" + "remarks": "rule_set_379" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot-server Package", - "remarks": "rule_set_378" + "remarks": "rule_set_379" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot-server_removed", - "remarks": "rule_set_378" + "remarks": "rule_set_379" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot-server Package", - "remarks": "rule_set_378" + "remarks": "rule_set_379" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot-plugins_removed", - "remarks": "rule_set_379" + "remarks": "rule_set_380" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot-plugins Package", - "remarks": "rule_set_379" + "remarks": "rule_set_380" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_setroubleshoot-plugins_removed", - "remarks": "rule_set_379" + "remarks": "rule_set_380" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Uninstall setroubleshoot-plugins Package", - "remarks": "rule_set_379" + "remarks": "rule_set_380" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_periodic_cron_checking", - "remarks": "rule_set_380" + "remarks": "rule_set_381" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Periodic Execution of AIDE", - "remarks": "rule_set_380" + "remarks": "rule_set_381" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_periodic_cron_checking", - "remarks": "rule_set_380" + "remarks": "rule_set_381" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Periodic Execution of AIDE", - "remarks": "rule_set_380" + "remarks": "rule_set_381" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_scan_notification", - "remarks": "rule_set_381" + "remarks": "rule_set_382" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Notification of Post-AIDE Scan Details", - "remarks": "rule_set_381" + "remarks": "rule_set_382" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_scan_notification", - "remarks": "rule_set_381" + "remarks": "rule_set_382" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Notification of Post-AIDE Scan Details", - "remarks": "rule_set_381" + "remarks": "rule_set_382" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_verify_acls", - "remarks": "rule_set_382" + "remarks": "rule_set_383" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure AIDE to Verify Access Control Lists (ACLs)", - "remarks": "rule_set_382" + "remarks": "rule_set_383" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_verify_acls", - "remarks": "rule_set_382" + "remarks": "rule_set_383" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure AIDE to Verify Access Control Lists (ACLs)", - "remarks": "rule_set_382" + "remarks": "rule_set_383" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_verify_ext_attributes", - "remarks": "rule_set_383" + "remarks": "rule_set_384" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure AIDE to Verify Extended Attributes", - "remarks": "rule_set_383" + "remarks": "rule_set_384" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_verify_ext_attributes", - "remarks": "rule_set_383" + "remarks": "rule_set_384" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure AIDE to Verify Extended Attributes", - "remarks": "rule_set_383" + "remarks": "rule_set_384" } ], "control-implementations": [ { - "uuid": "bd5f172a-f0d6-4edd-a701-ca209a6bb6ee", + "uuid": "e198a7f5-3c07-45a7-932a-ea4e63ae6d4d", "source": "trestle://profiles/rhel10-anssi-high/profile.json", "description": "Control implementation for anssi_bp28_high", "props": [ @@ -18799,7 +18840,7 @@ ], "implemented-requirements": [ { - "uuid": "f1e895c9-0ad9-43b5-98ba-4d53dfdd4f98", + "uuid": "5c16c59b-f8ff-47c6-9948-4e38858a4c47", "control-id": "r4", "description": "The description for control-id r4.", "props": [ @@ -18812,7 +18853,7 @@ ] }, { - "uuid": "e441ce23-1056-47da-8f31-3329c599675d", + "uuid": "2a16bf68-c25c-4a34-9b09-f3fa37462fee", "control-id": "r6", "description": "The description for control-id r6.", "props": [ @@ -18825,7 +18866,7 @@ ] }, { - "uuid": "bfc7a67f-55b8-46ea-8f69-6d3a07838518", + "uuid": "2bea139e-af8a-43cb-abe5-558c4bb590fa", "control-id": "r15", "description": "The special case of direct access to physical memory is not handled.", "props": [ @@ -18922,7 +18963,7 @@ ] }, { - "uuid": "242bb1ee-912b-4a01-ae7d-e53b81b023da", + "uuid": "3dcaf0d3-735f-46f3-a001-15954d651e2c", "control-id": "r16", "description": "No notes for control-id R16.", "props": [ @@ -18959,7 +19000,7 @@ ] }, { - "uuid": "f4026395-1398-4fc1-883c-dbb87fda56b7", + "uuid": "058a982f-8a3e-4953-9ffe-1dca9a7b6a78", "control-id": "r17", "description": "No notes for control-id R17.", "props": [ @@ -19001,7 +19042,7 @@ ] }, { - "uuid": "2203df46-99a8-4f63-9196-1c8ff53a5f99", + "uuid": "e6f22cd4-646c-422a-a9ac-99c15d968cd3", "control-id": "r18", "description": "No notes for control-id R18.", "props": [ @@ -19048,7 +19089,7 @@ ] }, { - "uuid": "35a45401-aa9e-4ef5-bda3-ca7ebc6e8758", + "uuid": "a0b9baf5-d811-42fc-b9b6-b60acc5c5745", "control-id": "r19", "description": "No notes for control-id R19.", "props": [ @@ -19075,7 +19116,7 @@ ] }, { - "uuid": "75ebbb0b-c89c-4bb7-8721-934525d11e7a", + "uuid": "2458a631-8be8-4a9e-ac02-ba02b0aed926", "control-id": "r20", "description": "No notes for control-id R20.", "props": [ @@ -19107,7 +19148,7 @@ ] }, { - "uuid": "d18b53ef-57dd-4a12-94a8-40d6931aaac3", + "uuid": "5c7744a3-738f-4e86-b7cf-74f81c20abc4", "control-id": "r21", "description": "No notes for control-id R21.", "props": [ @@ -19144,7 +19185,7 @@ ] }, { - "uuid": "74f5397c-cdf9-47ac-bf38-89bc9a17b15e", + "uuid": "84f654d2-326c-46cb-9df0-8bfc1cdf2975", "control-id": "r22", "description": "This control doesn't disable the IPv6 stack, to disable it select the related rule.", "props": [ @@ -19161,7 +19202,7 @@ ] }, { - "uuid": "ef660315-06ff-4515-97de-e4ba36b9f2ea", + "uuid": "ef42b1a9-a865-403a-a4fe-cab05c65cdd1", "control-id": "r23", "description": "If the system can function without support for kernel modules, module support should be disabled by setting CONFIG_MODULES=n.", "props": [ @@ -19193,7 +19234,7 @@ ] }, { - "uuid": "e08d64ec-5e8f-487a-a6bb-3ea3eb1b62d7", + "uuid": "1eff950a-e23a-4de6-bd89-4eda04919a15", "control-id": "r24", "description": "The description for control-id r24.", "props": [ @@ -19206,7 +19247,7 @@ ] }, { - "uuid": "fca089a1-8da7-4049-a6e1-28ac8895e1b5", + "uuid": "617646a6-e312-4c36-a34e-24d27cb63fa8", "control-id": "r25", "description": "No notes for control-id R25.", "props": [ @@ -19243,7 +19284,7 @@ ] }, { - "uuid": "26744de8-2032-45e7-ad1f-a91be0e704bf", + "uuid": "08cfd957-3c4f-459f-ad28-deadbbaee358", "control-id": "r26", "description": "The description for control-id r26.", "props": [ @@ -19256,7 +19297,7 @@ ] }, { - "uuid": "6313419e-84a9-4ce5-b1e9-eea13784b12c", + "uuid": "7f31a660-fa52-4618-b18e-9a821f0c53e0", "control-id": "r27", "description": "No notes for control-id R27.", "props": [ @@ -19288,7 +19329,7 @@ ] }, { - "uuid": "b4755c2b-68dc-473d-9ff9-fc59d2440140", + "uuid": "f61cc306-e61b-4642-8ed6-a08e59548daa", "control-id": "r46", "description": "No notes for control-id R46.", "props": [ @@ -19305,7 +19346,7 @@ ] }, { - "uuid": "337146aa-447b-4748-8c16-6365342b3c66", + "uuid": "fcf64ed5-7ebe-4934-bea9-c3001fa05fcd", "control-id": "r47", "description": "The description for control-id r47.", "props": [ @@ -19318,7 +19359,7 @@ ] }, { - "uuid": "f3b135d7-814b-4571-9fcb-28ade3412872", + "uuid": "ce734176-f901-4e85-bc02-5fe27fd41de6", "control-id": "r48", "description": "In RHEL, the SELinux boolean allow_execheap is renamed to selinuxuser_execheap, and the boolean allow_execstack is renamed to selinuxuser_execstack. And allow_execmem is not available, deny_execmem provides the same functionality.", "props": [ @@ -19350,7 +19391,7 @@ ] }, { - "uuid": "237a9eee-1901-4648-9ad4-65c4e24a7d9c", + "uuid": "cc00c8bd-bd50-43ce-a431-d5f9e7ddeab5", "control-id": "r49", "description": "No notes for control-id R49.", "props": [ @@ -19377,7 +19418,7 @@ ] }, { - "uuid": "909de9d8-1b89-48ee-a27f-b750b778a6a7", + "uuid": "f177bdd0-6719-4fb4-9e79-464076e54df4", "control-id": "r66", "description": "The description for control-id r66.", "props": [ @@ -19390,7 +19431,7 @@ ] }, { - "uuid": "0485b7e4-7e7c-456b-a5d0-eb5fa39c7d54", + "uuid": "c07ba1f8-e626-42ff-a34f-92b9d08a4c20", "control-id": "r76", "description": "No notes for control-id R76.", "props": [ @@ -19432,7 +19473,7 @@ ] }, { - "uuid": "a246e95a-8b22-4ba8-b056-5b7867afe5f8", + "uuid": "b332c2c3-763d-48a9-b93b-e27bebabc67a", "control-id": "r77", "description": "The description for control-id r77.", "props": [ @@ -19445,7 +19486,7 @@ ] }, { - "uuid": "fb0c77e5-b2b7-42cd-bd63-c3a63448f630", + "uuid": "8bdab886-9835-4c59-8f05-eaf4207260b2", "control-id": "r1", "description": "This requirement can be checked, but remediation requires manual reinstall of the OS. The content automation cannot really configure the BIOS, but can in some cases, check settings that are visible to the OS. Like for example the NX/DX setting.", "props": [ @@ -19467,7 +19508,7 @@ ] }, { - "uuid": "4dfcfca7-b42c-440e-ac84-19d1590c8250", + "uuid": "64fa5a7a-c259-442f-ae2d-1469f7dd8bcb", "control-id": "r7", "description": "No notes for control-id R7.", "props": [ @@ -19484,7 +19525,7 @@ ] }, { - "uuid": "927f8ed4-4956-440f-bdee-7958dfbdc59e", + "uuid": "9d313d00-5b70-44f4-9c4e-8a524011a49a", "control-id": "r10", "description": "No notes for control-id R10.", "props": [ @@ -19501,7 +19542,7 @@ ] }, { - "uuid": "949396a0-0c34-486d-92e4-489ffcbb8939", + "uuid": "b74fba37-0939-41cb-9010-c9df634700bb", "control-id": "r29", "description": "The /boot partition mounted is essential to perform certain administrative actions, for example updating the kernel. Therefore, for better stability, in this requirement only rules to restrict the access to /boot are selected. It is not changed how the /boot is mounted.", "props": [ @@ -19558,7 +19599,7 @@ ] }, { - "uuid": "3c7f40ba-1f45-4d4c-8f2d-776929c9fda4", + "uuid": "13c001ed-45e3-464b-b113-b7652d66fcda", "control-id": "r36", "description": "There are cases of Systemd services which would stop working in case umask would be configured to 0027 for all services. One such example is the Cups service which needs to create sockets which need to be available for all users. Therefore, this part of the requirement can't be automated.", "props": [ @@ -19585,7 +19626,7 @@ ] }, { - "uuid": "7958f803-dd2a-4c18-b707-8927f6122bbc", + "uuid": "86b38849-814c-4f34-b95d-a097b76533c0", "control-id": "r37", "description": "Other partitioning mechanisms can include chroot and containers and are not contemplated in this requirement.", "props": [ @@ -19602,7 +19643,7 @@ ] }, { - "uuid": "21e59793-4a72-4eb3-b234-70248f1fdbb3", + "uuid": "af4aa0a7-7cb9-44d8-aeef-17e060655aa0", "control-id": "r38", "description": "No notes for control-id R38.", "props": [ @@ -19624,7 +19665,7 @@ ] }, { - "uuid": "4d7878c8-1cf9-4d95-a7dd-f487ebe3ecd1", + "uuid": "54879e30-ee76-4565-975f-06c62be0ad29", "control-id": "r41", "description": "The description for control-id r41.", "props": [ @@ -19637,7 +19678,7 @@ ] }, { - "uuid": "4576590e-4d32-4032-9cbe-9e3a9767e966", + "uuid": "fc01085c-3630-4643-b78b-f562889049ec", "control-id": "r45", "description": "No notes for control-id R45.", "props": [ @@ -19649,7 +19690,7 @@ ] }, { - "uuid": "d22010bd-2d96-453f-8305-3ca78f21449b", + "uuid": "59452d28-18e1-45b4-a91e-a814efa6f94f", "control-id": "r51", "description": "This concerns two aspects, the first is administrative, and involves prompt installation of secrets or trusted elements by the sysadmin. The second involves removal of any default secret or trusted element configured by the operating system during install process, e.g. default known passwords.", "props": [ @@ -19661,7 +19702,7 @@ ] }, { - "uuid": "432e95ac-e551-43b4-be90-20ad848a4a6b", + "uuid": "7ac6b91a-5bb7-40f4-8724-354c2f4d448e", "control-id": "r57", "description": "The description for control-id r57.", "props": [ @@ -19674,7 +19715,7 @@ ] }, { - "uuid": "a1c25555-8762-4bc4-9c9f-10502319addd", + "uuid": "63cf0e55-c1a0-4f0d-b5e0-f798d99b5cad", "control-id": "r60", "description": "The description for control-id r60.", "props": [ @@ -19687,7 +19728,7 @@ ] }, { - "uuid": "7a62f78b-5363-4d29-a893-f411543f98b6", + "uuid": "9070477d-ae5b-4855-9549-0ccf556ed362", "control-id": "r64", "description": "SELinux policies limit the privileges of services and daemons just to those which are required. The policies should be enough to restrict the services' privileges to its essentials, but the automated content cannot assess whether they are the minimum required for the deployment.", "props": [ @@ -19704,7 +19745,7 @@ ] }, { - "uuid": "3a183450-04e2-429c-8923-e11a4055bae8", + "uuid": "a69e0c50-29bb-438c-a966-096de5eba948", "control-id": "r65", "description": "The description for control-id r65.", "props": [ @@ -19717,7 +19758,7 @@ ] }, { - "uuid": "d95136ca-739d-4cbf-89a0-cf5406705dff", + "uuid": "8e003cd5-2a54-461c-a922-a62755889751", "control-id": "r71", "description": "A lot of recommendations and requirements from the DAT-PA-012 document are administrative and hard to automate. The rules selected below address a few of the aspects that can be covered, keep in mind that these configurations should be customized for the systems deployment requirements.", "props": [ @@ -19804,7 +19845,7 @@ ] }, { - "uuid": "830c05a2-229a-481d-a6dd-62fc22c11b6b", + "uuid": "91774416-5088-47a0-968d-d2ce4c5d32a9", "control-id": "r72", "description": "No notes for control-id R72.", "props": [ @@ -19816,7 +19857,7 @@ ] }, { - "uuid": "c6bf9cce-3d26-44ec-9ee9-7b0dcb944f78", + "uuid": "04c69189-2468-47da-a941-1b26680429d7", "control-id": "r73", "description": "No notes for control-id R73.", "props": [ @@ -20108,7 +20149,7 @@ ] }, { - "uuid": "8b1fa61a-31be-457b-857a-dcc47795e7f9", + "uuid": "85ed547f-721d-4379-83f6-ce53b6c156d2", "control-id": "r78", "description": "The description for control-id r78.", "props": [ @@ -20121,7 +20162,7 @@ ] }, { - "uuid": "794020bc-c590-4135-b056-21ef20b41afb", + "uuid": "b480bd1e-1f26-422b-a232-b8f6e6a666fe", "control-id": "r2", "description": "The description for control-id r2.", "props": [ @@ -20134,7 +20175,7 @@ ] }, { - "uuid": "f1ab67b4-192d-4ae1-9a8f-86dc8c780c1c", + "uuid": "9fad6b1b-b438-455b-a95d-4a773ef74125", "control-id": "r3", "description": "The description for control-id r3.", "props": [ @@ -20147,7 +20188,7 @@ ] }, { - "uuid": "802d506d-aacc-4dca-bcdd-57821ed66910", + "uuid": "2a731c27-016d-492a-b1fa-f382c423ada6", "control-id": "r5", "description": "No notes for control-id R5.", "props": [ @@ -20164,7 +20205,7 @@ ] }, { - "uuid": "0cd6124c-0c3a-4dc1-9436-a202272cca2e", + "uuid": "fcd0493f-7a1e-4e8e-8bca-0ca2bae55180", "control-id": "r8", "description": "No notes for control-id R8.", "props": [ @@ -20236,7 +20277,7 @@ ] }, { - "uuid": "5b9d0c5c-24f8-469d-9124-28dc5654a296", + "uuid": "04e7a1ea-3771-4717-a190-3d9ee41816fb", "control-id": "r9", "description": "No notes for control-id R9.", "props": [ @@ -20298,7 +20339,7 @@ ] }, { - "uuid": "dad351c3-f045-4c6d-9b45-2a93b0bf4e99", + "uuid": "65613536-b43a-403a-af29-164bc0f77a4d", "control-id": "r11", "description": "No notes for control-id R11.", "props": [ @@ -20315,7 +20356,7 @@ ] }, { - "uuid": "0402cb60-e0a9-42b0-bd51-ee2f0527bd27", + "uuid": "96857ce1-e81e-432a-a266-ac5bfbea7db5", "control-id": "r12", "description": "No notes for control-id R12.", "props": [ @@ -20442,7 +20483,7 @@ ] }, { - "uuid": "4e7ff8d5-2e61-474b-b047-e95a8f62eaf4", + "uuid": "db3f544f-ae99-442f-921f-1676c8c2e047", "control-id": "r13", "description": "When IPv6 is not in use, disable it, otherwise secure the IPv6 stack. This control hardens the IPv6 stack, to disable it use the related rules instead.", "props": [ @@ -20534,7 +20575,7 @@ ] }, { - "uuid": "1ada932d-859d-4bc4-a075-7987f31fd22c", + "uuid": "5c87f9f2-4eb8-47b7-b70b-444181b58eda", "control-id": "r14", "description": "The rule for the /proc file system is not implemented", "props": [ @@ -20571,7 +20612,7 @@ ] }, { - "uuid": "b87603db-134e-4ac4-bc8c-83db98354e40", + "uuid": "10df04a5-dfc1-4ece-92a7-d41beb1787a5", "control-id": "r28", "description": "No notes for control-id R28.", "props": [ @@ -20703,7 +20744,7 @@ ] }, { - "uuid": "ce7aad16-27bb-473b-bb72-6c963a9a08be", + "uuid": "931b7631-bde9-464f-b7a4-7131b40a21b2", "control-id": "r32", "description": "ANSSI doesn't specify the length of the inactivity period, we are choosing 10 minutes as reasonable number.", "props": [ @@ -20725,7 +20766,7 @@ ] }, { - "uuid": "6a6fed57-077d-46c2-919d-91d40dbaee8b", + "uuid": "6e5196e9-014b-4d85-b3b6-91a4f7fc1486", "control-id": "r33", "description": "By disabling direct root logins proper accountability is ensured. Users will login first, then escalate to privileged (root) access. Change of privilege operations must be based on executables to monitor the activities performed (for example sudo). Nonetheless, the content automation cannot ensure that each administrator was given a nominative administration account separate from his normal user account.", "props": [ @@ -20767,7 +20808,7 @@ ] }, { - "uuid": "20e77c17-a940-4d30-b2bb-2408ce698418", + "uuid": "d994f63a-2c1e-43ca-86b5-201ad9f72ab8", "control-id": "r34", "description": "The description for control-id r34.", "props": [ @@ -20780,7 +20821,7 @@ ] }, { - "uuid": "7ffac8df-1ed5-4775-8500-11f7533a1d57", + "uuid": "52ac1ac1-cb1e-4a26-b3a3-10662363c545", "control-id": "r35", "description": "The description for control-id r35.", "props": [ @@ -20793,7 +20834,7 @@ ] }, { - "uuid": "e75389fa-9b83-45ec-a0d5-4e4418269ed1", + "uuid": "8623d277-fa99-4ae7-b96d-3e0301941fc2", "control-id": "r39", "description": "No notes for control-id R39.", "props": [ @@ -20830,7 +20871,7 @@ ] }, { - "uuid": "4c541013-dcad-44f5-ad8a-59d9bfa57a9b", + "uuid": "7bcd2e5a-f283-4346-ae8b-e7acf0ff51c6", "control-id": "r40", "description": "No notes for control-id R40.", "props": [ @@ -20847,7 +20888,7 @@ ] }, { - "uuid": "d00988a6-0820-4d4f-8b85-62952794c4c5", + "uuid": "9f51e70a-8256-412d-8bc1-de0b3330b943", "control-id": "r42", "description": "No notes for control-id R42.", "props": [ @@ -20864,7 +20905,7 @@ ] }, { - "uuid": "1141696e-bd22-4595-b19f-9c4c14dc1054", + "uuid": "341dcc7c-5955-4c69-9d5d-1b39edbd7c73", "control-id": "r43", "description": "No notes for control-id R43.", "props": [ @@ -20881,7 +20922,7 @@ ] }, { - "uuid": "7dcdd6a9-24a6-4f9f-a95d-fa512f3afea7", + "uuid": "c05f6a09-d1b4-4a95-8046-909efabd396c", "control-id": "r44", "description": "The description for control-id r44.", "props": [ @@ -20894,7 +20935,7 @@ ] }, { - "uuid": "b66b52aa-5891-4545-a7de-51532c58be80", + "uuid": "fbd26c73-892e-4d2c-bac1-6005c7efa7dd", "control-id": "r50", "description": "No notes for control-id R50.", "props": [ @@ -21261,7 +21302,7 @@ ] }, { - "uuid": "26b8c78a-b029-41e2-8ddb-bbde5b8a58f8", + "uuid": "5086f320-0583-40b3-bd9e-8175c2507ab7", "control-id": "r52", "description": "The description for control-id r52.", "props": [ @@ -21274,7 +21315,7 @@ ] }, { - "uuid": "fef1db25-bb44-46b7-a5ed-068a0199c5cd", + "uuid": "4ea68d0f-3c5d-4ad6-ac20-3c13abc14450", "control-id": "r55", "description": "The approach of the selected rules is to use and configure pam_namespace module.", "props": [ @@ -21306,7 +21347,7 @@ ] }, { - "uuid": "14ddd793-ee98-457f-9e0a-1527164ce4fc", + "uuid": "78821b2f-af10-404f-921d-96258eccd7e0", "control-id": "r63", "description": "The description for control-id r63.", "props": [ @@ -21319,7 +21360,7 @@ ] }, { - "uuid": "869a00d2-1c92-4898-80cb-ef6bd22f1251", + "uuid": "8d9b6b0b-62a8-447b-a0b6-a4e4a24633e6", "control-id": "r67", "description": "In systems where remote authentication is handled through sssd service, PAM delegates\nrequests for remote authentication to sssd service through a local Unix socket. The sssd\nservice can use IPA, AD or LDAP as a remote database containing information required for authentication.\nIn case LDAP is configured manually, there are several configuration options which should be chedked.", "props": [ @@ -21341,7 +21382,7 @@ ] }, { - "uuid": "51b7707f-eda1-42eb-8ed9-37cdac374960", + "uuid": "57f28c73-1816-4a94-a982-aeafb85fa9cc", "control-id": "r69", "description": "The description for control-id r69.", "props": [ @@ -21354,7 +21395,7 @@ ] }, { - "uuid": "62f7029f-ef0e-40ac-a535-f13d9a7fdb28", + "uuid": "bdce061f-1bbc-4235-85f9-478c7a8e2b5e", "control-id": "r70", "description": "The description for control-id r70.", "props": [ @@ -21367,7 +21408,7 @@ ] }, { - "uuid": "ac8ddcb6-cc7c-44be-a191-fdd1a6a278b6", + "uuid": "d29d0e6b-3506-414b-98ab-c482ec980c92", "control-id": "r74", "description": "No notes for control-id R74.", "props": [ @@ -21384,7 +21425,7 @@ ] }, { - "uuid": "3fb2847f-6a8f-46c9-b515-329206df2ed9", + "uuid": "04e72a80-de72-4e08-b6bb-730d1d120032", "control-id": "r75", "description": "Only the alias for root user is covered by the rule. The other services cannot be reliably covered, as there is no simple way of determining what is a service account.", "props": [ @@ -21401,7 +21442,7 @@ ] }, { - "uuid": "e7164ce3-e0eb-4c95-8c02-61bc3805bc56", + "uuid": "c5416494-e002-4736-8913-ebf965a33b13", "control-id": "r79", "description": "SELinux can provide confinement and monitoring of services, and AIDE provides basic integrity checking. System logs are configured as part of R43. Hardening of particular services should be done on a case by case basis and is not automated by this content.", "props": [ @@ -21428,7 +21469,7 @@ ] }, { - "uuid": "964273cc-9558-4805-a5e9-690d5dc81577", + "uuid": "67e35e49-2439-48e8-90d9-13840143332e", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -21441,7 +21482,7 @@ ] }, { - "uuid": "f7e5df6f-5f34-4445-b72d-44f31ce15bf3", + "uuid": "023ef56e-c169-45ca-8f93-48e04ca24c83", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -21513,7 +21554,7 @@ ] }, { - "uuid": "fc81deb7-9398-4c76-aa5f-179f1c18919d", + "uuid": "9715895f-17b6-4aa9-be5c-2adf442ce799", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -21535,7 +21576,7 @@ ] }, { - "uuid": "52c17ccf-ad69-4d9d-ad61-beb556b8d908", + "uuid": "3ebf97a3-7009-4f7d-8c8a-ebb136f71fca", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -21562,7 +21603,7 @@ ] }, { - "uuid": "2a4ab480-7150-4f29-90ab-4b8ae5e8c138", + "uuid": "fdac0b6a-8e12-4ed8-b52c-778b69c87eb5", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -21584,7 +21625,7 @@ ] }, { - "uuid": "cf98e0ce-7d86-4af8-b4ac-ece8c6294e3d", + "uuid": "f96a8128-3c50-40da-aab4-63a091bce0a9", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -21597,7 +21638,7 @@ ] }, { - "uuid": "043c3622-4b9b-4e66-8c5e-1baa93363f9d", + "uuid": "735ec44e-d6b1-4af2-8ded-1b614d6b69cc", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -21625,11 +21666,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "ac78cf0a-01de-45f2-aa3f-f27b33a4b3fc", + "uuid": "a220d7fc-21d8-4cf5-b75d-7232524e868c", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -21661,7 +21707,7 @@ ] }, { - "uuid": "16ff4cf5-0bce-4116-b15d-11393593e2ae", + "uuid": "3948c74d-47c8-4a6b-9bcd-c01101091ee5", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -21699,7 +21745,7 @@ ] }, { - "uuid": "06222ba3-f0cd-4443-9ec7-157bcd5787e2", + "uuid": "1d927cb2-17e2-47b9-bc99-eb7bb6b8cd97", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -21736,7 +21782,7 @@ ] }, { - "uuid": "3b0c45e6-7c11-4f9a-8b9f-76852cdb759c", + "uuid": "26e6eaaa-c04e-4652-88ad-97b0d7fbd077", "control-id": "r80", "description": "The description for control-id r80.", "props": [ diff --git a/component-definitions/rhel10/rhel10-anssi-intermediary/component-definition.json b/component-definitions/rhel10/rhel10-anssi-intermediary/component-definition.json index e7eed9204..72054f754 100644 --- a/component-definitions/rhel10/rhel10-anssi-intermediary/component-definition.json +++ b/component-definitions/rhel10/rhel10-anssi-intermediary/component-definition.json @@ -3,8 +3,8 @@ "uuid": "1f77331e-b554-42c3-a018-031a615e42c7", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:23:17.372532+00:00", - "version": "1.3", + "last-modified": "2025-12-17T11:10:50.929981+00:00", + "version": "1.4", "oscal-version": "1.1.3" }, "components": [ @@ -347,7 +347,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -365,7 +365,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -905,2443 +905,2455 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_password_auth", + "value": "accounts_password_pam_unix_rounds_system_auth", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - password-auth", + "value": "Set number of Password Hashing Rounds - system-auth", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_unix_rounds_password_auth", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Set number of Password Hashing Rounds - password-auth", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_password", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Boot Loader Password in grub2", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_l1tf_argument", + "value": "grub2_password", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure L1 Terminal Fault mitigations", + "value": "Set Boot Loader Password in grub2", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_page_poison_argument", + "value": "grub2_l1tf_argument", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable page allocator poisoning", + "value": "Configure L1 Terminal Fault mitigations", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_pti_argument", + "value": "grub2_page_poison_argument", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Page-Table Isolation (KPTI)", + "value": "Enable page allocator poisoning", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_slab_nomerge_argument", + "value": "grub2_pti_argument", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable merging of slabs with similar size", + "value": "Enable Kernel Page-Table Isolation (KPTI)", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_slub_debug_argument", + "value": "grub2_slab_nomerge_argument", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SLUB/SLAB allocator poisoning", + "value": "Disable merging of slabs with similar size", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_spec_store_bypass_disable_argument", + "value": "grub2_slub_debug_argument", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Speculative Store Bypass Mitigation", + "value": "Enable SLUB/SLAB allocator poisoning", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_spectre_v2_argument", + "value": "grub2_spec_store_bypass_disable_argument", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Spectre v2 mitigation", + "value": "Configure Speculative Store Bypass Mitigation", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_mds_argument", + "value": "grub2_spectre_v2_argument", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Microarchitectural Data Sampling mitigation", + "value": "Enforce Spectre v2 mitigation", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_mce_argument", + "value": "grub2_mds_argument", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Force kernel panic on uncorrected MCEs", + "value": "Configure Microarchitectural Data Sampling mitigation", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_page_alloc_shuffle_argument", + "value": "grub2_mce_argument", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable randomization of the page allocator", + "value": "Force kernel panic on uncorrected MCEs", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_rng_core_default_quality_argument", + "value": "grub2_page_alloc_shuffle_argument", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the confidence in TPM for entropy", + "value": "Enable randomization of the page allocator", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_vm_mmap_min_addr", + "value": "grub2_rng_core_default_quality_argument", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent applications from mapping low portion of virtual memory", + "value": "Configure the confidence in TPM for entropy", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_vm_mmap_min_addr", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Prevent applications from mapping low portion of virtual memory", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_pid_max", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure maximum number of process identifiers", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_event_max_sample_rate", + "value": "sysctl_kernel_pid_max", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit sampling frequency of the Perf system", + "value": "Configure maximum number of process identifiers", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_cpu_time_max_percent", + "value": "sysctl_kernel_perf_event_max_sample_rate", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit CPU consumption of the Perf system", + "value": "Limit sampling frequency of the Perf system", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_perf_event_paranoid", + "value": "sysctl_kernel_perf_cpu_time_max_percent", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disallow kernel profiling by unprivileged users", + "value": "Limit CPU consumption of the Perf system", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "sysctl_kernel_perf_event_paranoid", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Disallow kernel profiling by unprivileged users", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_sysrq", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disallow magic SysRq key", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_unprivileged_bpf_disabled", + "value": "sysctl_kernel_sysrq", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", + "value": "Disallow magic SysRq key", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_panic_on_oops", + "value": "sysctl_kernel_unprivileged_bpf_disabled", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Kernel panic on oops", + "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "sysctl_kernel_panic_on_oops", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Kernel panic on oops", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_core_bpf_jit_harden", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Harden the operation of the BPF just-in-time compiler", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_core_bpf_jit_harden", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Harden the operation of the BPF just-in-time compiler", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_local", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Packets Routed Between Local Interfaces", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_local", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Disable Accepting Packets Routed Between Local Interfaces", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_shared_media", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_shared_media", + "value": "sysctl_net_ipv4_conf_all_shared_media", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Sending and Accepting Shared Media Redirects by Default", + "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_shared_media", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Configure Sending and Accepting Shared Media Redirects by Default", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_arp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure ARP filtering for All IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_arp_ignore", + "value": "sysctl_net_ipv4_conf_all_arp_filter", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", + "value": "Configure ARP filtering for All IPv4 Interfaces", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_route_localnet", + "value": "sysctl_net_ipv4_conf_all_arp_ignore", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", + "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", + "value": "sysctl_net_ipv4_conf_all_route_localnet", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", + "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_local_port_range", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Kernel Parameter to Increase Local Port Range", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_rfc1337", + "value": "sysctl_net_ipv4_ip_local_port_range", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", + "value": "Set Kernel Parameter to Increase Local Port Range", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv4_tcp_rfc1337", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_router_solicitations", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_router_solicitations", + "value": "sysctl_net_ipv6_conf_all_router_solicitations", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", + "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", + "value": "sysctl_net_ipv6_conf_default_router_solicitations", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", + "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", + "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", + "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", + "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", + "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", + "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", + "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_autoconf", + "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Auto Configuration on All IPv6 Interfaces", + "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_autoconf", + "value": "sysctl_net_ipv6_conf_all_autoconf", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", + "value": "Configure Auto Configuration on All IPv6 Interfaces", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_autoconf", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_max_addresses", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_max_addresses", + "value": "sysctl_net_ipv6_conf_all_max_addresses", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", + "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_net_ipv6_conf_default_max_addresses", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_fifos", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_regular", + "value": "sysctl_fs_protected_fifos", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Regular files", + "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_symlinks", + "value": "sysctl_fs_protected_regular", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", + "value": "Enable Kernel Parameter to Enforce DAC on Regular files", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_fs_protected_symlinks", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_nodev_nonroot_local_partitions", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nodev Option to Non-Root Local Partitions", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_boot", + "value": "mount_option_nodev_nonroot_local_partitions", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /boot Located On Separate Partition", + "value": "Add nodev Option to Non-Root Local Partitions", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_boot_nosuid", + "value": "partition_for_boot", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /boot", + "value": "Ensure /boot Located On Separate Partition", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_boot_noexec", + "value": "mount_option_boot_nosuid", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /boot", + "value": "Add nosuid Option to /boot", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_opt", + "value": "mount_option_boot_noexec", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /opt Located On Separate Partition", + "value": "Add noexec Option to /boot", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_opt_nosuid", + "value": "partition_for_opt", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /opt", + "value": "Ensure /opt Located On Separate Partition", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "systemd_tmp_mount_enabled", + "value": "mount_option_opt_nosuid", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure tmp.mount Unit Is Enabled", + "value": "Add nosuid Option to /opt", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_tmp_nosuid", + "value": "systemd_tmp_mount_enabled", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /tmp", + "value": "Ensure tmp.mount Unit Is Enabled", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_tmp_noexec", + "value": "mount_option_tmp_nosuid", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /tmp", + "value": "Add nosuid Option to /tmp", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_srv", + "value": "mount_option_tmp_noexec", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /srv Located On Separate Partition", + "value": "Add noexec Option to /tmp", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_srv_nosuid", + "value": "partition_for_srv", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /srv", + "value": "Ensure /srv Located On Separate Partition", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_home", + "value": "mount_option_srv_nosuid", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /home Located On Separate Partition", + "value": "Add nosuid Option to /srv", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_home_nosuid", + "value": "partition_for_home", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /home", + "value": "Ensure /home Located On Separate Partition", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_home_noexec", + "value": "mount_option_home_nosuid", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /home", + "value": "Add nosuid Option to /home", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_usr", + "value": "mount_option_home_noexec", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /usr Located On Separate Partition", + "value": "Add noexec Option to /home", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var", + "value": "partition_for_usr", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var Located On Separate Partition", + "value": "Ensure /usr Located On Separate Partition", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_nosuid", + "value": "partition_for_var", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var", + "value": "Ensure /var Located On Separate Partition", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_noexec", + "value": "mount_option_var_nosuid", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var", + "value": "Add nosuid Option to /var", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_log", + "value": "mount_option_var_noexec", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/log Located On Separate Partition", + "value": "Add noexec Option to /var", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_log_noexec", + "value": "partition_for_var_log", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var/log", + "value": "Ensure /var/log Located On Separate Partition", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_log_nosuid", + "value": "mount_option_var_log_noexec", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var/log", + "value": "Add noexec Option to /var/log", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_tmp", + "value": "mount_option_var_log_nosuid", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/tmp Located On Separate Partition", + "value": "Add nosuid Option to /var/log", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_tmp_nosuid", + "value": "partition_for_var_tmp", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /var/tmp", + "value": "Ensure /var/tmp Located On Separate Partition", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_var_tmp_noexec", + "value": "mount_option_var_tmp_nosuid", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /var/tmp", + "value": "Add nosuid Option to /var/tmp", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "logind_session_timeout", + "value": "mount_option_var_tmp_noexec", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Logind to terminate idle sessions after certain time of inactivity", + "value": "Add noexec Option to /var/tmp", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "logind_session_timeout", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Configure Logind to terminate idle sessions after certain time of inactivity", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_direct_root_logins", + "value": "accounts_tmout", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Direct root Logins Not Allowed", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "no_direct_root_logins", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Direct root Logins Not Allowed", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sshd_disable_root_login", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Disable SSH Root Login", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands_sudo", + "value": "package_sudo_installed", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", + "value": "Install sudo Package", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "audit_rules_privileged_commands_sudo", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "service_auditd_enabled", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Enable auditd Service", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_noexec", + "value": "package_audit_installed", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_requiretty", + "value": "sudo_add_noexec", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", + "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_add_requiretty", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_ignore_dot", + "value": "sudo_add_use_pty", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_env_reset", + "value": "sudo_add_ignore_dot", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", + "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_no_root_target", + "value": "sudo_add_env_reset", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Don't target root user in the sudoers file", + "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_no_command_negation", + "value": "sudoers_no_root_target", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Don't define allowed commands in sudoers by means of exclusion", + "value": "Don't target root user in the sudoers file", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudoers_explicit_command_args", + "value": "sudoers_no_command_negation", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Explicit arguments in sudo specifications", + "value": "Don't define allowed commands in sudoers by means of exclusion", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shadow", + "value": "sudoers_explicit_command_args", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns shadow File", + "value": "Explicit arguments in sudo specifications", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shadow", + "value": "file_owner_etc_shadow", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns shadow File", + "value": "Verify User Who Owns shadow File", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shadow", + "value": "file_groupowner_etc_shadow", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on shadow File", + "value": "Verify Group Who Owns shadow File", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_gshadow", + "value": "file_permissions_etc_shadow", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns gshadow File", + "value": "Verify Permissions on shadow File", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_gshadow", + "value": "file_owner_etc_gshadow", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns gshadow File", + "value": "Verify User Who Owns gshadow File", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_gshadow", + "value": "file_groupowner_etc_gshadow", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on gshadow File", + "value": "Verify Group Who Owns gshadow File", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_passwd", + "value": "file_permissions_etc_gshadow", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns passwd File", + "value": "Verify Permissions on gshadow File", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_passwd", + "value": "file_owner_etc_passwd", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns passwd File", + "value": "Verify User Who Owns passwd File", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_passwd", + "value": "file_groupowner_etc_passwd", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on passwd File", + "value": "Verify Group Who Owns passwd File", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_group", + "value": "file_permissions_etc_passwd", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns group File", + "value": "Verify Permissions on passwd File", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_group", + "value": "file_owner_etc_group", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns group File", + "value": "Verify User Who Owns group File", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_group", + "value": "file_groupowner_etc_group", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on group File", + "value": "Verify Group Who Owns group File", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shells", + "value": "file_permissions_etc_group", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Who Owns /etc/shells File", + "value": "Verify Permissions on group File", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shells", + "value": "file_owner_etc_shells", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/shells File", + "value": "Verify Who Owns /etc/shells File", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shells", + "value": "file_groupowner_etc_shells", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/shells File", + "value": "Verify Group Who Owns /etc/shells File", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_group_ownership", + "value": "file_permissions_etc_shells", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Group-Owned By The Primary Group", + "value": "Verify Permissions on /etc/shells File", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_user_ownership", + "value": "accounts_user_dot_group_ownership", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Owned By the Primary User", + "value": "User Initialization Files Must Be Group-Owned By The Primary Group", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_users_home_files_groupownership", + "value": "accounts_user_dot_user_ownership", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", + "value": "User Initialization Files Must Be Owned By the Primary User", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_users_home_files_ownership", + "value": "accounts_users_home_files_groupownership", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", + "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_users_home_files_permissions", + "value": "accounts_users_home_files_ownership", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", + "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permission_user_init_files", + "value": "accounts_users_home_files_permissions", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", + "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_system_commands_group_root_owned", + "value": "file_permission_user_init_files", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that system commands directories have root as a group owner", + "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_system_commands_root_owned", + "value": "dir_system_commands_group_root_owned", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that system commands directories have root ownership", + "value": "Verify that system commands directories have root as a group owner", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_system_commands_dirs", + "value": "dir_system_commands_root_owned", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that system commands files are group owned by root or a system account", + "value": "Verify that system commands directories have root ownership", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_binary_dirs", + "value": "file_groupownership_system_commands_dirs", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Root Ownership", + "value": "Verify that system commands files are group owned by root or a system account", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_binary_dirs", + "value": "file_ownership_binary_dirs", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Restrictive Permissions", + "value": "Verify that System Executables Have Root Ownership", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_permissions_binary_dirs", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify that System Executables Have Restrictive Permissions", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "file_owner_sshd_config", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_etc_selinux", + "value": "file_permissions_sshd_config", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/selinux Directory", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_etc_selinux", + "value": "directory_owner_etc_selinux", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/selinux Directory", + "value": "Verify User Who Owns /etc/selinux Directory", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_etc_selinux", + "value": "directory_groupowner_etc_selinux", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/selinux Directory", + "value": "Verify Group Who Owns /etc/selinux Directory", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_sestatus_conf", + "value": "directory_permissions_etc_selinux", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/sestatus.conf File", + "value": "Verify Permissions On /etc/selinux Directory", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_sestatus_conf", + "value": "file_owner_etc_sestatus_conf", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/sestatus.conf File", + "value": "Verify User Who Owns /etc/sestatus.conf File", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_sestatus_conf", + "value": "file_groupowner_etc_sestatus_conf", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/sestatus.conf File", + "value": "Verify Group Who Owns /etc/sestatus.conf File", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_etc_ipsecd", + "value": "file_permissions_etc_sestatus_conf", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/ipsec.d Directory", + "value": "Verify Permissions On /etc/sestatus.conf File", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_etc_ipsecd", + "value": "directory_owner_etc_ipsecd", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/ipsec.d Directory", + "value": "Verify User Who Owns /etc/ipsec.d Directory", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_etc_ipsecd", + "value": "directory_groupowner_etc_ipsecd", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions On /etc/ipsec.d Directory", + "value": "Verify Group Who Owns /etc/ipsec.d Directory", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_ipsec_conf", + "value": "directory_permissions_etc_ipsecd", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/ipsec.conf File", + "value": "Verify Permissions On /etc/ipsec.d Directory", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_ipsec_conf", + "value": "file_owner_etc_ipsec_conf", + "remarks": "rule_set_189" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Verify User Who Owns /etc/ipsec.conf File", "remarks": "rule_set_189" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "file_groupowner_etc_ipsec_conf", + "remarks": "rule_set_190" + }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" } ], "control-implementations": [ { - "uuid": "421d7b85-bfe2-498f-8869-1610062a0a12", + "uuid": "52a04cde-063c-4370-90bc-1a5462519153", "source": "trestle://profiles/rhel10-anssi-intermediary/profile.json", "description": "Control implementation for anssi_bp28_intermediary", "props": [ @@ -3559,7 +3571,7 @@ ], "implemented-requirements": [ { - "uuid": "8dfe54e6-c410-4af4-8678-5b3f9161735d", + "uuid": "4b7edf11-75c2-4a72-95f7-2bfcd3dd0b02", "control-id": "r2", "description": "The description for control-id r2.", "props": [ @@ -3572,7 +3584,7 @@ ] }, { - "uuid": "9b26c817-7733-464e-bbf2-c9d7b334e867", + "uuid": "90da44f1-fa72-454b-a3ee-fbd761f8707e", "control-id": "r3", "description": "The description for control-id r3.", "props": [ @@ -3585,7 +3597,7 @@ ] }, { - "uuid": "36b0747e-0ec0-4ab8-8486-a4737a19d025", + "uuid": "3a09f8e1-d96a-4a94-9229-5554e9e2b3b6", "control-id": "r5", "description": "No notes for control-id R5.", "props": [ @@ -3602,7 +3614,7 @@ ] }, { - "uuid": "228834a9-0947-4779-84fe-e98bc70c0bb8", + "uuid": "421e30a7-6e99-4b53-a958-549650c4ca63", "control-id": "r8", "description": "No notes for control-id R8.", "props": [ @@ -3674,7 +3686,7 @@ ] }, { - "uuid": "a908c07d-a9cf-4e1a-aa45-c3ece774e982", + "uuid": "afbc3b8d-3941-4ed3-b00f-5abd1ec9ff81", "control-id": "r9", "description": "No notes for control-id R9.", "props": [ @@ -3736,7 +3748,7 @@ ] }, { - "uuid": "58b164b6-bc24-4a59-9cce-a785af2fb8b6", + "uuid": "51ba5edb-5e68-4c79-b92e-25d37530808d", "control-id": "r11", "description": "No notes for control-id R11.", "props": [ @@ -3753,7 +3765,7 @@ ] }, { - "uuid": "6642e02c-af32-4357-be0c-3922a0ff9514", + "uuid": "05d6a0e5-f89c-47da-9eb0-adb4efd09fa3", "control-id": "r12", "description": "No notes for control-id R12.", "props": [ @@ -3880,7 +3892,7 @@ ] }, { - "uuid": "72e4778c-f70f-4c14-8460-e9269280fb4f", + "uuid": "0fb6778e-5c32-4ce4-9ca2-be479b5cd5fd", "control-id": "r13", "description": "When IPv6 is not in use, disable it, otherwise secure the IPv6 stack. This control hardens the IPv6 stack, to disable it use the related rules instead.", "props": [ @@ -3972,7 +3984,7 @@ ] }, { - "uuid": "0ab97c7f-23b1-4e71-9231-6ede73d255c6", + "uuid": "a4efc802-18bf-44df-99d4-3b54a013622a", "control-id": "r14", "description": "The rule for the /proc file system is not implemented", "props": [ @@ -4009,7 +4021,7 @@ ] }, { - "uuid": "1c5a357d-2911-4f54-b631-d4fba01f31c4", + "uuid": "de14a0c7-e694-48e7-9cc7-f9ee87844133", "control-id": "r28", "description": "No notes for control-id R28.", "props": [ @@ -4141,7 +4153,7 @@ ] }, { - "uuid": "f4ace87b-b4a9-4d8e-82df-78efa2c5a02e", + "uuid": "731c3365-42fd-4a04-b7ac-507f0973422f", "control-id": "r32", "description": "ANSSI doesn't specify the length of the inactivity period, we are choosing 10 minutes as reasonable number.", "props": [ @@ -4163,7 +4175,7 @@ ] }, { - "uuid": "5bf92f4f-3b49-4341-a1a1-93f5f330dc55", + "uuid": "dd8dc1a9-15ff-42e1-b62a-28489a9badce", "control-id": "r33", "description": "By disabling direct root logins proper accountability is ensured. Users will login first, then escalate to privileged (root) access. Change of privilege operations must be based on executables to monitor the activities performed (for example sudo). Nonetheless, the content automation cannot ensure that each administrator was given a nominative administration account separate from his normal user account.", "props": [ @@ -4205,7 +4217,7 @@ ] }, { - "uuid": "e67394e3-1b94-4211-be21-8666ec794ae3", + "uuid": "c06d1ceb-3cd2-43b3-bc37-3d3dc3b549da", "control-id": "r34", "description": "The description for control-id r34.", "props": [ @@ -4218,7 +4230,7 @@ ] }, { - "uuid": "1eb1945a-a304-4e5c-870a-dbf04cb12800", + "uuid": "3961ea2f-766b-4783-a7b9-6943ac0f5ba3", "control-id": "r35", "description": "The description for control-id r35.", "props": [ @@ -4231,7 +4243,7 @@ ] }, { - "uuid": "7ec43d17-b310-4edc-965e-574c15f0008c", + "uuid": "b014a437-acf4-4c01-bd5b-284249eade35", "control-id": "r39", "description": "No notes for control-id R39.", "props": [ @@ -4268,7 +4280,7 @@ ] }, { - "uuid": "22ce7e22-3360-4176-843e-187bebadb181", + "uuid": "3e101766-3c0e-4216-9cc0-2f918af388e3", "control-id": "r40", "description": "No notes for control-id R40.", "props": [ @@ -4285,7 +4297,7 @@ ] }, { - "uuid": "d075c804-34e8-41fa-a84b-581912e75b6e", + "uuid": "8d10d81c-c7b0-4917-aee5-85ed8c291300", "control-id": "r42", "description": "No notes for control-id R42.", "props": [ @@ -4302,7 +4314,7 @@ ] }, { - "uuid": "bfec2c5b-c7a3-4f18-b234-6fb7d159d6cf", + "uuid": "b6d17020-ac16-4732-84ac-af01269477d1", "control-id": "r43", "description": "No notes for control-id R43.", "props": [ @@ -4319,7 +4331,7 @@ ] }, { - "uuid": "882460aa-cd85-4f82-b337-8efad054cea4", + "uuid": "5c6db9a8-2334-4615-93ac-487f54fcafcb", "control-id": "r44", "description": "The description for control-id r44.", "props": [ @@ -4332,7 +4344,7 @@ ] }, { - "uuid": "a6480e57-04f0-440a-8bd8-cb7166a7c24b", + "uuid": "05331914-e479-4213-a6fd-7039fae72bbf", "control-id": "r50", "description": "No notes for control-id R50.", "props": [ @@ -4699,7 +4711,7 @@ ] }, { - "uuid": "52231c66-509c-4db5-9578-9d4cf8b3777d", + "uuid": "0081df9f-b10e-4dab-9f8d-3df3597d1aeb", "control-id": "r52", "description": "The description for control-id r52.", "props": [ @@ -4712,7 +4724,7 @@ ] }, { - "uuid": "57b0349e-5b66-4a93-bbbb-fc57c446cfb9", + "uuid": "f1cd8dce-5f27-4fc0-8987-b9a677900be7", "control-id": "r55", "description": "The approach of the selected rules is to use and configure pam_namespace module.", "props": [ @@ -4744,7 +4756,7 @@ ] }, { - "uuid": "ac3177b6-0317-48f1-beef-91444f1ee7b3", + "uuid": "9b1712a8-ffa8-4ede-8b20-729a75dcf053", "control-id": "r63", "description": "The description for control-id r63.", "props": [ @@ -4757,7 +4769,7 @@ ] }, { - "uuid": "3e9ba99d-6e9b-4771-8b7c-fe7a695b5a73", + "uuid": "932953db-7aed-496f-b917-6b152e21a8f2", "control-id": "r67", "description": "In systems where remote authentication is handled through sssd service, PAM delegates\nrequests for remote authentication to sssd service through a local Unix socket. The sssd\nservice can use IPA, AD or LDAP as a remote database containing information required for authentication.\nIn case LDAP is configured manually, there are several configuration options which should be chedked.", "props": [ @@ -4779,7 +4791,7 @@ ] }, { - "uuid": "67adf8fb-4c35-468f-a9aa-e794030e7d53", + "uuid": "9d73f398-dbb6-4350-8e64-f4ea36c061d8", "control-id": "r69", "description": "The description for control-id r69.", "props": [ @@ -4792,7 +4804,7 @@ ] }, { - "uuid": "d4d4d4c8-54aa-479a-8f59-561f757a8f0a", + "uuid": "df3aa15d-05e9-47c5-861f-f1a5f5533517", "control-id": "r70", "description": "The description for control-id r70.", "props": [ @@ -4805,7 +4817,7 @@ ] }, { - "uuid": "e1fd9971-4552-477e-8be8-3d08c46ea60b", + "uuid": "ea1adca2-76f2-48c4-8706-3d257ba6852d", "control-id": "r74", "description": "No notes for control-id R74.", "props": [ @@ -4822,7 +4834,7 @@ ] }, { - "uuid": "750e5e39-d7d0-4e73-8099-4d6f3d80866a", + "uuid": "8a98e4c4-a6c1-4d77-af7c-c95203b3d48c", "control-id": "r75", "description": "Only the alias for root user is covered by the rule. The other services cannot be reliably covered, as there is no simple way of determining what is a service account.", "props": [ @@ -4839,7 +4851,7 @@ ] }, { - "uuid": "ee437acb-1012-4edf-a71a-f8858ce9890f", + "uuid": "3445d376-15fc-4bb1-a904-0fae1778cc4d", "control-id": "r79", "description": "SELinux can provide confinement and monitoring of services, and AIDE provides basic integrity checking. System logs are configured as part of R43. Hardening of particular services should be done on a case by case basis and is not automated by this content.", "props": [ @@ -4866,7 +4878,7 @@ ] }, { - "uuid": "b22350c2-13c4-4981-9c4b-a4f58ec2e2e2", + "uuid": "1c5cfca9-5cb7-4156-bc13-5cd09683e516", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -4879,7 +4891,7 @@ ] }, { - "uuid": "7b0f91a3-3344-4761-9df0-02beb1e10330", + "uuid": "2036f351-8802-41af-b2c4-5fae49ccd508", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -4951,7 +4963,7 @@ ] }, { - "uuid": "273a6cac-fab5-46c8-b612-962dd4020c2a", + "uuid": "39411655-493a-46b8-80a3-3a0c04775c79", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -4973,7 +4985,7 @@ ] }, { - "uuid": "ee0efede-399d-41db-ae8d-5f2d52e8a7ac", + "uuid": "569635ea-fbfa-4c2d-8ed7-c543ff27f647", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -5000,7 +5012,7 @@ ] }, { - "uuid": "445b61a2-45ca-4c64-a603-d18762f48fb6", + "uuid": "9c8c1f9f-a821-402b-ab40-c4afaa650d1b", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -5022,7 +5034,7 @@ ] }, { - "uuid": "30f03c15-68dd-4534-9233-161e5bccdf41", + "uuid": "1ab50c3f-c338-4511-ba04-77f647bc4a18", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -5035,7 +5047,7 @@ ] }, { - "uuid": "26e60548-7930-4353-9f1e-9a7f9076f4be", + "uuid": "cbc3242b-4b96-4834-bff4-79f38c3b9740", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -5063,11 +5075,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "c5ae1b5b-029e-474f-aa01-3f41e049a4f2", + "uuid": "824aeb55-cae5-4f90-b0a1-764d51282c60", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -5099,7 +5116,7 @@ ] }, { - "uuid": "8b1c970c-ba9c-480a-a95c-0223ecb8e2c8", + "uuid": "7cfc5735-b99e-4e91-81be-7abd2bb66ee7", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -5137,7 +5154,7 @@ ] }, { - "uuid": "0307a843-c7c3-43d9-b5af-eb99cbfd64af", + "uuid": "730f6c09-d12f-45cc-9604-acc5eda8cf6e", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -5174,7 +5191,7 @@ ] }, { - "uuid": "450be798-0576-43c7-9009-dd97807f240a", + "uuid": "ab5ab908-ce4e-4d47-821e-1a37ecfb1052", "control-id": "r80", "description": "The description for control-id r80.", "props": [ @@ -5541,7 +5558,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -5559,7 +5576,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -6363,4879 +6380,4903 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_023" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_024" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_025" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_026" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_026" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_027" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_027" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_028" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_028" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_029" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_029" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_030" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_030" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_031" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_031" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_032" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_032" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_033" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_033" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_033" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "accounts_password_pam_unix_rounds_system_auth", + "remarks": "rule_set_034" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Set number of Password Hashing Rounds - system-auth", + "remarks": "rule_set_034" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "accounts_password_pam_unix_rounds_system_auth", + "remarks": "rule_set_034" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Set number of Password Hashing Rounds - system-auth", + "remarks": "rule_set_034" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_password_auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - password-auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_unix_rounds_password_auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of Password Hashing Rounds - password-auth", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_password", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Boot Loader Password in grub2", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_password", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Boot Loader Password in grub2", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_l1tf_argument", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure L1 Terminal Fault mitigations", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_l1tf_argument", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure L1 Terminal Fault mitigations", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_poison_argument", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable page allocator poisoning", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_poison_argument", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable page allocator poisoning", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_pti_argument", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Page-Table Isolation (KPTI)", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_pti_argument", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Page-Table Isolation (KPTI)", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slab_nomerge_argument", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable merging of slabs with similar size", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slab_nomerge_argument", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable merging of slabs with similar size", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slub_debug_argument", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB/SLAB allocator poisoning", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_slub_debug_argument", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SLUB/SLAB allocator poisoning", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spec_store_bypass_disable_argument", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Speculative Store Bypass Mitigation", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spec_store_bypass_disable_argument", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Speculative Store Bypass Mitigation", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spectre_v2_argument", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enforce Spectre v2 mitigation", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_spectre_v2_argument", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enforce Spectre v2 mitigation", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mds_argument", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Microarchitectural Data Sampling mitigation", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mds_argument", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Microarchitectural Data Sampling mitigation", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mce_argument", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force kernel panic on uncorrected MCEs", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_mce_argument", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Force kernel panic on uncorrected MCEs", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_alloc_shuffle_argument", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable randomization of the page allocator", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_page_alloc_shuffle_argument", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable randomization of the page allocator", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_rng_core_default_quality_argument", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the confidence in TPM for entropy", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_rng_core_default_quality_argument", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the confidence in TPM for entropy", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_vm_mmap_min_addr", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent applications from mapping low portion of virtual memory", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_vm_mmap_min_addr", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent applications from mapping low portion of virtual memory", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_pid_max", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure maximum number of process identifiers", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_pid_max", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure maximum number of process identifiers", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_max_sample_rate", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit sampling frequency of the Perf system", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_max_sample_rate", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit sampling frequency of the Perf system", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_cpu_time_max_percent", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit CPU consumption of the Perf system", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_cpu_time_max_percent", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Limit CPU consumption of the Perf system", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_paranoid", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow kernel profiling by unprivileged users", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_perf_event_paranoid", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow kernel profiling by unprivileged users", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_sysrq", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow magic SysRq key", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_sysrq", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disallow magic SysRq key", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_panic_on_oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic on oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_panic_on_oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Kernel panic on oops", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_local", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting Packets Routed Between Local Interfaces", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_local", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting Packets Routed Between Local Interfaces", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_redirects", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_redirects", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_redirects", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_redirects", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_secure_redirects", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_secure_redirects", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_secure_redirects", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_secure_redirects", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_shared_media", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_shared_media", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects for All IPv4 Interfaces", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_shared_media", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects by Default", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_shared_media", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Sending and Accepting Shared Media Redirects by Default", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_source_route", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_accept_source_route", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_source_route", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_accept_source_route", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_filter", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure ARP filtering for All IPv4 Interfaces", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_filter", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure ARP filtering for All IPv4 Interfaces", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_ignore", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_arp_ignore", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_route_localnet", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_route_localnet", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Drop Gratuitous ARP frames on All IPv4 Interfaces", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_rp_filter", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_rp_filter", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_rp_filter", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_rp_filter", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_send_redirects", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_all_send_redirects", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_send_redirects", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_conf_default_send_redirects", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_local_port_range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Kernel Parameter to Increase Local Port Range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_local_port_range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Kernel Parameter to Increase Local Port Range", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_rfc1337", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_rfc1337", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_syncookies", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_tcp_syncookies", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_router_solicitations", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_router_solicitations", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_router_solicitations", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_router_solicitations", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Denying Router Solicitations on All IPv6 Interfaces By Default", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_rtr_pref", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_rtr_pref", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_pinfo", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_pinfo", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_ra_defrtr", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_ra_defrtr", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_autoconf", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_autoconf", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_autoconf", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_autoconf", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Auto Configuration on All IPv6 Interfaces By Default", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_redirects", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_redirects", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_redirects", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_redirects", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_source_route", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_accept_source_route", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_source_route", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_accept_source_route", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_max_addresses", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_all_max_addresses", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_max_addresses", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv6_conf_default_max_addresses", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_suid_dumpable", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Core Dumps for SUID programs", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_suid_dumpable", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Core Dumps for SUID programs", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_fifos", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_fifos", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on FIFOs", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_regular", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Regular files", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_regular", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Regular files", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_nodev_nonroot_local_partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to Non-Root Local Partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_nodev_nonroot_local_partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to Non-Root Local Partitions", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_boot", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /boot Located On Separate Partition", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_boot", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /boot Located On Separate Partition", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_nosuid", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /boot", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_nosuid", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /boot", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_noexec", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /boot", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_boot_noexec", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /boot", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_opt", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /opt Located On Separate Partition", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_opt", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /opt Located On Separate Partition", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_opt_nosuid", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /opt", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_opt_nosuid", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /opt", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "systemd_tmp_mount_enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure tmp.mount Unit Is Enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "systemd_tmp_mount_enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure tmp.mount Unit Is Enabled", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_nosuid", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /tmp", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_nosuid", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /tmp", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_noexec", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /tmp", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_tmp_noexec", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /tmp", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_srv", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /srv Located On Separate Partition", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_srv", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /srv Located On Separate Partition", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_srv_nosuid", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /srv", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_srv_nosuid", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /srv", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_nosuid", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /home", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_nosuid", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /home", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_noexec", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /home", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_home_noexec", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /home", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_usr", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /usr Located On Separate Partition", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_usr", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /usr Located On Separate Partition", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_nosuid", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_nosuid", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_noexec", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_noexec", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_noexec", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/log", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_noexec", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/log", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_nosuid", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/log", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_log_nosuid", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/log", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_nosuid", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/tmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_nosuid", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /var/tmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_noexec", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/tmp", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_var_tmp_noexec", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /var/tmp", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "logind_session_timeout", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Logind to terminate idle sessions after certain time of inactivity", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "logind_session_timeout", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Logind to terminate idle sessions after certain time of inactivity", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_tmout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interactive Session Timeout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_tmout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interactive Session Timeout", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_direct_root_logins", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Direct root Logins Not Allowed", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_direct_root_logins", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Direct root Logins Not Allowed", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - sudo", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_noexec", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_noexec", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_add_env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_root_target", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't target root user in the sudoers file", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_root_target", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't target root user in the sudoers file", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_command_negation", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't define allowed commands in sudoers by means of exclusion", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_no_command_negation", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Don't define allowed commands in sudoers by means of exclusion", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_explicit_command_args", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Explicit arguments in sudo specifications", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudoers_explicit_command_args", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Explicit arguments in sudo specifications", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_groupownership", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_groupownership", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_ownership", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_ownership", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have a Valid Owner", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_permissions", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_users_home_files_permissions", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_group_root_owned", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root as a group owner", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_group_root_owned", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root as a group owner", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_root_owned", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root ownership", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_system_commands_root_owned", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands directories have root ownership", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_system_commands_dirs", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands files are group owned by root or a system account", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_system_commands_dirs", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that system commands files are group owned by root or a system account", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_private_key", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_private_key", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_private_key", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_private_key", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Private *_key Key Files", - "remarks": "rule_set_171" + "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_172" + "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_pub_key", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_sshd_pub_key", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_173" + "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_pub_key", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_sshd_pub_key", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", - "remarks": "rule_set_174" + "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_pub_key", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Public *.pub Key Files", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_pub_key", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Public *.pub Key Files", - "remarks": "rule_set_175" + "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_sshd_config", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Owner on SSH Server config file", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_sshd_config", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Owner on SSH Server config file", - "remarks": "rule_set_176" + "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_sshd_config", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns SSH Server config file", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_sshd_config", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns SSH Server config file", - "remarks": "rule_set_177" + "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_config", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server config file", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_config", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server config file", - "remarks": "rule_set_178" + "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_selinux", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/selinux Directory", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_selinux", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/selinux Directory", - "remarks": "rule_set_179" + "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_selinux", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/selinux Directory", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_selinux", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/selinux Directory", - "remarks": "rule_set_180" + "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_selinux", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/selinux Directory", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_selinux", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/selinux Directory", - "remarks": "rule_set_181" + "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sestatus_conf", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sestatus_conf", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_182" + "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sestatus_conf", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sestatus_conf", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sestatus.conf File", - "remarks": "rule_set_183" + "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sestatus_conf", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sestatus.conf File", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sestatus_conf", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sestatus.conf File", - "remarks": "rule_set_184" + "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_ipsecd", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_ipsecd", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_185" + "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_ipsecd", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_ipsecd", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.d Directory", - "remarks": "rule_set_186" + "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_ipsecd", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.d Directory", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_ipsecd", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.d Directory", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_conf", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_conf", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_conf", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_conf", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.conf File", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_conf", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.conf File", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_ipsec_secrets", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_ipsec_secrets", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/ipsec.secrets File", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_ipsec_secrets", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/ipsec.secrets File", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_iptables", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/iptables Directory", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_iptables", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/iptables Directory", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_iptables", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/iptables Directory", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_nftables", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/nftables Directory", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_nftables", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/nftables Directory", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_nftables", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/nftables Directory", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sysctld", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sysctld", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sysctl.d Directory", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sysctld", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sysctl.d Directory", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_sudoers", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers File", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_sudoers", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers File", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_sudoers", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers File", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_owner_etc_sudoersd", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_groupowner_etc_sudoersd", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/sudoers.d Directory", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_etc_sudoersd", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/sudoers.d Directory", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_crypttab", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/crypttab File", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_crypttab", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/crypttab File", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_crypttab", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/crypttab File", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_chrony_keys", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/chrony.keys File", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_chrony_keys", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/chrony.keys File", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_chrony_keys", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions On /etc/chrony.keys File", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_pam_namespace", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Up a Private Namespace in PAM Configuration", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_tmp", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /tmp Directories", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_polyinstantiated_var_tmp", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Polyinstantiation of /var/tmp Directories", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_polyinstantiation_enabled", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the polyinstantiation_enabled SELinux Boolean", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sssd_installed", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the SSSD Package", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_sssd_enabled", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the SSSD Service", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_network_listening_disabled", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Postfix Network Listening", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "postfix_client_configure_mail_alias", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System to Forward All Mail For The Root Account", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_225" + "remarks": "rule_set_226" } ], "control-implementations": [ { - "uuid": "71472b61-03f3-4d46-89d1-788002d46a72", + "uuid": "0f7c69df-afb5-49b7-8362-ca656a972141", "source": "trestle://profiles/rhel10-anssi-intermediary/profile.json", "description": "Control implementation for anssi_bp28_intermediary", "props": [ @@ -11453,7 +11494,7 @@ ], "implemented-requirements": [ { - "uuid": "5dcd3bca-76de-411c-88e5-9ce2791d9b6c", + "uuid": "dd4cfb2c-c155-4669-8137-3cfd3666d8ea", "control-id": "r2", "description": "The description for control-id r2.", "props": [ @@ -11466,7 +11507,7 @@ ] }, { - "uuid": "4aaca4f7-0621-4f34-8559-5d361e4897a2", + "uuid": "cc737702-6ecc-4935-bcac-5dee36f82adc", "control-id": "r3", "description": "The description for control-id r3.", "props": [ @@ -11479,7 +11520,7 @@ ] }, { - "uuid": "77f82688-81ae-4b6a-81fe-ca7cd47abcde", + "uuid": "6c0d6d30-d5d1-4da6-bc0f-46978ce0c9bf", "control-id": "r5", "description": "No notes for control-id R5.", "props": [ @@ -11496,7 +11537,7 @@ ] }, { - "uuid": "ac193911-54fc-43e1-bd84-5080f748395d", + "uuid": "e81a4294-8e0c-4f2e-81c4-f2279a7b1ef2", "control-id": "r8", "description": "No notes for control-id R8.", "props": [ @@ -11568,7 +11609,7 @@ ] }, { - "uuid": "6faadf2e-5693-4bbf-990e-b3e7326b6353", + "uuid": "235f0d84-f166-4f78-b7dc-2d1fac9f280d", "control-id": "r9", "description": "No notes for control-id R9.", "props": [ @@ -11630,7 +11671,7 @@ ] }, { - "uuid": "d30820e6-27e4-4aa6-81a3-2635d63384af", + "uuid": "ec31f2e5-be50-4069-b66c-28dec0869258", "control-id": "r11", "description": "No notes for control-id R11.", "props": [ @@ -11647,7 +11688,7 @@ ] }, { - "uuid": "4027b378-4dd0-4321-a9d2-a119f35ba8cd", + "uuid": "e90f9cde-90be-4a3f-ad69-ded2200b3cf8", "control-id": "r12", "description": "No notes for control-id R12.", "props": [ @@ -11774,7 +11815,7 @@ ] }, { - "uuid": "014b5ece-9397-46be-90eb-a00fda1126e0", + "uuid": "9f570931-8801-4bc1-821f-ba905bd5cde6", "control-id": "r13", "description": "When IPv6 is not in use, disable it, otherwise secure the IPv6 stack. This control hardens the IPv6 stack, to disable it use the related rules instead.", "props": [ @@ -11866,7 +11907,7 @@ ] }, { - "uuid": "3dd024c1-eb8b-4e88-8d8f-4decc9b0d39e", + "uuid": "b4031863-18c0-4907-9f4c-3aeda8856edb", "control-id": "r14", "description": "The rule for the /proc file system is not implemented", "props": [ @@ -11903,7 +11944,7 @@ ] }, { - "uuid": "a02dee67-2b2c-44de-abea-ac5025f637bb", + "uuid": "892e452b-fef7-49e1-921c-4de9091c1283", "control-id": "r28", "description": "No notes for control-id R28.", "props": [ @@ -12035,7 +12076,7 @@ ] }, { - "uuid": "503342fa-a2f3-459b-ae15-b1b40ef0fe41", + "uuid": "568715da-c5eb-4a2b-832b-0180aa2ef53f", "control-id": "r32", "description": "ANSSI doesn't specify the length of the inactivity period, we are choosing 10 minutes as reasonable number.", "props": [ @@ -12057,7 +12098,7 @@ ] }, { - "uuid": "78311c1e-b2c3-4bf3-b93a-69a6ae221f9d", + "uuid": "095b7172-4b23-4055-8548-3fb2bbc5b592", "control-id": "r33", "description": "By disabling direct root logins proper accountability is ensured. Users will login first, then escalate to privileged (root) access. Change of privilege operations must be based on executables to monitor the activities performed (for example sudo). Nonetheless, the content automation cannot ensure that each administrator was given a nominative administration account separate from his normal user account.", "props": [ @@ -12099,7 +12140,7 @@ ] }, { - "uuid": "e477d5d2-b076-4c9a-943b-de5d1491f949", + "uuid": "fef509bd-5269-43d9-a0e1-fd5419c6e78c", "control-id": "r34", "description": "The description for control-id r34.", "props": [ @@ -12112,7 +12153,7 @@ ] }, { - "uuid": "1b889836-e5fe-4c36-b185-b160adf148b9", + "uuid": "0ff02868-ad16-484f-bb37-1a48b46a271c", "control-id": "r35", "description": "The description for control-id r35.", "props": [ @@ -12125,7 +12166,7 @@ ] }, { - "uuid": "5df9fc85-b12c-488c-8f7e-c6f687023f36", + "uuid": "39609f3a-be39-4d03-bcd1-039a9a04ece0", "control-id": "r39", "description": "No notes for control-id R39.", "props": [ @@ -12162,7 +12203,7 @@ ] }, { - "uuid": "463a636f-1eee-4039-8c64-deafe6be2797", + "uuid": "e50c6a90-e095-4b44-ba17-1281af4f7495", "control-id": "r40", "description": "No notes for control-id R40.", "props": [ @@ -12179,7 +12220,7 @@ ] }, { - "uuid": "3f9aec21-de6c-46c6-8a08-2ea4d02aa718", + "uuid": "2c26f986-e856-4688-b8a9-620f6afeccd7", "control-id": "r42", "description": "No notes for control-id R42.", "props": [ @@ -12196,7 +12237,7 @@ ] }, { - "uuid": "0f7a5e9a-39d0-42c6-93da-05add99aa36c", + "uuid": "c9b20644-fd63-4b37-ac06-82087446730c", "control-id": "r43", "description": "No notes for control-id R43.", "props": [ @@ -12213,7 +12254,7 @@ ] }, { - "uuid": "6f99bbc2-dd33-454b-a938-4718ab374905", + "uuid": "653a7ae2-58e9-4b12-bf54-8c6258144109", "control-id": "r44", "description": "The description for control-id r44.", "props": [ @@ -12226,7 +12267,7 @@ ] }, { - "uuid": "bf387782-1e8c-456c-83b8-e5fa786a0e95", + "uuid": "fe91bf43-c988-4072-87e8-c7115e36f27e", "control-id": "r50", "description": "No notes for control-id R50.", "props": [ @@ -12593,7 +12634,7 @@ ] }, { - "uuid": "28e1d85b-0e8c-4ed2-824c-9b119a92f555", + "uuid": "cacbeb41-e762-4094-86db-b286b87e1382", "control-id": "r52", "description": "The description for control-id r52.", "props": [ @@ -12606,7 +12647,7 @@ ] }, { - "uuid": "786c4fdd-99a6-4bb5-a64a-3a9522e4b885", + "uuid": "a099665a-968a-46c8-92fd-2d49fea0069e", "control-id": "r55", "description": "The approach of the selected rules is to use and configure pam_namespace module.", "props": [ @@ -12638,7 +12679,7 @@ ] }, { - "uuid": "a545b123-5ea0-44e9-a053-185a04f6ff1f", + "uuid": "809945f2-c816-4e85-bb25-d31b4cc03d2f", "control-id": "r63", "description": "The description for control-id r63.", "props": [ @@ -12651,7 +12692,7 @@ ] }, { - "uuid": "165e6cd5-01fb-45a4-ba6e-0de4a49cfb97", + "uuid": "bf0c9e0f-f4d7-4476-b403-7451f134550a", "control-id": "r67", "description": "In systems where remote authentication is handled through sssd service, PAM delegates\nrequests for remote authentication to sssd service through a local Unix socket. The sssd\nservice can use IPA, AD or LDAP as a remote database containing information required for authentication.\nIn case LDAP is configured manually, there are several configuration options which should be chedked.", "props": [ @@ -12673,7 +12714,7 @@ ] }, { - "uuid": "3b1b778b-d109-461c-866c-9095f45d72a5", + "uuid": "816e942a-efc0-42e9-86d6-1428dc09c307", "control-id": "r69", "description": "The description for control-id r69.", "props": [ @@ -12686,7 +12727,7 @@ ] }, { - "uuid": "151e1448-de4d-44ab-a16d-86a97471b241", + "uuid": "dee34f85-1c75-49e8-8d7f-fb7725b391a0", "control-id": "r70", "description": "The description for control-id r70.", "props": [ @@ -12699,7 +12740,7 @@ ] }, { - "uuid": "4a886369-ce70-47e1-abeb-f8c5c660e3ea", + "uuid": "5fe4f45d-e71b-4ba1-8935-32a26f5d310e", "control-id": "r74", "description": "No notes for control-id R74.", "props": [ @@ -12716,7 +12757,7 @@ ] }, { - "uuid": "91ad07b1-fa25-4378-8b2a-c76886b99cf5", + "uuid": "43de18c9-b3d5-4fef-aea6-29f20fa14cab", "control-id": "r75", "description": "Only the alias for root user is covered by the rule. The other services cannot be reliably covered, as there is no simple way of determining what is a service account.", "props": [ @@ -12733,7 +12774,7 @@ ] }, { - "uuid": "003f4ae3-634d-4791-a102-d70c15c4858c", + "uuid": "354e1fd9-9fb9-41f7-8f22-5b450fee16b5", "control-id": "r79", "description": "SELinux can provide confinement and monitoring of services, and AIDE provides basic integrity checking. System logs are configured as part of R43. Hardening of particular services should be done on a case by case basis and is not automated by this content.", "props": [ @@ -12760,7 +12801,7 @@ ] }, { - "uuid": "60d8d31d-4782-42e4-9994-bf34d2045e0d", + "uuid": "2b6d9a58-0934-40fa-9203-b436afcbd223", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -12773,7 +12814,7 @@ ] }, { - "uuid": "6376d019-10dd-4a4e-885b-f6c563b44fe4", + "uuid": "59cea12e-9b6a-4985-a8fc-0f934a860035", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -12845,7 +12886,7 @@ ] }, { - "uuid": "495aeb8c-10ac-49ab-b886-e2f26a48394c", + "uuid": "a6d994f2-30ef-46b1-936a-8d4530a29f8a", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -12867,7 +12908,7 @@ ] }, { - "uuid": "1ce48b4f-8c15-4504-b67a-6671146a170b", + "uuid": "8d33bc57-48dd-4a35-a1b5-688a591a6c15", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -12894,7 +12935,7 @@ ] }, { - "uuid": "1411755a-f69d-4338-88c9-a9a7a648eea4", + "uuid": "5ec7ab04-9f40-4e34-a795-0cda7422b057", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -12916,7 +12957,7 @@ ] }, { - "uuid": "1faa444f-710d-48cc-b78d-e78e08842ac7", + "uuid": "9da52488-2f0d-4e3e-a089-12aa5b37e8b4", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -12929,7 +12970,7 @@ ] }, { - "uuid": "3597213b-3283-4e0a-b38a-090032f9e286", + "uuid": "e4e943be-ef11-4154-9345-d845f3ccf4d8", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -12957,11 +12998,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "d47a102c-899e-4681-8016-44d1986d0a23", + "uuid": "8c4b52cf-bf74-47c3-bfdb-9f20cd15bce9", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -12993,7 +13039,7 @@ ] }, { - "uuid": "34279f7a-1958-4511-8d87-1ace11c9ba46", + "uuid": "69668644-21da-43d6-9cba-1edf5f4af503", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -13031,7 +13077,7 @@ ] }, { - "uuid": "be1c4dce-14ef-46ab-8357-3d7d3b4aec47", + "uuid": "d9cffaba-33bf-4c2a-8fa4-6aed55808836", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -13068,7 +13114,7 @@ ] }, { - "uuid": "35d60d50-eacc-4b99-b665-0fc5a5411972", + "uuid": "7419c5df-9a03-4f35-a8c7-293d8a8f25c1", "control-id": "r80", "description": "The description for control-id r80.", "props": [ diff --git a/component-definitions/rhel10/rhel10-anssi-minimal/component-definition.json b/component-definitions/rhel10/rhel10-anssi-minimal/component-definition.json index cd9b71ea6..fc6c9fe92 100644 --- a/component-definitions/rhel10/rhel10-anssi-minimal/component-definition.json +++ b/component-definitions/rhel10/rhel10-anssi-minimal/component-definition.json @@ -3,8 +3,8 @@ "uuid": "186b75e3-6306-4419-b0a0-4f92c86067ab", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:23:51.407319+00:00", - "version": "1.3", + "last-modified": "2025-12-17T11:11:28.722800+00:00", + "version": "1.4", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_00" }, { @@ -185,7 +185,7 @@ { "name": "Parameter_Value_Alternatives_8", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_00" }, { @@ -617,163 +617,175 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_23" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_23" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_24" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_24" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_25" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_25" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_26" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_26" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_27" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_27" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_28" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_28" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_29" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_29" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_30" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_30" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_31" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_31" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_32" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_32" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_33" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_33" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_password_auth", + "value": "accounts_password_pam_unix_rounds_system_auth", "remarks": "rule_set_34" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - password-auth", + "value": "Set number of Password Hashing Rounds - system-auth", "remarks": "rule_set_34" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_unix_rounds_password_auth", "remarks": "rule_set_35" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Set number of Password Hashing Rounds - password-auth", "remarks": "rule_set_35" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "accounts_password_pam_minclass", + "remarks": "rule_set_36" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "remarks": "rule_set_36" } ], "control-implementations": [ { - "uuid": "7ba97df9-886a-457a-8370-5491b0e109a6", + "uuid": "e6ac02d1-c84b-461d-bd53-cdc625801653", "source": "trestle://profiles/rhel10-anssi-minimal/profile.json", "description": "Control implementation for anssi_bp28_minimal", "props": [ @@ -895,7 +907,7 @@ ], "implemented-requirements": [ { - "uuid": "c83bac61-f9a7-485d-91d8-6c27a1175eae", + "uuid": "f6e7977d-2540-4abf-8ab7-6fe337a35130", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -908,7 +920,7 @@ ] }, { - "uuid": "b2820e09-a043-4d94-a4bf-be286c322176", + "uuid": "9de0f6a6-345c-4f03-a835-29ab3b60ceab", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -980,7 +992,7 @@ ] }, { - "uuid": "e0a62f17-4a01-442f-bb31-60abddfab4a9", + "uuid": "571400bf-0af9-4fb9-ad2c-c044ebd1f5dc", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -1002,7 +1014,7 @@ ] }, { - "uuid": "289341aa-ddc6-4054-b3ff-14c7939b6698", + "uuid": "b8173954-5414-45ac-b7a9-d07179bed1d0", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -1029,7 +1041,7 @@ ] }, { - "uuid": "9b4bcb8b-07bb-402d-9fbb-ab6fbfe48765", + "uuid": "389b0ef4-6750-4414-ac03-3c78ad5088f5", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -1051,7 +1063,7 @@ ] }, { - "uuid": "3232cafc-16f0-471b-bf55-98fd2a147e86", + "uuid": "feb9cdb0-3759-4ff5-9834-e7dc2300055a", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -1064,7 +1076,7 @@ ] }, { - "uuid": "3eb30ab8-c619-47f7-a56a-18ea15e7795c", + "uuid": "fbdecb8b-c291-4324-abdf-5e8cee2a98db", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -1092,11 +1104,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "b7c397e2-d614-4f49-9eb2-7fe605fa8694", + "uuid": "50f5d604-cef0-4ea7-8a90-0caa322a5428", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -1128,7 +1145,7 @@ ] }, { - "uuid": "e040b154-fd70-46e8-86ef-0adc7f12f6f0", + "uuid": "862b3bb3-3997-4670-bd0a-803766058af5", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -1166,7 +1183,7 @@ ] }, { - "uuid": "fb5d45e1-414c-44b0-8884-9206c9a78bd0", + "uuid": "8e84cdef-d50a-498f-9aa8-7909d325d05c", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -1203,7 +1220,7 @@ ] }, { - "uuid": "7b9735bf-30d5-4ee0-a091-c92eb28f7a6e", + "uuid": "b8449ee9-a54d-4d87-8734-304fdb38b869", "control-id": "r80", "description": "The description for control-id r80.", "props": [ @@ -1390,7 +1407,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_00" }, { @@ -1408,7 +1425,7 @@ { "name": "Parameter_Value_Alternatives_8", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_00" }, { @@ -2104,319 +2121,343 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_23" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_23" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnf-automatic_installed", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_23" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install dnf-automatic Package", + "value": "Install sequoia-sq Package", "remarks": "rule_set_23" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_24" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_24" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_dnf-automatic_enabled", + "value": "package_dnf-automatic_installed", "remarks": "rule_set_24" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable dnf-automatic Timer", + "value": "Install dnf-automatic Package", "remarks": "rule_set_24" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_25" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_25" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "timer_dnf-automatic_enabled", "remarks": "rule_set_25" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Enable dnf-automatic Timer", "remarks": "rule_set_25" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_26" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_26" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_26" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_26" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_27" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_27" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_27" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_27" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_28" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_28" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "package_kea_removed", "remarks": "rule_set_28" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Uninstall kea Package", "remarks": "rule_set_28" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_29" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_29" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_telnet_removed", "remarks": "rule_set_29" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Remove telnet Clients", "remarks": "rule_set_29" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_30" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_30" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_30" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_30" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_31" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_31" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_tftp_removed", "remarks": "rule_set_31" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Remove tftp Daemon", "remarks": "rule_set_31" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_32" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_32" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "package_tftp-server_removed", "remarks": "rule_set_32" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_32" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_33" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_33" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_system_auth", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_33" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - system-auth", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_33" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_password_auth", + "value": "accounts_password_pam_unix_rounds_system_auth", "remarks": "rule_set_34" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - password-auth", + "value": "Set number of Password Hashing Rounds - system-auth", "remarks": "rule_set_34" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_rounds_password_auth", + "value": "accounts_password_pam_unix_rounds_system_auth", "remarks": "rule_set_34" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of Password Hashing Rounds - password-auth", + "value": "Set number of Password Hashing Rounds - system-auth", "remarks": "rule_set_34" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_unix_rounds_password_auth", "remarks": "rule_set_35" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Set number of Password Hashing Rounds - password-auth", "remarks": "rule_set_35" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_unix_rounds_password_auth", "remarks": "rule_set_35" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Set number of Password Hashing Rounds - password-auth", "remarks": "rule_set_35" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "accounts_password_pam_minclass", + "remarks": "rule_set_36" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "remarks": "rule_set_36" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "accounts_password_pam_minclass", + "remarks": "rule_set_36" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "remarks": "rule_set_36" } ], "control-implementations": [ { - "uuid": "7b631344-cc71-452e-823b-29671a9eb6c0", + "uuid": "984de1f2-43d0-4459-ac94-bc5d37335840", "source": "trestle://profiles/rhel10-anssi-minimal/profile.json", "description": "Control implementation for anssi_bp28_minimal", "props": [ @@ -2538,7 +2579,7 @@ ], "implemented-requirements": [ { - "uuid": "ae60edf9-1062-4151-9e02-0fee9d46a9ad", + "uuid": "d3f89f3d-a345-4029-8d5b-da90c1a5e636", "control-id": "r30", "description": "The description for control-id r30.", "props": [ @@ -2551,7 +2592,7 @@ ] }, { - "uuid": "f1efb6a9-201a-437e-9218-fd9ac006a420", + "uuid": "a2461ebf-778d-4d6a-8d5e-bda2d9f0ce35", "control-id": "r31", "description": "The rules selected below establish a general password strength baseline of 100 bits, based on the recommendations of the technical note \"Recommandations relatives à l'authentification multifacteur et aux mots de passe\" (https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe)\nThe baseline should be reviewed and tailored to the system's use case and needs.", "props": [ @@ -2623,7 +2664,7 @@ ] }, { - "uuid": "a9566e67-250b-4afa-bc2f-992fd87f9913", + "uuid": "70e1da0f-50ba-4bff-96d0-c6233cb7168b", "control-id": "r53", "description": "No notes for control-id R53.", "props": [ @@ -2645,7 +2686,7 @@ ] }, { - "uuid": "122ff14d-18b8-4f8e-bbfc-cbc7c1c558f8", + "uuid": "4376c0a6-8208-42a2-b2cc-a596e8ed76e4", "control-id": "r54", "description": "No notes for control-id R54.", "props": [ @@ -2672,7 +2713,7 @@ ] }, { - "uuid": "9944b122-7586-4114-b42d-47b79f4b85ff", + "uuid": "5cf9872d-ee5e-473b-9513-0a843e3741a0", "control-id": "r56", "description": "Only programs specifically designed to be used with setuid or setgid bits can have these privilege bits set. This requirement considers apropriate for setuid and setgid bits the binaries that are installed from recognized and authorized repositories (covered in R15). The remediation resets the sticky bit to intended value by vendor/developer, any finding after remediation should be reviewed.", "props": [ @@ -2694,7 +2735,7 @@ ] }, { - "uuid": "4df4a871-87ca-4011-a488-68e2a5decfed", + "uuid": "ef59234a-cb8b-4941-947a-f02c6d98caeb", "control-id": "r58", "description": "The description for control-id r58.", "props": [ @@ -2707,7 +2748,7 @@ ] }, { - "uuid": "d5283c61-e3c8-4f0c-b49f-390f13ee2772", + "uuid": "126bb35b-d6de-4d46-a5a2-173f881b3eff", "control-id": "r59", "description": "It is not trivial to distinguish an official repository from an unofficial one. We cannot draw conclusions from the repo name or URL of the repo (as they can be arbitrary or behind a proxy). One approach to check the origin of installed packages is to check the signature of the packages. If the public key of a repository is not installed, the repo is not trusted.", "props": [ @@ -2735,11 +2776,16 @@ "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" } ] }, { - "uuid": "fc381c74-856f-4aaf-9d8b-600b1c512abd", + "uuid": "d510de38-ea5f-4380-8c5b-ce742012f7d0", "control-id": "r61", "description": "Check the vendor CVE feed and configure automatic install of security related updates.", "props": [ @@ -2771,7 +2817,7 @@ ] }, { - "uuid": "0bd39e52-e136-4e30-88ae-7ecb7adb886e", + "uuid": "8faab673-80b2-46f2-a7fa-5c6ca11e44dd", "control-id": "r62", "description": "The description for control-id r62.", "props": [ @@ -2809,7 +2855,7 @@ ] }, { - "uuid": "c3b130d8-87e4-4488-b167-1c9d123e2b2d", + "uuid": "fc862e07-1110-4d30-ab92-9cce40ed4f7c", "control-id": "r68", "description": "The selection of rules doesn't cover the use of hardware devices to protect the passwords.", "props": [ @@ -2846,7 +2892,7 @@ ] }, { - "uuid": "d58265bb-1e9d-44a6-9789-2ba926295907", + "uuid": "44a24792-aeb6-4a85-b889-36646c02c4b9", "control-id": "r80", "description": "The description for control-id r80.", "props": [ diff --git a/component-definitions/rhel10/rhel10-cis_rhel10-l1_server/component-definition.json b/component-definitions/rhel10/rhel10-cis_rhel10-l1_server/component-definition.json index 718b6fff8..b505c7541 100644 --- a/component-definitions/rhel10/rhel10-cis_rhel10-l1_server/component-definition.json +++ b/component-definitions/rhel10/rhel10-cis_rhel10-l1_server/component-definition.json @@ -3,8 +3,8 @@ "uuid": "c4be1cdf-5566-4add-81ec-694b72fc0910", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:25:33.421653+00:00", - "version": "3.2", + "last-modified": "2025-12-17T10:47:04.607240+00:00", + "version": "3.6", "oscal-version": "1.1.3" }, "components": [ @@ -725,7 +725,7 @@ { "name": "Parameter_Value_Alternatives_38", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -743,7 +743,7 @@ { "name": "Parameter_Value_Alternatives_39", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -1487,3451 +1487,3427 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_automount", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automounting", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_gnome_disable_automount_open", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Disable GNOME3 Automount Opening", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount", + "value": "service_autofs_disabled", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automounting", + "value": "Disable the Automounter", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount_open", + "value": "service_avahi-daemon_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount Opening", + "value": "Disable Avahi Server Software", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_kea_removed", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall kea Package", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_autofs_disabled", + "value": "package_bind_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the Automounter", + "value": "Uninstall bind Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_avahi-daemon_disabled", + "value": "package_dnsmasq_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Avahi Server Software", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_cups_disabled", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable the CUPS Service", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_rsync_removed", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall rsync Package", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cups_disabled", + "value": "package_samba_removed", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the CUPS Service", + "value": "Uninstall Samba Package", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "wireless_disable_interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "service_bluetooth_disabled", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable Bluetooth Service", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "kernel_module_can_disabled", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Disable CAN Support", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_bluetooth_disabled", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Bluetooth Service", + "value": "Disable DCCP Support", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "disable_host_auth", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_rhosts", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_use_strong_kex", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", + "value": "package_systemd-journal-remote_installed", "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", + "value": "Install systemd-journal-remote Package", "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", + "value": "service_systemd-journal-upload_enabled", "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", + "value": "Enable systemd-journal-upload Service", "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_systemd-journal-remote_installed", + "value": "socket_systemd-journal-remote_disabled", "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install systemd-journal-remote Package", + "value": "Disable systemd-journal-remote Socket", "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journal-upload_enabled", + "value": "journald_disable_forward_to_syslog", "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journal-upload Service", + "value": "Ensure journald ForwardToSyslog is disabled", "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "socket_systemd-journal-remote_disabled", + "value": "journald_compress", "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable systemd-journal-remote Socket", + "value": "Ensure journald is configured to compress large log files", "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_disable_forward_to_syslog", + "value": "journald_storage", "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald ForwardToSyslog is disabled", + "value": "Ensure journald is configured to write log files to persistent disk", "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_compress", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to compress large log files", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_storage", + "value": "rsyslog_files_ownership", "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to write log files to persistent disk", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_files_permissions", "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "file_groupowner_etc_passwd", "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "Verify Group Who Owns passwd File", "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "file_owner_etc_passwd", "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "Verify User Who Owns passwd File", "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_passwd", + "value": "file_permissions_etc_passwd", "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns passwd File", + "value": "Verify Permissions on passwd File", "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_passwd", + "value": "file_groupowner_backup_etc_passwd", "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns passwd File", + "value": "Verify Group Who Owns Backup passwd File", "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_passwd", + "value": "file_owner_backup_etc_passwd", "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on passwd File", + "value": "Verify User Who Owns Backup passwd File", "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_passwd", + "value": "file_permissions_backup_etc_passwd", "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup passwd File", + "value": "Verify Permissions on Backup passwd File", "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_passwd", + "value": "file_groupowner_etc_group", "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup passwd File", + "value": "Verify Group Who Owns group File", "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_passwd", + "value": "file_owner_etc_group", "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup passwd File", + "value": "Verify User Who Owns group File", "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_group", + "value": "file_permissions_etc_group", "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns group File", + "value": "Verify Permissions on group File", "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_group", + "value": "file_groupowner_backup_etc_group", "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns group File", + "value": "Verify Group Who Owns Backup group File", "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_group", + "value": "file_owner_backup_etc_group", "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on group File", + "value": "Verify User Who Owns Backup group File", "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_group", + "value": "file_permissions_backup_etc_group", "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup group File", + "value": "Verify Permissions on Backup group File", "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_group", + "value": "file_owner_etc_shadow", "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup group File", + "value": "Verify User Who Owns shadow File", "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_group", + "value": "file_groupowner_etc_shadow", "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup group File", + "value": "Verify Group Who Owns shadow File", "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shadow", + "value": "file_permissions_etc_shadow", "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns shadow File", + "value": "Verify Permissions on shadow File", "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shadow", + "value": "file_groupowner_backup_etc_shadow", "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns shadow File", + "value": "Verify User Who Owns Backup shadow File", "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shadow", + "value": "file_owner_backup_etc_shadow", "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on shadow File", + "value": "Verify Group Who Owns Backup shadow File", "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_shadow", + "value": "file_permissions_backup_etc_shadow", "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup shadow File", + "value": "Verify Permissions on Backup shadow File", "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_shadow", + "value": "file_groupowner_etc_gshadow", "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup shadow File", + "value": "Verify Group Who Owns gshadow File", "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_shadow", + "value": "file_owner_etc_gshadow", "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup shadow File", + "value": "Verify User Who Owns gshadow File", "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_gshadow", + "value": "file_permissions_etc_gshadow", "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns gshadow File", + "value": "Verify Permissions on gshadow File", "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_gshadow", + "value": "file_groupowner_backup_etc_gshadow", "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns gshadow File", + "value": "Verify Group Who Owns Backup gshadow File", "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_gshadow", + "value": "file_owner_backup_etc_gshadow", "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on gshadow File", + "value": "Verify User Who Owns Backup gshadow File", "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_gshadow", + "value": "file_permissions_backup_etc_gshadow", "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup gshadow File", + "value": "Verify Permissions on Backup gshadow File", "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_gshadow", + "value": "file_groupowner_etc_shells", "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup gshadow File", + "value": "Verify Group Who Owns /etc/shells File", "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_gshadow", + "value": "file_owner_etc_shells", "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup gshadow File", + "value": "Verify Who Owns /etc/shells File", "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shells", + "value": "file_permissions_etc_shells", "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/shells File", + "value": "Verify Permissions on /etc/shells File", "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shells", + "value": "file_groupowner_etc_security_opasswd", "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Who Owns /etc/shells File", + "value": "Verify Group Who Owns /etc/security/opasswd File", "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shells", + "value": "file_owner_etc_security_opasswd", "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/shells File", + "value": "Verify User Who Owns /etc/security/opasswd File", "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd", + "value": "file_permissions_etc_security_opasswd", "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd File", + "value": "Verify Permissions on /etc/security/opasswd File", "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd", + "value": "file_groupowner_etc_security_opasswd_old", "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd File", + "value": "Verify Group Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_security_opasswd", + "value": "file_owner_etc_security_opasswd_old", "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/security/opasswd File", + "value": "Verify User Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_298" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_299" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_299" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_300" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_300" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_323" + "remarks": "rule_set_321" } ], "control-implementations": [ { - "uuid": "1998505d-7863-45c6-8b30-2a7ee43e6089", + "uuid": "62fa143e-07f6-436c-ae50-ceb0e189b99f", "source": "trestle://profiles/rhel10-cis_rhel10-l1_server/profile.json", "description": "Control implementation for cis_server_l1", "props": [ @@ -5173,13 +5149,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -5287,7 +5263,7 @@ ], "implemented-requirements": [ { - "uuid": "4cae1bae-2f77-4d56-ac12-0a7e1692b11a", + "uuid": "92197526-6d79-459b-80c6-42463be043db", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -5304,7 +5280,7 @@ ] }, { - "uuid": "d16277c9-1378-42d7-90c9-8083e07fd3f7", + "uuid": "aa930edc-363c-4010-972e-adaa1cf64fd7", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -5321,7 +5297,7 @@ ] }, { - "uuid": "2e380517-4f2b-45cd-83ff-af0efe706fb6", + "uuid": "14538a93-50e0-481f-963f-bbe04a64d7ef", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -5338,7 +5314,7 @@ ] }, { - "uuid": "568094d7-756e-492f-bfca-efe794dec593", + "uuid": "3e6d8665-186f-4029-bb63-1f0ef6475f05", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -5355,7 +5331,7 @@ ] }, { - "uuid": "2f36d2b5-60e9-467a-8a91-6f76809c5072", + "uuid": "202a5ac5-c08b-4c52-97d0-97830fe5b4dd", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -5372,7 +5348,7 @@ ] }, { - "uuid": "cdf7ad16-5e87-4987-b49c-379abe65d7f5", + "uuid": "34b206e7-cd50-4fd6-bb5d-569705e05e54", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -5389,7 +5365,7 @@ ] }, { - "uuid": "a025fc0b-d574-4c12-b9c7-9d1d0932b6ce", + "uuid": "0279e5ff-66bd-4546-84a9-181f600af5bf", "control-id": "cis_rhel10_1-1.1.9", "description": "No notes for control-id 1.1.1.9.", "props": [ @@ -5406,7 +5382,7 @@ ] }, { - "uuid": "4a36e0dc-d357-42cf-825b-1021a50a7f56", + "uuid": "eb40e633-a7ce-400e-a06c-8d749c61bacb", "control-id": "cis_rhel10_1-1.1.10", "description": "No notes for control-id 1.1.1.10.", "props": [ @@ -5423,7 +5399,7 @@ ] }, { - "uuid": "fe103713-36c2-4f3c-b05d-fc55401af7eb", + "uuid": "c5c3ad45-d2ca-44a3-a2d2-4b36c6ee9655", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -5436,7 +5412,7 @@ ] }, { - "uuid": "29b7085c-baee-4d8a-99d0-3b5d8d600ff7", + "uuid": "52a5b408-ba90-4665-b26e-f60048745571", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -5453,7 +5429,7 @@ ] }, { - "uuid": "3a83b78b-d036-43f8-9d88-5d9175de36bf", + "uuid": "615ab8c1-c59d-41fd-adf1-eaef694dc5f6", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -5470,7 +5446,7 @@ ] }, { - "uuid": "0e6b1b4f-5119-4f73-a78f-b259a7177688", + "uuid": "c5f1d06e-29a3-4cd6-9e9a-39a711efc993", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -5487,7 +5463,7 @@ ] }, { - "uuid": "9d2db1cb-1133-4901-b7c4-e12c3f793b70", + "uuid": "1018fa74-f2c5-4c5b-be47-c21987640b55", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -5504,7 +5480,7 @@ ] }, { - "uuid": "81a17f51-d057-475c-9b78-748ae225c50a", + "uuid": "f0082749-23b9-4d4f-97a3-f1dd5fd3a1ff", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -5521,7 +5497,7 @@ ] }, { - "uuid": "0f0e35e0-cb60-49c4-85bf-99daf220d0e5", + "uuid": "3818de2b-f535-4722-aad3-e9dc6f7cdc49", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -5538,7 +5514,7 @@ ] }, { - "uuid": "4bc50223-ea16-41c6-ab6b-905fd63a0b90", + "uuid": "4db56d0d-4f46-4488-ac73-b5c39eef91c5", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -5555,7 +5531,7 @@ ] }, { - "uuid": "a61d0c09-91e0-4afd-b28a-5813afbbaa6f", + "uuid": "6bec291f-9f2e-403d-9aae-c6b6f6cf7aa6", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -5572,7 +5548,7 @@ ] }, { - "uuid": "f136e369-ac5c-4a34-bbfd-347a3d901964", + "uuid": "45fcf839-a8c8-4f4e-bb1e-ad27983aeade", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -5589,7 +5565,7 @@ ] }, { - "uuid": "898f32b4-6c0f-43a5-8a45-33f02f85a054", + "uuid": "9086fabf-eb3f-4cb8-8fe6-78100cb55920", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -5606,7 +5582,7 @@ ] }, { - "uuid": "08741a51-d08c-4a5d-930a-a93dfc7d2d6e", + "uuid": "c6935296-f1a8-45b0-aa7d-3b45509d62fe", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -5623,7 +5599,7 @@ ] }, { - "uuid": "969ac3fb-26aa-45a9-b9e1-5708d49ff93f", + "uuid": "a2b0619e-e871-4d5b-9374-78ccb3c6cc7f", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -5640,7 +5616,7 @@ ] }, { - "uuid": "d625aa05-ffa8-45e6-8665-714a9b212174", + "uuid": "3c62d2ad-1b52-4ea5-8085-1f7529226f8f", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -5657,7 +5633,7 @@ ] }, { - "uuid": "da37b3c6-ed15-47e3-ad1d-98b432f562b6", + "uuid": "7842c5e4-d63c-4caa-a0c2-12a66af8a12f", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -5674,7 +5650,7 @@ ] }, { - "uuid": "c1ac9b83-0c64-4bdd-9972-f677afdfeb24", + "uuid": "7996bf51-980c-4b6a-bf35-5140e1270210", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -5691,7 +5667,7 @@ ] }, { - "uuid": "15d17a42-2ac0-4736-9ede-18ea8910bc47", + "uuid": "f14b2621-c25a-4ff1-ad5b-c36e8b81fad2", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -5708,7 +5684,7 @@ ] }, { - "uuid": "4ebbd487-1572-4bf8-9fc2-80f7badae87e", + "uuid": "72054d73-02f8-45c7-a4bd-5c08bef5f7c2", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -5725,7 +5701,7 @@ ] }, { - "uuid": "b63acfeb-04dc-47e7-9f3e-fe9df20c7750", + "uuid": "da4a0bde-bf95-471d-a057-1956eff7a9ea", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -5742,7 +5718,7 @@ ] }, { - "uuid": "7226ae45-b0ca-4e66-97db-25f0fa4ad80e", + "uuid": "fdfa696e-c3d4-41db-a6f3-4a67bf69595d", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -5759,7 +5735,7 @@ ] }, { - "uuid": "9cfdef34-fbb4-4112-afa1-38aff32331c2", + "uuid": "c8804813-5f9e-4f41-82d7-a12131ef37e4", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -5776,7 +5752,7 @@ ] }, { - "uuid": "a7849b0c-66d0-45fd-8004-8a8a294c2f2b", + "uuid": "3764d57f-1696-439e-bef5-63023714f38a", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -5793,7 +5769,7 @@ ] }, { - "uuid": "da49cf76-28eb-4234-9959-2b015aeeb29f", + "uuid": "cf4842e1-d9b9-41d2-84d5-c5f6f07fc2ff", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -5806,7 +5782,7 @@ ] }, { - "uuid": "17c7f713-2c46-42b5-955b-0d6867b8e50d", + "uuid": "2c43f241-bc01-435c-881a-9682a422c45d", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -5823,7 +5799,7 @@ ] }, { - "uuid": "e74688e9-17e3-475e-8970-60a5010d63d5", + "uuid": "a166e54b-1eb1-43df-970e-8b5a3d35427e", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -5836,7 +5812,7 @@ ] }, { - "uuid": "620761ef-47c5-47b9-a708-f68b976be384", + "uuid": "55f33b29-5f0b-46ea-b6cc-93960b141da6", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -5849,7 +5825,7 @@ ] }, { - "uuid": "4517a612-ad61-43d8-aa69-9601f756e484", + "uuid": "cd0ce936-ed33-4afd-b624-aa788bdc9ea5", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -5866,7 +5842,7 @@ ] }, { - "uuid": "048291c7-50e1-4e0a-be47-63f4e51b6d20", + "uuid": "b54227c5-34d0-4bb0-ac40-0bca660301c9", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -5883,7 +5859,7 @@ ] }, { - "uuid": "8e37922a-f692-4e6c-b87d-a34c9201f8e3", + "uuid": "dd89b374-6e71-4dee-9e40-8be138808ad7", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -5900,7 +5876,7 @@ ] }, { - "uuid": "06072c03-2a7e-411b-826a-849744c55a2c", + "uuid": "b189c490-36f8-4d16-aa97-dd6f42b05cdf", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -5917,7 +5893,7 @@ ] }, { - "uuid": "185bc6cc-7120-4981-ae82-f01563358190", + "uuid": "7cf75177-f03d-4b5d-b6ac-9c1ef00c34b3", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -5934,7 +5910,7 @@ ] }, { - "uuid": "f6048e93-82e7-4710-8938-2f99487309fd", + "uuid": "eb40ab27-6d94-43be-b67f-38a6200fde1f", "control-id": "cis_rhel10_1-3.1.8", "description": "No notes for control-id 1.3.1.8.", "props": [ @@ -5951,7 +5927,7 @@ ] }, { - "uuid": "3e51f553-94cc-4cd2-899f-d97db357c416", + "uuid": "bf469399-c2b3-42d9-9907-c523d73680ec", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -5968,50 +5944,34 @@ ] }, { - "uuid": "c9f53417-18bb-470b-b20f-7bbc7a4a5fb5", + "uuid": "773882f6-3320-45f1-b2d0-0c92653009f8", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "4041a638-4e1d-46fd-8c98-458109d101cd", + "uuid": "cc636ad3-09bf-4adb-94d1-7e0340216166", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -6028,7 +5988,7 @@ ] }, { - "uuid": "f630047b-0828-4fca-a12d-0fdd8078c06d", + "uuid": "074ae312-f5cc-40f3-82ad-bc0c04935bb3", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -6045,7 +6005,7 @@ ] }, { - "uuid": "d3496bef-15ff-4337-95e3-7aa68384be2a", + "uuid": "2a8f3a6b-52d6-4745-9b47-b8e9e5bec820", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -6062,7 +6022,7 @@ ] }, { - "uuid": "748450c3-ad9b-4905-a915-fd1fb09ffc3c", + "uuid": "1a924199-bba4-4a47-8f1e-845adb325a03", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -6079,7 +6039,7 @@ ] }, { - "uuid": "8204e5db-c7b4-4bf0-8d05-57977dd77817", + "uuid": "b9cb4805-eec3-4e00-9e68-ced8bccd2b25", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -6096,7 +6056,7 @@ ] }, { - "uuid": "96269e82-11b5-4c63-b0cc-3cb53727e5a2", + "uuid": "1d0acdc0-3df2-4a78-9e79-b794579bec64", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -6113,7 +6073,7 @@ ] }, { - "uuid": "0e4c2c59-9c6a-420d-8d57-cb9e2fd3a1ff", + "uuid": "31ce1d97-2d64-4eb4-8e58-aa22e78b58c9", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -6130,7 +6090,7 @@ ] }, { - "uuid": "66370a0b-95b6-4bbc-964f-7e3936890b8e", + "uuid": "9f9f25ab-c5c2-4906-a8f7-04c7e8407719", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -6147,7 +6107,7 @@ ] }, { - "uuid": "0a6b1e48-eeb7-4692-a828-eebd5abf631b", + "uuid": "f64ca893-c717-4cbd-9fd2-66f2bde8fcda", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -6164,7 +6124,7 @@ ] }, { - "uuid": "443b3c47-256f-4d61-a5ad-a007d4c7b0cf", + "uuid": "84b1f82a-64ea-4f53-a6ce-0fc62d4e164e", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -6181,7 +6141,7 @@ ] }, { - "uuid": "50a266f2-f39c-4c52-8a6b-4ecce1fbfb4f", + "uuid": "ea0cfa1b-93b6-44d5-b0ad-e5f684fbe4af", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -6198,7 +6158,7 @@ ] }, { - "uuid": "d9857532-6ccb-4c2e-b75c-e32ab9397000", + "uuid": "f0e67c19-95e3-453e-b5a4-8bb04e46953a", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -6215,7 +6175,7 @@ ] }, { - "uuid": "e7e8b21a-c436-498a-b481-c5330de7f8f6", + "uuid": "a457532a-4fba-44ec-b412-be6274cf6b0b", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -6232,7 +6192,7 @@ ] }, { - "uuid": "0ce9baf9-d0e0-431c-a05a-cc04d1fa5e6d", + "uuid": "2e9a7c81-b053-4d35-b610-d2c071eef2b2", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -6249,7 +6209,7 @@ ] }, { - "uuid": "255cee0a-de55-4eb6-83a1-a789d4e10433", + "uuid": "d7d3da52-3712-4f1e-b2d6-e30cdb880ad6", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -6266,7 +6226,7 @@ ] }, { - "uuid": "c925c737-19c2-4a92-b013-dd409c7f0c25", + "uuid": "913d7045-b533-4adc-a398-b69bf30e070a", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -6283,7 +6243,7 @@ ] }, { - "uuid": "bb1a7bbe-8542-4194-ac0d-92930e5a5c87", + "uuid": "a5b44cbf-ad00-494b-b148-79d22a770ef5", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -6310,7 +6270,7 @@ ] }, { - "uuid": "47313244-2926-418c-b904-f1c2cb603bdb", + "uuid": "a2fce26f-7674-4b8a-a2c8-149123486afb", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -6337,7 +6297,7 @@ ] }, { - "uuid": "5d898067-084d-4d93-a2e1-f90b6857d78d", + "uuid": "92205dd2-4176-4f9a-976e-3202d238eeca", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -6364,7 +6324,7 @@ ] }, { - "uuid": "8312fbc5-e02c-4af4-b799-df2e8a76ef11", + "uuid": "711848f0-e377-4893-bc73-c3af5f598362", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -6386,7 +6346,7 @@ ] }, { - "uuid": "c64c3f3e-8590-41a0-b694-99586c407d1b", + "uuid": "4d9cce8a-bc99-40a2-a73e-661c7b30ca79", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -6403,7 +6363,7 @@ ] }, { - "uuid": "1e4a46f3-44bf-4bd7-b2da-c9786f58c993", + "uuid": "b3df9eff-4b49-4240-8431-de0fe4255371", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -6435,7 +6395,7 @@ ] }, { - "uuid": "f3ba5cad-3b28-4c7c-b20d-28b67d2cd630", + "uuid": "0b84c14d-6309-464b-a914-60eb034c2e31", "control-id": "cis_rhel10_1-8.4", "description": "No notes for control-id 1.8.4.", "props": [ @@ -6457,7 +6417,7 @@ ] }, { - "uuid": "163e601c-9fc6-43e3-8271-5f07868a2f4e", + "uuid": "dd4c344a-249a-41b5-83b0-9a666d998e22", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -6474,7 +6434,7 @@ ] }, { - "uuid": "fb65d6f9-6d5c-4819-a31c-0c7eeaab4e62", + "uuid": "d021abb6-4eea-41d6-a802-3c9e6ebcf8f8", "control-id": "cis_rhel10_2-1.1", "description": "No notes for control-id 2.1.1.", "props": [ @@ -6491,7 +6451,7 @@ ] }, { - "uuid": "a90d1d27-38f4-4875-958c-720390ef57d2", + "uuid": "3fa4b08a-18bd-4ab2-9259-4e7c8dc2593d", "control-id": "cis_rhel10_2-1.2", "description": "No notes for control-id 2.1.2.", "props": [ @@ -6508,7 +6468,7 @@ ] }, { - "uuid": "d2c7e04a-25bc-4f53-a90a-92ca2d2bf64d", + "uuid": "1a7edd01-c5ac-46f9-9f2c-b417f273cd5a", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -6525,7 +6485,7 @@ ] }, { - "uuid": "b7aa9a47-98d4-4d1f-8339-c3153826e9b7", + "uuid": "d76acd68-5c00-4292-9cec-eb010ea3d39a", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -6542,7 +6502,7 @@ ] }, { - "uuid": "ca10a416-1a49-4448-8869-6d0676c25423", + "uuid": "97c75ce2-77e6-4978-af97-1adb4b1a8fe0", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -6559,7 +6519,7 @@ ] }, { - "uuid": "4a094d24-0675-4871-b875-533e3a5c6763", + "uuid": "dd62c635-927c-4c24-b8ea-13f1570e5ce2", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -6576,7 +6536,7 @@ ] }, { - "uuid": "ada2af68-85e3-46b1-b491-8b6eea8d47e2", + "uuid": "0d04bc48-4c96-4e7e-99b8-49888d4346ee", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -6598,7 +6558,7 @@ ] }, { - "uuid": "4a3a371b-d38a-44d3-babc-b042812a3fd9", + "uuid": "f4c02119-5200-4e90-aaf6-c89e207836b6", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -6615,7 +6575,7 @@ ] }, { - "uuid": "ffbb2fc7-50d0-4a31-8ce9-25d488c0ad84", + "uuid": "395cd55e-8d6b-4771-9834-a558108c50e0", "control-id": "cis_rhel10_2-1.10", "description": "No notes for control-id 2.1.10.", "props": [ @@ -6632,7 +6592,7 @@ ] }, { - "uuid": "f4023e20-1877-4b0b-9cdc-4f7436907b1c", + "uuid": "60936ae7-0147-4ea9-b585-8003a83ed488", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -6649,7 +6609,7 @@ ] }, { - "uuid": "0d58dde8-70a8-45b3-bff8-46eeb30a2e03", + "uuid": "cca80de2-5894-4886-908a-1ed71e0169c1", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -6666,7 +6626,7 @@ ] }, { - "uuid": "d73eaac2-f7fd-4a18-9b78-0fe3d48767c8", + "uuid": "35730f49-c03b-4202-b5f8-cd8db86d4c48", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -6683,7 +6643,7 @@ ] }, { - "uuid": "687f1937-4769-43ab-939c-aa2ad07f9ffe", + "uuid": "37cffd59-6f35-4bf1-b014-27373a9c3351", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -6700,7 +6660,7 @@ ] }, { - "uuid": "71ca6611-b026-4709-a00a-154bb388e7d8", + "uuid": "984c2e67-cf74-48af-a635-ced579cdb54f", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -6717,7 +6677,7 @@ ] }, { - "uuid": "9a04d6a4-c09a-4bb7-ba76-8f8d4bd5a452", + "uuid": "be8048a3-aae8-438d-9126-cb1c7f5ffa75", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -6734,7 +6694,7 @@ ] }, { - "uuid": "9be41eed-e8cc-400a-a139-74f82a1a0ecd", + "uuid": "c4c2bc5a-2399-40f6-9786-c0e7f5c0af31", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -6751,7 +6711,7 @@ ] }, { - "uuid": "7f06ea70-85db-421e-83b6-7b4026897b21", + "uuid": "7e6a12b4-90d0-4217-bdcf-4d156f09c6e7", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -6773,7 +6733,7 @@ ] }, { - "uuid": "cc3bbb1a-7cef-45c0-85ee-c1ba1e2526aa", + "uuid": "9610bcb9-7939-44d9-9dbe-8db998400dce", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -6795,7 +6755,7 @@ ] }, { - "uuid": "71647a0b-6077-44c3-9119-99d03c33c4e5", + "uuid": "35d9ef66-1240-408a-9b5d-dc07b727b6f3", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -6808,7 +6768,7 @@ ] }, { - "uuid": "bab66ebd-ac30-496c-b25f-73a5572e37e2", + "uuid": "d08c99bb-6dc2-4629-858d-22fad7932ae0", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -6825,7 +6785,7 @@ ] }, { - "uuid": "63280026-c0c4-4057-9d0a-9333e551921b", + "uuid": "e2c56b09-0196-4afa-8550-63c49e52f824", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -6842,7 +6802,7 @@ ] }, { - "uuid": "18660248-6339-44b1-9938-d1205ea82114", + "uuid": "b99e775a-b267-4689-b74b-c73c4ff759ad", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -6859,7 +6819,7 @@ ] }, { - "uuid": "5587a7f1-c77e-4bb5-b9e8-57888d6961a2", + "uuid": "f076a2d8-b753-4215-ae28-0778299e76f1", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -6871,7 +6831,7 @@ ] }, { - "uuid": "c4e06dc5-63b9-486b-b4e4-1cbef04f755c", + "uuid": "e4f672a4-0caf-4793-a2dc-d437fdeaf5b2", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -6888,7 +6848,7 @@ ] }, { - "uuid": "67332a59-199d-4ed7-9315-f884d8959e3e", + "uuid": "f1ec17d0-4b6c-4988-8323-6609f93f4535", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -6905,7 +6865,7 @@ ] }, { - "uuid": "8ef02a83-2a00-4394-a4ca-d37658cbc7ae", + "uuid": "8b26039a-ca80-47b4-997b-e3022995abfb", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -6927,7 +6887,7 @@ ] }, { - "uuid": "882e2d2c-3ef2-4230-a68b-1a67d5282fd5", + "uuid": "45c8e102-9814-4a80-8c99-ec950e2d2a75", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -6954,7 +6914,7 @@ ] }, { - "uuid": "32986d7b-7be3-498e-aee3-2f97f032b55b", + "uuid": "ebe9621c-a8f9-4459-a4e7-2840a80d1c1b", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -6981,7 +6941,7 @@ ] }, { - "uuid": "4069c4cf-9549-495c-befb-25b0de929bdb", + "uuid": "9fefd85d-22de-4061-a535-a0c7c0c4babf", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -7008,7 +6968,7 @@ ] }, { - "uuid": "222c2b76-a138-40de-97d9-0a177f3f97e3", + "uuid": "67c718e2-dfb0-48d7-b603-6e532a6e90ef", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -7035,7 +6995,7 @@ ] }, { - "uuid": "2a43ce8f-88c6-4ab6-8c69-6b03edb9672c", + "uuid": "7f87474c-9bce-4c4e-ae7c-56a2449d91be", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -7062,7 +7022,7 @@ ] }, { - "uuid": "65bd6f4f-6113-4e94-832f-657816c82dfc", + "uuid": "050d1925-832d-4bd2-a4f0-b092545cdfb8", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -7089,7 +7049,7 @@ ] }, { - "uuid": "8422792e-32fd-4ae2-a4da-e55c1e4d050b", + "uuid": "24464798-cb38-4c93-8616-6a121102d358", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -7116,7 +7076,7 @@ ] }, { - "uuid": "ef3e9ca2-f629-4700-8660-ff97646c0098", + "uuid": "1625f9a0-3950-4f3c-b29c-6c6007d9fabe", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -7153,7 +7113,7 @@ ] }, { - "uuid": "7acf98ae-3dc3-44da-a3df-06f77bd84400", + "uuid": "8539d515-f5c8-44de-b900-bcdb5446afad", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -7190,7 +7150,7 @@ ] }, { - "uuid": "f5902c2c-c715-4d1c-a3d4-cad10ce50486", + "uuid": "bbbe780d-6b21-496b-902e-2fc135a7ed18", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -7203,7 +7163,7 @@ ] }, { - "uuid": "f253dd51-cd32-467d-825e-6e2b7fcc7c90", + "uuid": "0cdf58f4-7b62-479b-8570-5c6de3a5be74", "control-id": "cis_rhel10_3-1.2", "description": "No notes for control-id 3.1.2.", "props": [ @@ -7220,7 +7180,7 @@ ] }, { - "uuid": "6c0db5a2-2c7b-40d2-beae-a4c8aaece461", + "uuid": "3e3b5e75-6b09-40c4-bb31-ec6579ade76b", "control-id": "cis_rhel10_3-1.3", "description": "No notes for control-id 3.1.3.", "props": [ @@ -7237,7 +7197,7 @@ ] }, { - "uuid": "04c66959-afe1-4369-ba11-8596c7806e3e", + "uuid": "25a9967c-6f6b-478b-b610-63cde94a90c1", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -7254,7 +7214,7 @@ ] }, { - "uuid": "10100e31-ed04-4768-bf08-1a023cc5fdef", + "uuid": "dd532042-fa5b-4774-b9ea-879e222f45ef", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -7271,7 +7231,7 @@ ] }, { - "uuid": "d04f8281-af96-4ce5-b14e-9b34fd7df0a3", + "uuid": "c7b9f8e1-5a4a-4de2-b599-bf8037ef36bf", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -7288,7 +7248,7 @@ ] }, { - "uuid": "c8deca2a-ba0d-4142-aef6-308f65ba4543", + "uuid": "381e7471-6295-4f35-878f-6c3c14e40bb3", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -7305,7 +7265,7 @@ ] }, { - "uuid": "252f409f-619e-4cdf-b038-c83d15ad0621", + "uuid": "005ac944-8174-4076-bd66-8172f7104152", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -7322,7 +7282,7 @@ ] }, { - "uuid": "5dccba80-7498-490b-b11b-46af994ae444", + "uuid": "8584908b-e0aa-4c67-a3c4-2681df1ddc76", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -7339,7 +7299,7 @@ ] }, { - "uuid": "ddbfbb1f-72cf-4bf7-8063-bf822de345fb", + "uuid": "e0f2f99b-c51f-4c47-9238-095f0a8d88be", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -7356,7 +7316,7 @@ ] }, { - "uuid": "ae3b4e0b-3fea-4836-8882-b4c8004b89f6", + "uuid": "e8e07044-90ce-46d0-8dd7-cf884d6b4f31", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -7373,7 +7333,7 @@ ] }, { - "uuid": "0a25e2b4-8bc3-40dd-a2e7-28997e2a9dcf", + "uuid": "dc97f925-dca9-47f4-99ff-470554189714", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -7390,7 +7350,7 @@ ] }, { - "uuid": "abe8347e-605c-4bdd-8658-a98bfe20298b", + "uuid": "d8305c8b-d23e-4d40-b090-143e90abe325", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -7407,7 +7367,7 @@ ] }, { - "uuid": "ae9f5c32-ca0d-45f0-8f3b-974ef4ccfa39", + "uuid": "7d3bd5fd-c739-4233-9de6-f33145ee433c", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -7424,7 +7384,7 @@ ] }, { - "uuid": "5f29b827-1c12-4545-9fcf-66b72821c72d", + "uuid": "06031581-5d41-4af6-ab52-83cac9f7f76e", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -7441,7 +7401,7 @@ ] }, { - "uuid": "ae4d1ddc-a15e-413c-8d9b-3ba9d9d05a8b", + "uuid": "ad53dbdc-f9d7-42b1-ab83-b20b148f7fbc", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -7458,7 +7418,7 @@ ] }, { - "uuid": "ded012a1-6642-4a6c-b612-ef9018833801", + "uuid": "71cc4e14-344d-4b5c-bd10-c9433b18abfe", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -7475,7 +7435,7 @@ ] }, { - "uuid": "323c0ce5-c156-4b05-8918-cc551029bb80", + "uuid": "8016ee61-9f52-43eb-bbb6-a9b0f98d43a2", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -7492,7 +7452,7 @@ ] }, { - "uuid": "8ed5c31a-6989-48f9-8585-0c41860585a4", + "uuid": "a62bc02f-64e3-4119-b03d-f70afbb53e57", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -7509,7 +7469,7 @@ ] }, { - "uuid": "2fbdcb3e-9f6b-4fb1-9a32-addd7aaba758", + "uuid": "ac9fecb3-09d1-430f-a8c0-650bb013e696", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -7526,7 +7486,7 @@ ] }, { - "uuid": "d212c30b-a76f-4d43-86c2-a64e16173744", + "uuid": "5468bbd1-1270-42dd-8f89-d00a35b18559", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -7543,7 +7503,7 @@ ] }, { - "uuid": "a82440ed-1524-4c4d-9c69-042b2d35094d", + "uuid": "0536b0be-c3df-4c7e-abae-e993e0ca2f7d", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -7560,7 +7520,7 @@ ] }, { - "uuid": "60056312-313d-4fea-bb0c-8301f8bf5a2c", + "uuid": "43211110-a674-4236-9467-b003cffc7d35", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -7577,7 +7537,7 @@ ] }, { - "uuid": "ac67d2eb-f7c6-41a2-adaf-6e87167e0b1f", + "uuid": "3e8dfb1f-d919-415e-95b6-85777bdcfade", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -7594,7 +7554,7 @@ ] }, { - "uuid": "abb345c6-d5c4-41e9-9572-66c808285e41", + "uuid": "2be7bb07-ac47-4908-825e-b78f9b231047", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -7611,7 +7571,7 @@ ] }, { - "uuid": "afb95ea0-131b-48bd-b993-ce9a1701f399", + "uuid": "165b8119-e729-41d9-b668-e8297afd9898", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -7628,7 +7588,7 @@ ] }, { - "uuid": "e725b7a3-6f8d-484f-9334-6720a0cf6fdf", + "uuid": "fff3edd4-55a8-4872-ad41-a664f81fa59d", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -7645,7 +7605,7 @@ ] }, { - "uuid": "1f4bf183-5e48-4519-96da-db2df6f65570", + "uuid": "12cbdf91-0bcf-47cc-8298-0f9bc6b2603e", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -7662,7 +7622,7 @@ ] }, { - "uuid": "b2198733-ce6c-412c-83ff-29e681f50a2c", + "uuid": "210ea33b-18bf-4023-8527-df4a4af193db", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -7679,7 +7639,7 @@ ] }, { - "uuid": "4d08f7e7-16b7-4c01-bad3-94bcd1958575", + "uuid": "2b55afaa-3d6e-4260-8049-d4941f85be21", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -7696,7 +7656,7 @@ ] }, { - "uuid": "e436ebad-8965-4a1f-bf5b-989f4909c0d3", + "uuid": "46202202-3579-4c86-a9b6-2be4a5f1b857", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -7713,7 +7673,7 @@ ] }, { - "uuid": "ae761256-8130-4dfc-aae2-e7937911b127", + "uuid": "2b0007cf-80f3-40a0-8711-0e4845eb64c0", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -7730,7 +7690,7 @@ ] }, { - "uuid": "f835f639-949e-4cec-9f16-bd611b047e88", + "uuid": "4451952a-e50a-48cf-81ac-072535af626b", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -7747,7 +7707,7 @@ ] }, { - "uuid": "f90357ef-8783-4acd-84e3-9d9691b100e9", + "uuid": "c64cfa99-c360-42dd-9cce-c82e54999d27", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -7764,7 +7724,7 @@ ] }, { - "uuid": "7a2614fd-7c0c-488b-8a95-4a6ed262b5a0", + "uuid": "7b758b84-e0c8-4a18-b363-11828c749d8e", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -7781,7 +7741,7 @@ ] }, { - "uuid": "61d4a3a5-55fd-4b57-985f-dc1e29fee911", + "uuid": "bce05516-702d-4c2a-8aed-94dedfd97f38", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -7798,7 +7758,7 @@ ] }, { - "uuid": "51f9b1d9-908b-4444-ad78-1c018a1576e8", + "uuid": "bb7a3ad4-319b-4355-9278-ada03dfecc89", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -7815,7 +7775,7 @@ ] }, { - "uuid": "7dd9f4e9-b220-4796-96bb-e5e8d0af59e2", + "uuid": "77c4adf1-499d-4de8-a09c-4276fab1af13", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -7823,12 +7783,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "2064b7bb-382c-4cfc-858d-806423c9ffc9", + "uuid": "1a368d0c-5331-49c2-bbc6-ec0788dee7c6", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -7845,7 +7805,7 @@ ] }, { - "uuid": "068c52a1-7da9-4c94-a8a0-03113a9979fa", + "uuid": "33a45dd9-44e8-4bc3-b716-fe76e3e47d73", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -7858,7 +7818,7 @@ ] }, { - "uuid": "347544b4-ec39-457d-ba83-7a37a8e0fb71", + "uuid": "8512f021-07ef-48be-91c4-cb5341aada83", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -7871,7 +7831,7 @@ ] }, { - "uuid": "cc278a42-27ad-4f25-8174-739d88514f59", + "uuid": "1e61222f-6c58-4b43-ac63-080bc4696c28", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -7928,7 +7888,7 @@ ] }, { - "uuid": "8ebde704-776e-4d8e-a3da-2a9131ac0250", + "uuid": "22d87de1-7051-492f-ba8d-97be53b754dd", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -7955,7 +7915,7 @@ ] }, { - "uuid": "a501a884-c9f2-411d-b479-b1804125137c", + "uuid": "616ab185-09ca-4f80-a51f-495662c26218", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -7982,7 +7942,7 @@ ] }, { - "uuid": "0f6afc12-059e-4a9c-8a15-9e022fb4a2cf", + "uuid": "57e9cf58-d9ea-4f39-9fed-d731dcd27e0e", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -7999,7 +7959,7 @@ ] }, { - "uuid": "d2f80a82-a619-43a7-808c-99180208e1e3", + "uuid": "c9fc6ad7-f990-4eb9-a4f2-3d9f2c261c47", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -8016,7 +7976,7 @@ ] }, { - "uuid": "4645f293-0f0a-4e11-86e7-5730ac126005", + "uuid": "e2d33a7c-1720-4585-9ebe-cbb1224085dc", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -8033,7 +7993,7 @@ ] }, { - "uuid": "0d8d249d-4ae7-4f0c-a422-3cbb8ebffdff", + "uuid": "c9d0f74b-4105-49e2-aafb-474f5ea2e639", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -8055,7 +8015,7 @@ ] }, { - "uuid": "d5b36822-7868-4c28-a125-4f544122e2fd", + "uuid": "1835e118-a7c7-4c44-8592-3797019971cf", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -8072,7 +8032,7 @@ ] }, { - "uuid": "ad3f4b23-0cc2-4203-bcf5-5f2f1f1db02c", + "uuid": "5884e1c5-34cb-4996-b2e8-f2d58ae8b35f", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -8089,7 +8049,7 @@ ] }, { - "uuid": "511f39f0-6202-4076-ae47-142b3559b9bb", + "uuid": "a3565da7-e374-41d6-b68c-0bb13df698ff", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -8107,7 +8067,7 @@ ] }, { - "uuid": "52b46a19-9dab-4316-980b-a50e966db5a8", + "uuid": "eaa6e34a-2c65-4c89-a503-db1c2b06ed9f", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -8124,7 +8084,7 @@ ] }, { - "uuid": "292d2ff3-0d30-43a9-95de-d85bb895afb1", + "uuid": "7199b645-74ff-481d-b33c-665ea549ae2a", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -8141,7 +8101,7 @@ ] }, { - "uuid": "1f32fc26-e03a-4d88-a5a4-57574db30b82", + "uuid": "de429ffd-206a-4ded-b7ca-c1548339ee21", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -8158,7 +8118,7 @@ ] }, { - "uuid": "010d0bbc-06c9-40a0-842b-c59e17552588", + "uuid": "cfd4d93c-147c-4d25-a2a9-0bc1c33f7ca8", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -8175,7 +8135,7 @@ ] }, { - "uuid": "f0cb4e45-2c6c-4468-950e-b0c1e6b463a3", + "uuid": "5918d6fc-6711-4afd-b4d3-326f9faf6e59", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -8192,7 +8152,7 @@ ] }, { - "uuid": "aaf769ca-f0f3-424e-b81b-3d2253494759", + "uuid": "308e67ee-5565-440f-b37f-9963611a7870", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -8209,7 +8169,7 @@ ] }, { - "uuid": "7d6f00c3-36dd-419e-90ef-d6d2d6ace27e", + "uuid": "0b2762b9-568a-4964-bcf2-5d524da92b16", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -8226,7 +8186,7 @@ ] }, { - "uuid": "f62d9137-977b-4dce-9005-d9b5f3414608", + "uuid": "e67d1253-d73a-49e1-82c8-59ede527cf7d", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -8243,7 +8203,7 @@ ] }, { - "uuid": "a7550ff3-46fa-483c-bd6a-0afc2b5b55d3", + "uuid": "f926bdd7-10d1-42b9-9a89-852724807074", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -8260,7 +8220,7 @@ ] }, { - "uuid": "9e97d252-0ab8-42bc-84c8-4c125fb2bde8", + "uuid": "6ef70ad5-af3e-4fa8-89ec-f2ee56444e1b", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -8277,7 +8237,7 @@ ] }, { - "uuid": "4245d405-0486-4011-87ed-e01f1c9e40b2", + "uuid": "5a65aeaf-5e99-439c-9c96-b4b01ddf2ed8", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -8294,7 +8254,7 @@ ] }, { - "uuid": "5a0fa689-c6c6-4080-962a-40e409bb1d25", + "uuid": "962bbb5d-fd75-4e0f-8291-a606b70c865b", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -8311,7 +8271,7 @@ ] }, { - "uuid": "907546d5-3f6f-4feb-bc32-04920946c5b5", + "uuid": "541cc235-7d11-4031-9f2b-ab79c64367ca", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -8328,7 +8288,7 @@ ] }, { - "uuid": "e5c47df9-cfa0-4705-b0a4-38bb6f1eaf5d", + "uuid": "36ac0f28-39a7-4aa5-a94a-5c2abe57f908", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -8345,7 +8305,7 @@ ] }, { - "uuid": "e6385f7c-8b14-44d7-b920-dee0f3056bf2", + "uuid": "02f9329b-a21f-4838-b8e9-c30d87ef69ad", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -8362,7 +8322,7 @@ ] }, { - "uuid": "a1674b99-7d6e-40f6-ac94-6fc32f7db059", + "uuid": "3287f020-74a3-4cb6-8b12-1b79d1a3b41d", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -8384,7 +8344,7 @@ ] }, { - "uuid": "a23a16ec-e04c-4b63-aad7-dd791116ced1", + "uuid": "c32113a8-a601-40d8-9a94-fd19087d7485", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -8396,7 +8356,7 @@ ] }, { - "uuid": "7ef4f120-3da2-47cc-be99-24a4c5ff620c", + "uuid": "cc87695a-6215-4673-8f8f-3698bba54e3a", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -8418,7 +8378,7 @@ ] }, { - "uuid": "571dbfb2-94c8-438f-9577-269785a7fd9f", + "uuid": "75f1b8ae-24fa-408a-aec3-c7e2fb4f8444", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -8445,7 +8405,7 @@ ] }, { - "uuid": "15fcb8da-bf2d-4078-a954-57e77cc22280", + "uuid": "2364b1a0-9dc4-4576-818c-efda2627eed6", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -8457,7 +8417,7 @@ ] }, { - "uuid": "3f1a7cf3-c6d8-402e-81d6-ea980b946300", + "uuid": "61cbd0ac-314b-47ec-a320-6456c1e4dee1", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -8474,7 +8434,7 @@ ] }, { - "uuid": "8cc2164b-229c-41dd-ba69-b03090623b48", + "uuid": "cae7a835-4cd3-4a81-b3f5-ffcf8bfd521f", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -8491,7 +8451,7 @@ ] }, { - "uuid": "0931863a-f961-48ef-a8e6-289b3f88a628", + "uuid": "685f721e-a150-4cda-9c19-7c51b7f310b4", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -8508,7 +8468,7 @@ ] }, { - "uuid": "1b4eaebc-dd20-4bac-b0e0-857b42a73c8c", + "uuid": "98a3aa32-4ab0-47c4-9729-458e909f8db0", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -8525,7 +8485,7 @@ ] }, { - "uuid": "f2b2cee1-9363-4438-b2d5-d567d26e687d", + "uuid": "00fd7c95-1c90-401e-8bd1-2b33409dfcb4", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -8542,7 +8502,7 @@ ] }, { - "uuid": "ffcada48-2a76-4b0b-a34b-e8b31e869afc", + "uuid": "7a021e8a-5c20-4df0-ba6c-25a6fa6c61a5", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -8559,7 +8519,7 @@ ] }, { - "uuid": "75a4d8d7-ac30-442d-b168-d09bd9bce022", + "uuid": "38d3cd64-4862-4be7-93a2-61e8325a6bc8", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -8576,7 +8536,7 @@ ] }, { - "uuid": "9d6d0315-c53f-4e0a-9a7d-bc3ba4cef627", + "uuid": "fc16998a-6575-4969-8cae-43e5e9ff601b", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -8593,7 +8553,7 @@ ] }, { - "uuid": "0c273ef4-cac0-4841-929d-b47f6b2aa940", + "uuid": "c28ad803-a8e5-40fb-9202-fe1b0dddbdce", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -8610,7 +8570,7 @@ ] }, { - "uuid": "0a83ce6b-45bc-4d9b-8d76-2dae28fccef5", + "uuid": "cf21c41d-d50c-47ba-9289-394155b45a5d", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -8627,7 +8587,7 @@ ] }, { - "uuid": "a265f80d-6a0a-474e-a231-2c28832b43d7", + "uuid": "db7aa63a-2416-461c-8fed-de068bcaffb5", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -8649,7 +8609,7 @@ ] }, { - "uuid": "d0b3e15a-74a7-4142-abde-0c637ea1348d", + "uuid": "d0060417-f996-4f01-b291-096012427f44", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -8666,7 +8626,7 @@ ] }, { - "uuid": "6828c6cf-4bc0-4316-8c99-aa7b473730a1", + "uuid": "ddbef876-d56b-4dc0-8259-f4a4e32713e7", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -8683,7 +8643,7 @@ ] }, { - "uuid": "12aa89a2-2e18-4d26-856a-9d48c91ef79a", + "uuid": "1c9876ed-a08e-4c56-81d4-9a000a37563e", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -8700,7 +8660,7 @@ ] }, { - "uuid": "054a4457-870f-4846-85a5-b4a8cfaa7584", + "uuid": "6285585d-3398-4ad0-8f51-2c806ac5b748", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -8717,7 +8677,7 @@ ] }, { - "uuid": "0b3edd47-7a72-4469-9b06-0d431258d5c3", + "uuid": "9a607215-355d-4164-9a3b-20de728eb625", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -8739,7 +8699,7 @@ ] }, { - "uuid": "538b0729-ca57-4732-917e-e9e04d60b787", + "uuid": "1885135e-e196-43b6-aac7-02d7bcd1ce2b", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -8756,7 +8716,7 @@ ] }, { - "uuid": "476147f6-23d4-47c2-97d1-7d46c8a7b891", + "uuid": "2bb05f78-a826-4431-89ee-b6e8b9694d8d", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -8778,7 +8738,7 @@ ] }, { - "uuid": "a61a201e-f890-4161-b2f3-d25a46cce378", + "uuid": "85e82fba-680a-4e88-a2dc-09add8418923", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -8800,20 +8760,15 @@ ] }, { - "uuid": "8ec2e040-4e74-414d-8fe4-5dc63d623eca", + "uuid": "75bd666d-e463-468c-93d6-802a9b1c136c", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -8822,7 +8777,7 @@ ] }, { - "uuid": "5ffe1739-665a-4f4e-8e90-06b772b28dd8", + "uuid": "13b79e37-0176-4cc9-8eaf-c473a9ecaeef", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -8844,7 +8799,7 @@ ] }, { - "uuid": "03eef250-2474-4634-97ec-31980bf5f713", + "uuid": "4275e8ed-6f54-4bcf-bca4-58ff66fd311a", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -8861,7 +8816,7 @@ ] }, { - "uuid": "409cc13b-58c6-4787-81ec-a0b869188db2", + "uuid": "d846056e-7f1b-492c-a74c-d827af2d16a4", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -8878,7 +8833,7 @@ ] }, { - "uuid": "79b6b646-24e1-4b69-865c-b0f667c40001", + "uuid": "69a66688-7166-4293-9f58-563bb08e7229", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -8895,7 +8850,7 @@ ] }, { - "uuid": "b1a20ee4-961e-4355-8693-b22de177ee5f", + "uuid": "d7b59233-5339-43b7-b210-eb72da80a016", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -8912,7 +8867,7 @@ ] }, { - "uuid": "b3e5b1f2-ae87-44da-ab2b-34b191d9c6d4", + "uuid": "7c9b824f-3203-4247-8312-0beecff0bd08", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -8929,7 +8884,7 @@ ] }, { - "uuid": "01e1dd02-434f-4f4e-b3e9-afbba13d8f99", + "uuid": "1a159744-ebe3-4d0c-8ea0-aeb561c1f4b9", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -8951,7 +8906,7 @@ ] }, { - "uuid": "d122eabe-2898-405e-99bb-6c407a14c2e5", + "uuid": "623c588b-6fa2-42dd-894e-19dc978f610b", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -8968,7 +8923,7 @@ ] }, { - "uuid": "58f58317-0362-4807-a627-6c17a65b0db4", + "uuid": "02c7c511-e1c9-4583-af97-f889c1937a64", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -8990,19 +8945,24 @@ ] }, { - "uuid": "ff8fd5be-ab57-4cb7-8549-67d079a30c48", + "uuid": "80754774-1bdc-4c57-86f1-19dacec98652", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "46193c59-0cb8-40fe-8261-7dd945f5f6e8", + "uuid": "9e5ed00f-6e35-4436-a16d-9c2472335b19", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -9019,7 +8979,7 @@ ] }, { - "uuid": "a48fb8ab-65f6-48c9-8f09-cd80b866c269", + "uuid": "31e431ad-24f5-4b38-928a-c62e7da38141", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -9046,7 +9006,7 @@ ] }, { - "uuid": "d07f1341-0534-4c7a-94b9-2bc91db6aff7", + "uuid": "af37dbd8-ee07-4bd6-b67c-17b0ea266fb7", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -9068,7 +9028,7 @@ ] }, { - "uuid": "7eec4e1a-5911-49c8-b366-2dc2accee6cf", + "uuid": "f4139eeb-2586-472a-81ef-a1c1057ab458", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -9085,7 +9045,7 @@ ] }, { - "uuid": "d9b78f01-ed8a-4d00-b9ee-ef2ede417618", + "uuid": "dcd29f35-d21f-4d0c-9f67-fe56c918c1dd", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -9102,7 +9062,7 @@ ] }, { - "uuid": "a683318f-3587-451d-9c8b-fdba7836dd97", + "uuid": "0d20bc6f-0d51-483a-8ab6-f0d19b0adf56", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -9119,7 +9079,7 @@ ] }, { - "uuid": "4c8cdd1a-02e6-4485-b848-026553863df4", + "uuid": "36babe28-70c0-48bd-ade6-bccff3787653", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -9132,7 +9092,7 @@ ] }, { - "uuid": "fec5fa17-1982-4d21-abca-42da4605f159", + "uuid": "f8e04f80-b516-4a68-8f09-db0428392bea", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -9145,20 +9105,24 @@ ] }, { - "uuid": "b5843a77-e271-4c3d-a49d-4feaab8e40f1", + "uuid": "aad55703-dfb4-4570-9262-ec234add1474", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "5c017407-2843-4291-bf04-1708fd5a91b7", + "uuid": "0afb4d08-f50b-4740-bfd7-8910d6d5da3a", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -9175,7 +9139,7 @@ ] }, { - "uuid": "f2319c0c-5bd5-4a4f-b3c8-769743285c94", + "uuid": "81b591c1-cdc0-4639-9a40-a2e7a607d971", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -9188,7 +9152,7 @@ ] }, { - "uuid": "9000d638-8c86-429e-87fa-5cd702afde3b", + "uuid": "7e06fe24-f5ff-4600-b20d-ac7731febce1", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -9205,7 +9169,7 @@ ] }, { - "uuid": "851b3b65-bd18-408e-aa6c-fbfd56bae51e", + "uuid": "a9ed9a07-680f-45ab-a4bb-0f3f2d7e279a", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -9222,7 +9186,7 @@ ] }, { - "uuid": "57283e69-fe2e-403c-8fb3-dcd19b4956ed", + "uuid": "07948077-4b5c-4e30-be1a-94a11e335e6c", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -9239,7 +9203,7 @@ ] }, { - "uuid": "2c890951-1e05-4201-b852-3dab7819bfc8", + "uuid": "8dbe3f4c-ebb3-437b-8f70-8047f7f3c5a6", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -9256,7 +9220,7 @@ ] }, { - "uuid": "24c5f45d-88b3-47e4-8855-c35241aea5b1", + "uuid": "115358e7-f60c-4574-80e5-7723b87c0cd3", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -9273,7 +9237,7 @@ ] }, { - "uuid": "e0a7c1da-37a9-4049-b520-38bf042031a9", + "uuid": "68e6c3d5-3bd5-4178-bb42-d14908571b6b", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -9285,7 +9249,7 @@ ] }, { - "uuid": "9d71fd21-06f3-427a-8fb7-06626b5eebaa", + "uuid": "1fc81c03-2179-4a3a-b652-bbcfaf359c99", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -9297,7 +9261,7 @@ ] }, { - "uuid": "9ee1f431-5bc5-45d1-a7cb-1b8a16cb5b63", + "uuid": "e251e1cb-2b3a-4559-99e4-9b72f340148d", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -9309,7 +9273,7 @@ ] }, { - "uuid": "ae9468a6-60fd-4230-8a92-ad1b5c02cb1e", + "uuid": "d89eb4d3-916d-45dd-99fa-cff3729eaa7d", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -9321,7 +9285,7 @@ ] }, { - "uuid": "3d3b9248-9344-475c-aad0-2c0bbcf98da6", + "uuid": "63c948f1-52a0-4e61-8d9b-4243d6744d8c", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -9334,7 +9298,7 @@ ] }, { - "uuid": "c6fa0f2a-cd9f-48b2-b549-7befdaaa5274", + "uuid": "474d9579-cf60-47df-8c88-515eab585190", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -9347,7 +9311,7 @@ ] }, { - "uuid": "18e44a7c-be52-4cd6-ab4f-b4e64a51b682", + "uuid": "5261397b-a940-4765-a975-48860289593c", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -9359,7 +9323,7 @@ ] }, { - "uuid": "3673aad0-94f6-44eb-aa89-8b42d911477c", + "uuid": "68fb67a5-4bb8-43ae-8538-d5b6afd1a520", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -9372,7 +9336,7 @@ ] }, { - "uuid": "ca76fd4a-67e0-4419-a07b-1bbfdbe5559d", + "uuid": "0297126d-93b3-47d3-8870-0940091d78b5", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -9399,7 +9363,7 @@ ] }, { - "uuid": "02cbf894-93ed-4ffb-a1f3-6e224a5ef00d", + "uuid": "9967afd9-1412-4113-892f-d3b28f70ffe2", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -9426,7 +9390,7 @@ ] }, { - "uuid": "52b871b7-2a7b-46e8-8b35-60cbc9b3180f", + "uuid": "4f0b7981-764c-44e8-b8b0-f1ba8ac4266f", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -9453,7 +9417,7 @@ ] }, { - "uuid": "171c8dc7-c9ba-4c86-ad75-73c90734350d", + "uuid": "fc89082a-e324-4e8b-a224-6be3442233c1", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -9480,7 +9444,7 @@ ] }, { - "uuid": "9789e539-0c3b-46e6-a54a-367ca5386c5e", + "uuid": "805f6779-39d7-4c01-ace4-db0dcec96e9a", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -9507,7 +9471,7 @@ ] }, { - "uuid": "07ff23ef-8790-49f8-9f60-9c77c69ac5fe", + "uuid": "070986b5-dbbb-4daa-a413-6a4339e03e28", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -9534,7 +9498,7 @@ ] }, { - "uuid": "81303f1f-668c-4665-bb71-5846c4ab8d3d", + "uuid": "092af746-200a-44c1-937b-d2154a651932", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -9561,7 +9525,7 @@ ] }, { - "uuid": "e92d4723-35e5-4461-be8b-dfcbe551927c", + "uuid": "e2618589-6a6f-45dc-b75f-deb262db0616", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -9588,7 +9552,7 @@ ] }, { - "uuid": "417fd102-a44e-4c14-8c57-428e831b20dd", + "uuid": "98c71397-028c-4b6a-a1ac-c0d6c02bc79a", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -9615,7 +9579,7 @@ ] }, { - "uuid": "e970aacf-e68c-4fce-a6ce-8b0e33505147", + "uuid": "9fe32b09-74e5-44cf-97d8-3fa83356cba6", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -9642,7 +9606,7 @@ ] }, { - "uuid": "2d4c5b3a-2da7-4214-86ba-3f830360ec62", + "uuid": "95839387-55cc-4f17-8cd7-9ac744886234", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -9684,7 +9648,7 @@ ] }, { - "uuid": "8727b370-c206-4f23-bfed-0d70caa5b2a3", + "uuid": "8409eaad-0022-4609-9a8e-6c5914494913", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -9706,7 +9670,7 @@ ] }, { - "uuid": "98e6c156-7cb4-477a-9336-6c01703d97c2", + "uuid": "8b72ed5c-f08f-40af-a2b1-6e0a08029df0", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -9728,7 +9692,7 @@ ] }, { - "uuid": "a33536a6-70c5-41f0-9297-43fcf6ee0a43", + "uuid": "a10bf533-dfe3-4849-845e-0b7a3753aec6", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -9741,7 +9705,7 @@ ] }, { - "uuid": "9a34f9e7-55c2-4da0-bc84-1210dd335220", + "uuid": "0de49c53-9b0e-4cfb-99c6-bfabe2c74372", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -9758,7 +9722,7 @@ ] }, { - "uuid": "a3db1b8d-b439-42cc-bd65-69ed10a2469c", + "uuid": "9be05aaf-6af4-4272-a84c-a3ada2e5ff9b", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -9775,7 +9739,7 @@ ] }, { - "uuid": "07085bb2-4e0e-4b99-a5ea-1219b78f4b0f", + "uuid": "34940517-709e-4b94-8f00-322404de2b29", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -9792,7 +9756,7 @@ ] }, { - "uuid": "d5aac704-a08b-453b-8b77-99d2efa3b629", + "uuid": "9f2cc62a-f35f-443e-ae2c-85d4a802a1c8", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -9809,7 +9773,7 @@ ] }, { - "uuid": "de2a32ed-d30e-4cc9-83f8-85ec9a32d736", + "uuid": "bad96c19-5dce-41a9-8d43-2b9e3cea3681", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -9826,7 +9790,7 @@ ] }, { - "uuid": "761ef1c9-4dcc-4c2a-ab57-971e87d12cd9", + "uuid": "f524c6d6-2508-4c68-b4e8-b086566e1154", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -9843,7 +9807,7 @@ ] }, { - "uuid": "a5e186ff-be55-4232-b461-1a1b66216c2b", + "uuid": "922e8352-0eae-4b1d-a0f1-5be2a12fffb1", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -9860,7 +9824,7 @@ ] }, { - "uuid": "a88198db-8370-4b86-949d-30d95541ddd3", + "uuid": "5bc4a76c-3516-43be-8804-f82481b78456", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -9887,7 +9851,7 @@ ] }, { - "uuid": "6a3064a0-b0a6-4865-a98e-bcb520fb24a4", + "uuid": "bacfbca3-e912-4c8a-ae68-bf87a8c96d96", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ @@ -10671,7 +10635,7 @@ { "name": "Parameter_Value_Alternatives_38", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -10689,7 +10653,7 @@ { "name": "Parameter_Value_Alternatives_39", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -11865,6895 +11829,6847 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_automount", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automounting", "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_automount", "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automounting", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_gnome_disable_automount_open", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Disable GNOME3 Automount Opening", "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_gnome_disable_automount_open", "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Disable GNOME3 Automount Opening", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount", + "value": "service_autofs_disabled", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automounting", + "value": "Disable the Automounter", "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount", + "value": "service_autofs_disabled", "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automounting", + "value": "Disable the Automounter", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount_open", + "value": "service_avahi-daemon_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount Opening", + "value": "Disable Avahi Server Software", "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount_open", + "value": "service_avahi-daemon_disabled", "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount Opening", + "value": "Disable Avahi Server Software", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_kea_removed", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall kea Package", "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_kea_removed", "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall kea Package", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_autofs_disabled", + "value": "package_bind_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the Automounter", + "value": "Uninstall bind Package", "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_autofs_disabled", + "value": "package_bind_removed", "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the Automounter", + "value": "Uninstall bind Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_avahi-daemon_disabled", + "value": "package_dnsmasq_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Avahi Server Software", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_avahi-daemon_disabled", + "value": "package_dnsmasq_removed", "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Avahi Server Software", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_cups_disabled", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable the CUPS Service", "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_cups_disabled", "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable the CUPS Service", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_rsync_removed", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall rsync Package", "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_rsync_removed", "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall rsync Package", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cups_disabled", + "value": "package_samba_removed", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the CUPS Service", + "value": "Uninstall Samba Package", "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cups_disabled", + "value": "package_samba_removed", "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the CUPS Service", + "value": "Uninstall Samba Package", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "wireless_disable_interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "wireless_disable_interfaces", "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "service_bluetooth_disabled", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable Bluetooth Service", "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "service_bluetooth_disabled", "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable Bluetooth Service", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "kernel_module_can_disabled", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Disable CAN Support", "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "kernel_module_can_disabled", "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Disable CAN Support", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_bluetooth_disabled", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Bluetooth Service", + "value": "Disable DCCP Support", "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_bluetooth_disabled", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Bluetooth Service", + "value": "Disable DCCP Support", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "disable_host_auth", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_187" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "disable_host_auth", "remarks": "rule_set_187" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_rhosts", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_rhosts", "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_use_strong_kex", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_use_strong_kex", "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_227" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_227" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_228" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_228" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_229" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_229" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_230" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_230" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_231" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_231" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_232" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_232" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_233" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_233" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_234" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_234" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_235" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_235" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_236" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_236" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_237" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_237" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_238" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_238" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_239" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_239" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_240" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_240" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_241" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_241" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_242" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_242" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_243" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_243" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_244" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_244" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_245" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_245" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_246" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_246" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_247" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_247" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_248" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_248" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_249" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_249" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_250" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_250" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_251" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_251" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_252" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_252" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_253" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_253" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_254" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_254" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_255" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_255" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_256" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_256" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_257" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_257" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_257" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_258" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_258" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_258" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_258" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_259" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_259" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_259" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_259" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_323" + "remarks": "rule_set_321" } ], "control-implementations": [ { - "uuid": "d58124c6-429c-4904-b9cf-e999c1521449", + "uuid": "7cfb076c-9218-4205-94df-95eb210d1dfa", "source": "trestle://profiles/rhel10-cis_rhel10-l1_server/profile.json", "description": "Control implementation for cis_server_l1", "props": [ @@ -18995,13 +18911,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -19109,7 +19025,7 @@ ], "implemented-requirements": [ { - "uuid": "a84b7fce-f41f-4c06-87b2-abc2324ca124", + "uuid": "5b7f80ee-922f-4a3d-8a05-394d866053d7", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -19126,7 +19042,7 @@ ] }, { - "uuid": "7643d25f-eb05-44dc-ba97-b4f0ef1e7e6c", + "uuid": "17d78aff-db92-4d8f-b9f2-3236713706a3", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -19143,7 +19059,7 @@ ] }, { - "uuid": "104475ff-cfbe-4476-bb3e-10702f619a61", + "uuid": "1214ba16-3405-4e82-bf9f-1d24262156a2", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -19160,7 +19076,7 @@ ] }, { - "uuid": "8695e271-cbac-4baf-b1f5-2cf2f0804b1c", + "uuid": "86b5c0c9-8cc9-43df-90e6-3ba829e1a9c2", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -19177,7 +19093,7 @@ ] }, { - "uuid": "3699e791-38a8-4b9e-9cc0-7764db63a9d3", + "uuid": "e7ca054c-83d0-43bd-aca1-85f3e788c40e", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -19194,7 +19110,7 @@ ] }, { - "uuid": "7a850cb6-4c26-4ef1-a1fc-443aeaad1fa3", + "uuid": "e5183b2b-4bae-4ea5-837a-64347d270569", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -19211,7 +19127,7 @@ ] }, { - "uuid": "c70e227e-7c7d-4cad-8556-6a8119a46507", + "uuid": "90e3e1c9-5f6e-4368-ad37-22efda1b4d2d", "control-id": "cis_rhel10_1-1.1.9", "description": "No notes for control-id 1.1.1.9.", "props": [ @@ -19228,7 +19144,7 @@ ] }, { - "uuid": "35f2180a-93c2-46fb-9e07-3e6c0b1b64b8", + "uuid": "4c64ef9d-ffbd-4a20-88cf-23774da49df9", "control-id": "cis_rhel10_1-1.1.10", "description": "No notes for control-id 1.1.1.10.", "props": [ @@ -19245,7 +19161,7 @@ ] }, { - "uuid": "b2cbd635-8f6c-46b3-ba23-28636743f8e1", + "uuid": "5d645bac-3352-491a-b4dd-a6fcd52f9a25", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -19258,7 +19174,7 @@ ] }, { - "uuid": "fe214bcf-5d7e-431f-a898-ba59dd489884", + "uuid": "09e658e8-e426-4d68-9c31-9dc0e08dc848", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -19275,7 +19191,7 @@ ] }, { - "uuid": "8f4c4568-7e52-47c2-bf15-3b046147dc1d", + "uuid": "ae31139c-c509-4d1e-a2ed-b1da94de305e", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -19292,7 +19208,7 @@ ] }, { - "uuid": "fa60955c-ba1c-423d-9ab8-bcc3b2aba999", + "uuid": "3c985f91-4234-4e4b-aba0-ffb4a455aecd", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -19309,7 +19225,7 @@ ] }, { - "uuid": "02252852-55b6-4d3e-a2a1-ceacd577d3cd", + "uuid": "bc0ab7df-1872-4002-aa80-2495ee7a6e16", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -19326,7 +19242,7 @@ ] }, { - "uuid": "fbe0399b-53a0-4610-aab2-4aad77c86793", + "uuid": "bc28dae7-6419-491c-8bc1-f19aea7504c8", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -19343,7 +19259,7 @@ ] }, { - "uuid": "700cbe24-1678-4426-952e-04130877fbcd", + "uuid": "87305e7f-25fe-47b4-918b-5e18f2d04391", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -19360,7 +19276,7 @@ ] }, { - "uuid": "873efada-c062-41c9-b65e-8203e4179dc3", + "uuid": "faad5dfa-6b02-4f37-8526-81fe1e92005a", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -19377,7 +19293,7 @@ ] }, { - "uuid": "fb6aed97-77d8-4fdd-a3b6-23aa31f59f8a", + "uuid": "26a9e8db-0af6-4fea-9b77-0026032ca40c", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -19394,7 +19310,7 @@ ] }, { - "uuid": "820a20cd-a92e-4f47-bb7e-921978e06f0b", + "uuid": "86ba0a65-f23a-4b11-ae8d-10e66d7c3450", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -19411,7 +19327,7 @@ ] }, { - "uuid": "68ac265c-f78a-4419-ab9f-f3a33239a87d", + "uuid": "bae60d71-1db4-4766-98f4-447bd6b55c8a", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -19428,7 +19344,7 @@ ] }, { - "uuid": "e8dcaeb3-dd44-4e9d-b57c-a508916a64a7", + "uuid": "d7823a77-cb07-470c-b61d-bd67b55b0069", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -19445,7 +19361,7 @@ ] }, { - "uuid": "659ed983-20cf-4007-bb94-56faac809d7d", + "uuid": "f0b728c9-0fe5-4de1-ba30-f303dded21ca", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -19462,7 +19378,7 @@ ] }, { - "uuid": "c8d3f632-f522-431a-892d-3eb60f9d7012", + "uuid": "abed6e33-b4dc-4e37-88ad-7bbe2c508ae4", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -19479,7 +19395,7 @@ ] }, { - "uuid": "1ac12e24-280d-4f67-8641-8823ca60e737", + "uuid": "d3a87ec2-d1ae-41d1-8dd2-140d403f6c65", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -19496,7 +19412,7 @@ ] }, { - "uuid": "38a00fa5-1a34-4950-a3af-e2667ec82b69", + "uuid": "119181b1-2bf0-4366-a45b-8c7a1acdb103", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -19513,7 +19429,7 @@ ] }, { - "uuid": "ab1a7e93-8c9c-4732-9174-e5ff4c110e80", + "uuid": "2eb6e99b-f9a2-442e-8b55-b80a101c3f95", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -19530,7 +19446,7 @@ ] }, { - "uuid": "fd973d5c-8297-49d0-81b8-c3ed0ed0b8ef", + "uuid": "a1bac857-b77a-46e2-8337-78929c8fb88b", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -19547,7 +19463,7 @@ ] }, { - "uuid": "c0cdeee1-4381-4424-9a5f-4b34aa272c51", + "uuid": "5158983b-85f9-4200-bc0e-1621db004a23", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -19564,7 +19480,7 @@ ] }, { - "uuid": "14e4a448-e6dd-4e14-a405-5abe5d382adf", + "uuid": "54c8f84f-b9be-42a5-815b-694124de6265", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -19581,7 +19497,7 @@ ] }, { - "uuid": "699b5fb7-ca6d-4a8d-a397-8c7e2f02998c", + "uuid": "6c80b5e5-f7de-4ddf-b674-65934f1d547c", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -19598,7 +19514,7 @@ ] }, { - "uuid": "b172449c-2b53-4856-89fa-d43d5f9593eb", + "uuid": "60c4b93e-00c7-4ba7-81ca-dbf41f684e36", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -19615,7 +19531,7 @@ ] }, { - "uuid": "0e2fe632-38fd-46a3-8900-1eeeee14cdf3", + "uuid": "6f4ce241-f620-4b28-a25b-755e058a5933", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -19628,7 +19544,7 @@ ] }, { - "uuid": "90d7194b-b616-4492-bbb4-4afc289906db", + "uuid": "d73e91e6-6fb7-4d39-a68a-7960fa05acc4", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -19645,7 +19561,7 @@ ] }, { - "uuid": "85b98d1e-a1c0-4b77-ab26-d31a04bb4e25", + "uuid": "8eca37af-defa-475c-adf1-d6ea361bde86", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -19658,7 +19574,7 @@ ] }, { - "uuid": "5a0acaf7-339f-447e-90bf-a3874f873d39", + "uuid": "b422c647-1090-46df-be84-b5b7cde64b26", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -19671,7 +19587,7 @@ ] }, { - "uuid": "1440ccb9-2b12-4d0f-b878-8c9053d497e8", + "uuid": "8e39f6e2-a146-4604-a6af-b05bb5b6c19f", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -19688,7 +19604,7 @@ ] }, { - "uuid": "1d38dcda-1806-40fc-86a4-e04f90d8f4ce", + "uuid": "f5d01a6b-4d76-46bd-8e47-9b5f71aa8635", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -19705,7 +19621,7 @@ ] }, { - "uuid": "4c794244-ed8b-4d14-b8c0-9bfc5db81bae", + "uuid": "bad090e4-197a-4ce6-8977-2b775e431d64", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -19722,7 +19638,7 @@ ] }, { - "uuid": "58178fc0-129b-4b4d-b065-53d0d04847a8", + "uuid": "9308f8b9-9b6b-4989-ba3c-567d345b84a0", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -19739,7 +19655,7 @@ ] }, { - "uuid": "f8dacd88-1473-4952-9382-028fb932808c", + "uuid": "986739e3-7ea7-40e0-bdbe-7c99c760d198", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -19756,7 +19672,7 @@ ] }, { - "uuid": "33c2fe71-fd86-4207-8808-89fcb1e112be", + "uuid": "01e88f5e-42ce-493c-beb7-5059c47b40f3", "control-id": "cis_rhel10_1-3.1.8", "description": "No notes for control-id 1.3.1.8.", "props": [ @@ -19773,7 +19689,7 @@ ] }, { - "uuid": "fc9b9eeb-5a7c-4616-959a-b109de3b97c3", + "uuid": "8de34404-acc3-4f26-98e7-153a880bc54a", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -19790,50 +19706,34 @@ ] }, { - "uuid": "9840d2dc-be3b-4e84-9abf-62d53e7ef066", + "uuid": "4e91d7b0-fc99-4c5a-bc25-3bd7803f5f18", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "a294b661-36e0-4f6b-9180-e1e567b54711", + "uuid": "feef1725-ecb6-4635-9d3a-dea4c4df8584", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -19850,7 +19750,7 @@ ] }, { - "uuid": "6e646914-f1cb-44ef-9f7b-509fe6a51016", + "uuid": "c7c09893-a1ab-410c-ad58-ad743c6dfd47", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -19867,7 +19767,7 @@ ] }, { - "uuid": "0b2dd3cf-8fc8-45b0-8b74-90e9d2fb7d00", + "uuid": "c06d4196-e9a5-4537-b22e-3c4c4bef3c87", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -19884,7 +19784,7 @@ ] }, { - "uuid": "7544ff4b-d8fd-4bb9-b81b-af169bec399a", + "uuid": "aeaebe1d-b0c4-494a-8155-f8c1c0605b7b", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -19901,7 +19801,7 @@ ] }, { - "uuid": "a9cc942b-6333-4af2-b279-cacd85695d3d", + "uuid": "3ab63734-3402-4a91-bd47-750df061f983", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -19918,7 +19818,7 @@ ] }, { - "uuid": "bb6fc5cc-7763-40bd-9e06-941e3be00774", + "uuid": "42558dc8-eaee-4407-85a1-0ed398cbe9da", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -19935,7 +19835,7 @@ ] }, { - "uuid": "411eddef-6d62-4ab2-9704-665d47115bff", + "uuid": "2d046132-650c-444c-ac9c-95f60465d193", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -19952,7 +19852,7 @@ ] }, { - "uuid": "6552adb0-4654-44be-b886-73a1da4abb9b", + "uuid": "9e58d27d-d096-404c-bba5-686dfbbcc731", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -19969,7 +19869,7 @@ ] }, { - "uuid": "99a4db30-9fd9-40f5-88e1-4729ea63c326", + "uuid": "f1921d37-0b99-4538-b504-2f40a067c2d6", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -19986,7 +19886,7 @@ ] }, { - "uuid": "5b711e31-41ac-4625-8503-86601af67caa", + "uuid": "bf9f8a45-5bcf-4f33-9090-2ce651a35d3e", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -20003,7 +19903,7 @@ ] }, { - "uuid": "35da6dd5-a2f3-4dff-89fa-1c420c3c2851", + "uuid": "7bad54e5-cfe6-4b05-8ef0-8a5c19129fbf", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -20020,7 +19920,7 @@ ] }, { - "uuid": "5656a88b-7741-4d40-86fc-5f83c5863556", + "uuid": "f1051a16-386a-4300-abf1-a9a2c781065d", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -20037,7 +19937,7 @@ ] }, { - "uuid": "b07b7b72-f132-4b2c-86b1-43a81eb2519b", + "uuid": "44cfaf7d-f584-42d7-aec5-d69c953d54a5", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -20054,7 +19954,7 @@ ] }, { - "uuid": "5a50b4ee-895c-4eb5-8162-55770b421c1c", + "uuid": "8a6356ca-57cd-40c5-a2a6-31335acda279", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -20071,7 +19971,7 @@ ] }, { - "uuid": "a6e23494-d6e2-449d-948f-aa963a0bb0f2", + "uuid": "793f494e-5b1a-406b-9666-d6a6a5f33c08", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -20088,7 +19988,7 @@ ] }, { - "uuid": "8e9c6dd9-ce5c-48c5-8886-d5219ee2d26c", + "uuid": "a10152c8-0bab-4f3b-bcc1-2c25ad079aec", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -20105,7 +20005,7 @@ ] }, { - "uuid": "4d9a9817-0a3e-4cb4-964d-eead8bcd40df", + "uuid": "3b784780-f7d0-409f-b01c-8d544bc50208", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -20132,7 +20032,7 @@ ] }, { - "uuid": "d6245c82-d5f5-4ec6-9b2c-57fd5a14a496", + "uuid": "37642fbc-26df-4ebb-8356-58d135302228", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -20159,7 +20059,7 @@ ] }, { - "uuid": "07f62583-4269-44ac-8fc2-834c272931fa", + "uuid": "795d9bcf-f3cb-4b64-9860-a2888196eb89", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -20186,7 +20086,7 @@ ] }, { - "uuid": "422d528a-420c-4dd7-b8a7-cf919d90bbf5", + "uuid": "147999b0-4c29-4231-a32f-7080cc5d9289", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -20208,7 +20108,7 @@ ] }, { - "uuid": "3736f82f-3176-479a-9c92-2573347dd651", + "uuid": "aaf291a0-ff60-450f-a1fb-5122313f6dea", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -20225,7 +20125,7 @@ ] }, { - "uuid": "407f0e50-4b87-4453-b0fb-739a64ec8336", + "uuid": "7223f885-6285-41b9-8948-e6b65a578734", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -20257,7 +20157,7 @@ ] }, { - "uuid": "cbb440fb-dfca-4c63-b3a7-70f175dfc4b1", + "uuid": "6b86bb85-4c59-46ec-814c-97855f7015fb", "control-id": "cis_rhel10_1-8.4", "description": "No notes for control-id 1.8.4.", "props": [ @@ -20279,7 +20179,7 @@ ] }, { - "uuid": "24270689-ebe8-4f75-8638-8cfd4e9d3678", + "uuid": "3aca1a3e-280a-4f7f-8fc5-d549d064ea9e", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -20296,7 +20196,7 @@ ] }, { - "uuid": "ad6a1063-4037-4132-94b0-979ce8670e0e", + "uuid": "c5f684cc-f1a2-42a2-9de8-9c5cc6dbbbff", "control-id": "cis_rhel10_2-1.1", "description": "No notes for control-id 2.1.1.", "props": [ @@ -20313,7 +20213,7 @@ ] }, { - "uuid": "d7998e5c-ff51-48dd-87fa-cb3122d2f323", + "uuid": "a4f9c995-d921-4ded-8ac7-84c09bf944f4", "control-id": "cis_rhel10_2-1.2", "description": "No notes for control-id 2.1.2.", "props": [ @@ -20330,7 +20230,7 @@ ] }, { - "uuid": "5444c7c1-5206-498e-8fb5-7928d33bc004", + "uuid": "7840020c-a27f-4350-8c11-4b67715080ea", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -20347,7 +20247,7 @@ ] }, { - "uuid": "05da1de4-9023-41e2-8c1d-c97aa5e2f32b", + "uuid": "0ca1f046-917b-4425-ab4c-5aa02f25eb5a", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -20364,7 +20264,7 @@ ] }, { - "uuid": "c75694ec-69b8-4df2-b1fe-f79263ac8f87", + "uuid": "35ee995d-33f3-4a04-94f3-590c88c1f89e", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -20381,7 +20281,7 @@ ] }, { - "uuid": "8508403f-bebf-44d5-af25-e5f8f559fe54", + "uuid": "df6c8ea7-0bb0-44f9-832e-7795e1da5d63", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -20398,7 +20298,7 @@ ] }, { - "uuid": "bd55ab90-fe1c-4070-9342-e3e3efb9bbe4", + "uuid": "e973f392-7c2d-4a67-973e-55f886427953", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -20420,7 +20320,7 @@ ] }, { - "uuid": "fc39b76b-6ea2-4113-a7c2-a892117990d7", + "uuid": "4942423c-2097-4476-8551-8a744ea0ef14", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -20437,7 +20337,7 @@ ] }, { - "uuid": "f158e1fc-0d73-4107-81ca-a4bf1e2e77f8", + "uuid": "467cd09a-f705-4a04-9ef3-7512b8ae5e56", "control-id": "cis_rhel10_2-1.10", "description": "No notes for control-id 2.1.10.", "props": [ @@ -20454,7 +20354,7 @@ ] }, { - "uuid": "6c46efac-1651-4223-b6ce-036e8e076e72", + "uuid": "b51bd4df-f824-4774-a15b-2456737755ee", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -20471,7 +20371,7 @@ ] }, { - "uuid": "d9c62a75-228b-468b-9b5b-69d96472189c", + "uuid": "3a6d8ac6-cf91-47d4-8bdd-117e7ceac059", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -20488,7 +20388,7 @@ ] }, { - "uuid": "01b92e57-8a5f-4004-82ef-3731d498eed6", + "uuid": "fcf3f887-9b67-434c-a68e-c4d0d0978075", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -20505,7 +20405,7 @@ ] }, { - "uuid": "e2916643-7cd5-4bc6-8ce0-a35b15cc9f8e", + "uuid": "bbd5f879-a361-427e-a243-ddc51a43d944", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -20522,7 +20422,7 @@ ] }, { - "uuid": "fb77f6ab-e24a-4414-8aa8-b831a9781bfb", + "uuid": "f0e5d49e-462f-4cce-a412-420c2a27b840", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -20539,7 +20439,7 @@ ] }, { - "uuid": "38557bf0-9df3-4036-8fbe-00e39d138bcd", + "uuid": "639acc98-5560-432b-9416-a67a671146ff", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -20556,7 +20456,7 @@ ] }, { - "uuid": "7aada54d-3e90-4b3d-bda7-2b79a50fa6f7", + "uuid": "0cb62ac1-1231-4643-a2a0-b0da48098b73", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -20573,7 +20473,7 @@ ] }, { - "uuid": "08b17ddd-7ab1-47b2-a1bd-bb02cb7be946", + "uuid": "4a5201e9-25d5-48e7-8ba9-b4cbb08e3625", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -20595,7 +20495,7 @@ ] }, { - "uuid": "950a1601-87a3-49f9-87e9-32fea4644dcb", + "uuid": "bc000dea-3a8b-4ac5-935f-474a8c865c99", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -20617,7 +20517,7 @@ ] }, { - "uuid": "3cfd3d2f-a662-4bc2-ab9e-37e2df3a061c", + "uuid": "a1f9e4b8-68fe-42fe-bb56-64f79977d8d4", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -20630,7 +20530,7 @@ ] }, { - "uuid": "16723f2c-f06e-4dea-8fb7-e7d36b4862cb", + "uuid": "249eabb1-1f59-4df6-8ebc-cac3fdbdd7e7", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -20647,7 +20547,7 @@ ] }, { - "uuid": "a90519e9-8e67-4335-aaae-a9d166287fb2", + "uuid": "197772a4-25a6-4ef6-86c8-1d57369588e9", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -20664,7 +20564,7 @@ ] }, { - "uuid": "bc13f147-f620-441f-af91-bb227931b4fc", + "uuid": "51e5c2c2-230f-403d-9723-b2877459e00f", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -20681,7 +20581,7 @@ ] }, { - "uuid": "66d23b68-5ce9-40aa-a660-44b69a557200", + "uuid": "559512d2-128f-4a12-8162-c8c6ebb5145e", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -20693,7 +20593,7 @@ ] }, { - "uuid": "f5f00d00-60be-4a2c-b71f-187d48e18226", + "uuid": "b25568b1-931b-45de-9aad-9da11c9fe20f", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -20710,7 +20610,7 @@ ] }, { - "uuid": "32757e16-3f5b-4d12-98fa-b782350b4c51", + "uuid": "0c2ec6ad-d42c-43a7-98e3-2fafeab6d77f", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -20727,7 +20627,7 @@ ] }, { - "uuid": "f557ccb8-ba47-4cf1-b375-7c00eb281792", + "uuid": "7dcf2c6e-a5d0-4240-88bc-a5a36e05b470", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -20749,7 +20649,7 @@ ] }, { - "uuid": "38e311c6-f35a-49e2-b570-899da22419d9", + "uuid": "032067ef-bf4f-43e9-a7c9-48b1c51ebec3", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -20776,7 +20676,7 @@ ] }, { - "uuid": "ab454479-f0e5-4e6a-83f4-8a0939d4748b", + "uuid": "d1b7b5db-dce7-459f-9786-1ba708c9e947", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -20803,7 +20703,7 @@ ] }, { - "uuid": "e6e4f43d-61c5-4608-bbdf-6d915e24c4de", + "uuid": "dff38fd6-0808-4546-babb-e3765e05b0f3", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -20830,7 +20730,7 @@ ] }, { - "uuid": "dc5a722c-87e5-4801-9ea3-84582cd5ca57", + "uuid": "a080babd-e1d6-43cb-b7d8-7c6fb51e9fbc", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -20857,7 +20757,7 @@ ] }, { - "uuid": "326b702c-f0c4-4fb1-9c90-6ed0add28951", + "uuid": "ec5435f0-0d27-46d5-bf99-0d37da6f4029", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -20884,7 +20784,7 @@ ] }, { - "uuid": "2f028031-7580-41f4-9e01-a1abe203c834", + "uuid": "b83c365e-2fea-49af-9adb-f0adf6647a31", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -20911,7 +20811,7 @@ ] }, { - "uuid": "321015bc-756c-4902-b060-dd7cd031e90f", + "uuid": "0a706d1e-c104-401f-b68c-b39c1b578872", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -20938,7 +20838,7 @@ ] }, { - "uuid": "3de25d13-c22a-44df-b817-021de2daaeea", + "uuid": "99053405-9478-41d3-84d3-3d3483ea8769", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -20975,7 +20875,7 @@ ] }, { - "uuid": "d743b56c-78d7-401a-b75d-470c19960a27", + "uuid": "05598bf2-a31f-45b8-85bb-f2eaf2ff245a", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -21012,7 +20912,7 @@ ] }, { - "uuid": "3840a27e-50c9-4ea5-90c1-3bd29c09bbf6", + "uuid": "b64ee000-6a3a-4250-acd8-820bc4763eda", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -21025,7 +20925,7 @@ ] }, { - "uuid": "4b5acafd-15af-4a4c-97a9-aaeaf2f4c481", + "uuid": "a084ddf9-635e-49ca-912e-9684a5a6dced", "control-id": "cis_rhel10_3-1.2", "description": "No notes for control-id 3.1.2.", "props": [ @@ -21042,7 +20942,7 @@ ] }, { - "uuid": "3f0758e7-1940-420d-ab0b-3e389a5e36be", + "uuid": "321eb86d-fd65-4c1c-a586-ec271f1790ee", "control-id": "cis_rhel10_3-1.3", "description": "No notes for control-id 3.1.3.", "props": [ @@ -21059,7 +20959,7 @@ ] }, { - "uuid": "52ad2602-bd04-48ee-be5b-1f5cab281064", + "uuid": "8f6a9bb5-5321-4471-a872-faba95a8b1c9", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -21076,7 +20976,7 @@ ] }, { - "uuid": "bb576154-8d60-4bcc-9ff6-cc2c08076352", + "uuid": "39b730c1-c7bf-4fc6-ba3a-e980ac8ed49c", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -21093,7 +20993,7 @@ ] }, { - "uuid": "e341fac4-9453-445e-ada9-0a8395fc158d", + "uuid": "4bb37cd4-435f-4965-8577-d8d37cde2d57", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -21110,7 +21010,7 @@ ] }, { - "uuid": "d44d0e1a-9739-43fa-951a-6c01423fb394", + "uuid": "07b9dd57-9de4-48f6-99f7-12d842870766", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -21127,7 +21027,7 @@ ] }, { - "uuid": "c13ede47-d825-478b-92bd-a461c30b8fd9", + "uuid": "68f03f1d-644f-4759-8815-ebb15af59dce", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -21144,7 +21044,7 @@ ] }, { - "uuid": "b78dda32-d729-491c-ab60-6422d66f1a6f", + "uuid": "724de882-8fea-4cd9-8faf-0fbb775b8570", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -21161,7 +21061,7 @@ ] }, { - "uuid": "60a6a639-e8fe-425c-9752-9dc82240e250", + "uuid": "822c5531-aff9-43c5-a511-cf81119ba50f", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -21178,7 +21078,7 @@ ] }, { - "uuid": "d4a02dd9-13d2-4451-b94b-1e5d02c4da17", + "uuid": "1c07711f-40bb-4f75-b5ca-12f3bdd4c8e8", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -21195,7 +21095,7 @@ ] }, { - "uuid": "0d49a79d-0d6e-4265-ad91-7b84e18ba050", + "uuid": "aa6723d3-3f32-484c-845c-80bf0ebbd5b5", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -21212,7 +21112,7 @@ ] }, { - "uuid": "938ca415-e369-4095-9f88-f02e5f169d50", + "uuid": "778e764e-c0b1-41cb-a7b2-11320cc4c671", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -21229,7 +21129,7 @@ ] }, { - "uuid": "7ee1eb55-b99a-4ce7-9c5c-d9f4e35965f3", + "uuid": "62d65362-9856-4fc0-8451-6a1b5d596d51", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -21246,7 +21146,7 @@ ] }, { - "uuid": "25ae80f8-8806-4691-819b-aaeedacc1dff", + "uuid": "7469ac57-ddc7-47ae-a318-cb50bda4dde0", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -21263,7 +21163,7 @@ ] }, { - "uuid": "ae06ce24-8227-4f5c-b9b3-f751c7fba570", + "uuid": "1676e47d-fd72-4abf-8d73-81b30d00eddc", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -21280,7 +21180,7 @@ ] }, { - "uuid": "b894d12d-be78-4b7b-8daf-92c77bb71a8c", + "uuid": "b1fa050b-107c-4380-a9e7-d3e95ecc4faf", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -21297,7 +21197,7 @@ ] }, { - "uuid": "978ac080-4969-4a04-97f6-6696385931f4", + "uuid": "8febd3a6-e8fa-4d8b-8f17-ec7ffcb5bf9f", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -21314,7 +21214,7 @@ ] }, { - "uuid": "bb5f8ad8-6f6b-42a9-a17f-f0e2e21d35d0", + "uuid": "f6082843-9525-4f8d-9280-ba8c015616ae", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -21331,7 +21231,7 @@ ] }, { - "uuid": "9941de8a-44e5-4da3-8262-f945e717f430", + "uuid": "3917aaca-2c32-452d-9437-b0bd104c9bac", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -21348,7 +21248,7 @@ ] }, { - "uuid": "5f474fd9-d2cb-4c3d-97ab-515255346545", + "uuid": "a31ae7b8-e204-48be-9afb-42b626b72ff5", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -21365,7 +21265,7 @@ ] }, { - "uuid": "819189e1-fafe-42dc-9c64-9c757af15701", + "uuid": "e3ad3a42-5377-4f1e-a276-5be252f4f89f", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -21382,7 +21282,7 @@ ] }, { - "uuid": "2ce871d5-597e-43eb-a74f-9523c53fdc9c", + "uuid": "a8bea9b7-7d20-4409-b0ee-e145191b7a87", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -21399,7 +21299,7 @@ ] }, { - "uuid": "75466c27-0fe6-4288-a142-3be30cd6d098", + "uuid": "be62bc09-cc71-493a-8f92-68e174ac41ba", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -21416,7 +21316,7 @@ ] }, { - "uuid": "84a812c8-4ed8-4b63-a4cc-029241c313a6", + "uuid": "61e71706-b3c5-4ecd-873c-5c20cdc23d97", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -21433,7 +21333,7 @@ ] }, { - "uuid": "58cc8d76-69c6-4e33-bdb5-774e99eee578", + "uuid": "f50ecdb4-2055-4417-93a8-3798f9885612", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -21450,7 +21350,7 @@ ] }, { - "uuid": "f08ee8a3-f92e-403d-a96e-c713a2bbc955", + "uuid": "a69b56b6-7f19-4203-9831-cce021417ebb", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -21467,7 +21367,7 @@ ] }, { - "uuid": "07be062f-efad-4f88-b4c9-e23986b37295", + "uuid": "6193a728-7f72-48d1-9539-dc45a2bd5f25", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -21484,7 +21384,7 @@ ] }, { - "uuid": "ee278a33-4b67-4489-8944-e81c6f8068dd", + "uuid": "3dc618d2-93cc-43b4-bc84-2f4bc9194b57", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -21501,7 +21401,7 @@ ] }, { - "uuid": "8a70c816-a6e5-476e-b6ee-8dae3e5d776b", + "uuid": "a416d70b-184e-492d-94eb-e755a14f169e", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -21518,7 +21418,7 @@ ] }, { - "uuid": "2ea50e50-ebff-4066-97b9-0da2904ba056", + "uuid": "a4bf5a8b-db52-42f2-b8a1-e0e00075e35e", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -21535,7 +21435,7 @@ ] }, { - "uuid": "0ace3033-20b9-4f11-9a45-85f19d923702", + "uuid": "f6b33dff-46bc-4576-a936-18eabf062840", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -21552,7 +21452,7 @@ ] }, { - "uuid": "9db82b3a-4522-4002-a552-88856291289f", + "uuid": "61833840-4faf-43e5-8326-879a479b485b", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -21569,7 +21469,7 @@ ] }, { - "uuid": "6593d7e3-961b-405b-ae07-1bd4a0285b3a", + "uuid": "9bdb17b6-dc59-4b4d-bf7f-0215069f53fe", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -21586,7 +21486,7 @@ ] }, { - "uuid": "723d2e11-3838-4108-bc34-1faa35d05ef5", + "uuid": "db626037-1744-4355-81c5-0b29df707139", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -21603,7 +21503,7 @@ ] }, { - "uuid": "ece77698-5ed3-4c40-864a-c2c7189aa2b1", + "uuid": "0afc1a4c-fa76-4082-a9b4-82031281384a", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -21620,7 +21520,7 @@ ] }, { - "uuid": "15e27f6f-34e5-4efb-b164-fca34e68670a", + "uuid": "779caed4-cc43-4ed4-987f-2adca33bb65c", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -21637,7 +21537,7 @@ ] }, { - "uuid": "5c2d3cfe-cce3-4f89-aecd-2b5045482f29", + "uuid": "f76d5f09-698a-42c6-936b-a7a4081f81c9", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -21645,12 +21545,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "5ccfbe1f-5a79-4b00-8757-e7ec756ec936", + "uuid": "1d851c29-ee89-4746-a1ed-992f15e0cd13", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -21667,7 +21567,7 @@ ] }, { - "uuid": "089c194c-a9e8-49ab-89d2-e31c09e3d0c9", + "uuid": "86538749-8ab4-4c3c-8205-86ccb2a6b6c2", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -21680,7 +21580,7 @@ ] }, { - "uuid": "171f273a-9a86-45f7-a682-fd19bbece4b9", + "uuid": "c9d34709-322c-43c4-82b8-aafc339a8866", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -21693,7 +21593,7 @@ ] }, { - "uuid": "2cd101c5-2c11-43f9-a7dd-00cf22972d59", + "uuid": "b091e0cd-bd32-42bb-9c8b-2b900f94af92", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -21750,7 +21650,7 @@ ] }, { - "uuid": "3d8aaad5-79c4-4fc1-bc30-125e82ab5a65", + "uuid": "8a5420ab-d857-4b9f-b716-1b33ca8b8f4f", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -21777,7 +21677,7 @@ ] }, { - "uuid": "86caa51e-8df0-428a-9f8e-7c1d4c5baeef", + "uuid": "c111a81b-bd06-4e76-9872-11d4cd79fff6", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -21804,7 +21704,7 @@ ] }, { - "uuid": "6b0725b6-5746-49cf-89ba-55e52de38e9f", + "uuid": "f2139bae-8be9-41b1-bfe5-0e264a22c4de", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -21821,7 +21721,7 @@ ] }, { - "uuid": "7a9609c7-8ce4-4224-97d6-e7a69da2cc9f", + "uuid": "3d71e6b9-1d5b-4f65-9ed5-71221517d4cb", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -21838,7 +21738,7 @@ ] }, { - "uuid": "01bab533-2f52-4793-9727-692518f752b0", + "uuid": "f4d55863-2e0e-4c01-b514-125ffa884204", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -21855,7 +21755,7 @@ ] }, { - "uuid": "5a8c8c9f-acb6-44fe-985f-b0147b3c9758", + "uuid": "a3a3f58b-06db-44a3-ae20-9e801ac8c2c6", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -21877,7 +21777,7 @@ ] }, { - "uuid": "7706ac1b-ae7b-4602-8a4c-d31f9398eef4", + "uuid": "60f309cb-542e-4f1d-bbd1-219ad07b1ca3", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -21894,7 +21794,7 @@ ] }, { - "uuid": "e219b648-fc1f-4ca4-8581-3be144a9f3f7", + "uuid": "0cdcf01b-2c92-4ea5-a7c2-d2cf2f24b012", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -21911,7 +21811,7 @@ ] }, { - "uuid": "def63e86-8eb5-4805-9166-10c2e6981515", + "uuid": "a51e4a47-6f99-44f6-aab0-3184ab6356de", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -21929,7 +21829,7 @@ ] }, { - "uuid": "13affd91-8b64-42e0-819b-07847dde53b9", + "uuid": "7aa04b3d-7bde-48bf-b184-b0f6f016ef77", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -21946,7 +21846,7 @@ ] }, { - "uuid": "4818f592-4275-41eb-b71b-35827de13702", + "uuid": "516daa78-00fd-478d-afe5-50b2b565ab67", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -21963,7 +21863,7 @@ ] }, { - "uuid": "0b18bf95-af7b-4559-a610-a0037e9258d2", + "uuid": "75819807-942e-46cd-88a2-e8d5be137309", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -21980,7 +21880,7 @@ ] }, { - "uuid": "b3a1184b-8475-49b5-bdc5-60aff3f768f8", + "uuid": "dd424e52-d7ae-41cb-b391-fd6b199d1104", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -21997,7 +21897,7 @@ ] }, { - "uuid": "752d49b4-c470-4a67-b0fa-24290a5240c4", + "uuid": "a6c86127-d83f-4526-9ae9-a2d38f35eb8b", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -22014,7 +21914,7 @@ ] }, { - "uuid": "988b6ed2-713d-4534-b195-7323dc4a276d", + "uuid": "0d75f773-4695-47d4-ad92-022fb8c36ba2", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -22031,7 +21931,7 @@ ] }, { - "uuid": "3ff2d34f-7fc5-4c04-b79c-bc67c9671bc7", + "uuid": "b8308536-3275-476e-ab16-ae321e65be52", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -22048,7 +21948,7 @@ ] }, { - "uuid": "face8a76-2be5-487d-9411-7caa86e1fbb7", + "uuid": "fa9473a4-3cad-40fe-bd15-250cd0078bad", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -22065,7 +21965,7 @@ ] }, { - "uuid": "6faec40b-6889-4b68-8a70-87848d7d1a4e", + "uuid": "a0c9c69b-701a-4706-af67-ec48e588ab7d", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -22082,7 +21982,7 @@ ] }, { - "uuid": "6042bcbf-fb46-497e-b5f9-092ff3889387", + "uuid": "96bc417c-7a76-4c83-b095-f60484be7178", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -22099,7 +21999,7 @@ ] }, { - "uuid": "58e05c7d-3f2e-4d08-90c7-f9496cb14396", + "uuid": "4a4ea2ec-11fb-4584-b65f-1a832ad4d395", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -22116,7 +22016,7 @@ ] }, { - "uuid": "4602c8ba-84a4-46b9-84d6-876f31a955b2", + "uuid": "54fa8cd8-11d7-44e2-83cc-9be727f571b6", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -22133,7 +22033,7 @@ ] }, { - "uuid": "ba96efee-0189-4b5f-b8ad-70c2aa8f0e32", + "uuid": "ffcf316a-f6d3-4323-bbdf-8206aafbf552", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -22150,7 +22050,7 @@ ] }, { - "uuid": "f976b5d6-ad83-4a3e-af72-52952714ad24", + "uuid": "bec188a1-95b2-4ee7-a97c-8f049746b2fa", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -22167,7 +22067,7 @@ ] }, { - "uuid": "1cd2fa9d-845c-41cb-bd5d-5fbbf4e30e02", + "uuid": "ba14628c-006f-4772-8db4-29206db2b314", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -22184,7 +22084,7 @@ ] }, { - "uuid": "e8c1688a-8443-412c-8c8e-165f2852bc15", + "uuid": "3c2663c5-ea4c-4b2e-b6e8-e9c6c2213eb0", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -22206,7 +22106,7 @@ ] }, { - "uuid": "06a89eca-3027-45ff-bbfc-da112d9e514e", + "uuid": "33ece393-4483-45e1-9a8b-990e45122328", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -22218,7 +22118,7 @@ ] }, { - "uuid": "43aed5d0-5bee-4126-ab07-6a312c0af0c0", + "uuid": "07ac5b9d-a1ea-4830-b8d3-a9e9bc578331", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -22240,7 +22140,7 @@ ] }, { - "uuid": "06cda8f1-a7a9-45ac-988d-b535fe1b0771", + "uuid": "c96a436d-bfe8-4732-a1ae-c2a58706b92e", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -22267,7 +22167,7 @@ ] }, { - "uuid": "de2104c8-d303-4fd3-b9cb-a2fbca5b7892", + "uuid": "e29ed719-4cb5-4d69-9c38-cbaa1d118c48", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -22279,7 +22179,7 @@ ] }, { - "uuid": "e6ec4777-5b8b-4340-a429-7f7964349752", + "uuid": "e9d9c2cf-6a7c-4465-af95-7e4e382f9154", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -22296,7 +22196,7 @@ ] }, { - "uuid": "a093d86d-fc7d-4662-88cf-c9bbb02d52d8", + "uuid": "2eeffbf6-5b14-45a0-85d5-02bf8f38c2f6", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -22313,7 +22213,7 @@ ] }, { - "uuid": "7a3238bc-41db-492e-8438-fd3190eb351f", + "uuid": "0067b910-7f9a-4b78-869e-10233449f618", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -22330,7 +22230,7 @@ ] }, { - "uuid": "8e1284e8-dccb-4ff4-bb28-71a7c015bff5", + "uuid": "aee218b6-3b30-43c3-b1f5-e765bb6a9747", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -22347,7 +22247,7 @@ ] }, { - "uuid": "9b6affa7-b52e-4243-bce3-4cbab87841d2", + "uuid": "d09a5c71-accb-44b2-9352-0d3de7969b22", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -22364,7 +22264,7 @@ ] }, { - "uuid": "86057747-81c1-475b-88c5-39a279e27dbc", + "uuid": "c13f7b57-eb2a-4f63-9981-8015d371b65c", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -22381,7 +22281,7 @@ ] }, { - "uuid": "5d6b4af5-8fe0-4cbf-aa15-a65b25c24085", + "uuid": "2ebe6cb3-acd9-4023-aee9-aea8f8374786", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -22398,7 +22298,7 @@ ] }, { - "uuid": "1ffd1a9a-d678-4a1e-be59-98d32ed389a4", + "uuid": "74d7cdee-ac59-4ee7-9d58-645ec9d800aa", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -22415,7 +22315,7 @@ ] }, { - "uuid": "6a6b4941-68a4-4506-b561-c0226cd64bc3", + "uuid": "f22b2584-9ae3-46e9-b6eb-024b8933987d", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -22432,7 +22332,7 @@ ] }, { - "uuid": "3ae07a13-c69c-4df4-ba02-159d14031f9c", + "uuid": "2d0d6e6c-92d8-484b-a976-a5aad035ffd9", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -22449,7 +22349,7 @@ ] }, { - "uuid": "893eca1a-60cf-4f8e-bd44-fad4d61937b8", + "uuid": "842022e7-d052-4b48-9d47-820d60107801", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -22471,7 +22371,7 @@ ] }, { - "uuid": "71457bc0-5900-4db8-a200-2232607435e5", + "uuid": "68ec9b1c-42a8-419c-b4d5-d96fa6a00980", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -22488,7 +22388,7 @@ ] }, { - "uuid": "8ed18c54-ef0d-4f3e-a5fb-5ca32c643bf7", + "uuid": "bd13c6e0-602f-4c6d-bae6-b223576e6fb7", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -22505,7 +22405,7 @@ ] }, { - "uuid": "9b0a202c-378c-4541-92e8-dcf56214f60d", + "uuid": "86b3533e-fcbc-473b-b561-c45d045019d5", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -22522,7 +22422,7 @@ ] }, { - "uuid": "1403c2b1-5df9-4cdd-b513-cf2e1b0e4029", + "uuid": "021bb5bf-443c-4d8c-b524-6ede36dbaef6", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -22539,7 +22439,7 @@ ] }, { - "uuid": "f828a8b7-95c5-45c7-9109-773ac26579d6", + "uuid": "041f7ef1-59cf-469d-b136-ca1622a31c3a", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -22561,7 +22461,7 @@ ] }, { - "uuid": "84b92051-d9fc-4bc0-9189-7f1f358c621a", + "uuid": "669dc36b-b4f2-4dc9-be15-24932eff0fe6", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -22578,7 +22478,7 @@ ] }, { - "uuid": "c8b3e04e-5f8f-4081-89e3-ca4738ff174e", + "uuid": "67327dad-50c4-4f6a-b8e6-fe1751fefa3a", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -22600,7 +22500,7 @@ ] }, { - "uuid": "2cba34c6-e207-4b25-9d47-85b3f87faee3", + "uuid": "3844718a-ab02-4fe6-aad0-efdf5d434445", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -22622,20 +22522,15 @@ ] }, { - "uuid": "fb615ebe-157a-45d0-a716-a1a06ed5e183", + "uuid": "bdf9faba-0e08-43f0-9ec9-ca1e1f414376", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -22644,7 +22539,7 @@ ] }, { - "uuid": "a7067396-ce5b-4f3c-accd-093ddc2ac579", + "uuid": "6d5365e4-201b-466c-98ce-045064f8a65b", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -22666,7 +22561,7 @@ ] }, { - "uuid": "ddc4b213-f7fe-4c52-8bc5-414b6c53d03c", + "uuid": "ad18a552-c1bb-4961-bc8a-baca36dd5978", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -22683,7 +22578,7 @@ ] }, { - "uuid": "3dcd0f7a-e7fa-41a6-bc5d-3a8d48d33e7e", + "uuid": "cc0701b2-2d8b-4b7c-adea-f448c45ceaeb", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -22700,7 +22595,7 @@ ] }, { - "uuid": "9ce550db-5b1d-48e7-a84e-117df4c5f4e0", + "uuid": "c8ba31f4-7131-4d7d-9fc2-06d05dc1421e", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -22717,7 +22612,7 @@ ] }, { - "uuid": "3f017506-6ea6-4ac5-9a13-e1c8d978bbc1", + "uuid": "ee4f146c-7169-49df-a215-6bc10fcb904f", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -22734,7 +22629,7 @@ ] }, { - "uuid": "bacc715c-82d4-4de8-95f1-47acf6d26717", + "uuid": "a2d486a1-48dd-484b-a2bf-49bd5baf8369", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -22751,7 +22646,7 @@ ] }, { - "uuid": "b323d327-a1fc-4539-b773-1f2dab847b14", + "uuid": "2ebb0565-49d6-43fc-91e5-898a3d0f3ee1", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -22773,7 +22668,7 @@ ] }, { - "uuid": "1bb7daaf-1632-45ed-962e-d3f25254a3a1", + "uuid": "b75ab93c-29a1-45cc-8d79-24a7880df3c0", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -22790,7 +22685,7 @@ ] }, { - "uuid": "cc3cb100-a263-4d66-a943-7c6572d295d8", + "uuid": "237705ad-05b4-48c0-96d9-afb941490d73", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -22812,19 +22707,24 @@ ] }, { - "uuid": "001694d7-7214-4a7a-a0e1-98a5afa068a5", + "uuid": "30ac192e-df06-48c0-865b-a3482b246ab9", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "a7c3070b-7734-42a5-a49c-15a8e5c44a82", + "uuid": "3c15a061-1434-4616-bc4a-b228420e9c30", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -22841,7 +22741,7 @@ ] }, { - "uuid": "6ad5ffac-6105-40a9-ace6-dee8805a2dcd", + "uuid": "2651a203-9019-452e-9e2b-2b638c906f21", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -22868,7 +22768,7 @@ ] }, { - "uuid": "b01cab7b-f44c-469b-b3d6-58dc65f3fc56", + "uuid": "220f6f2c-9c8f-4aad-978f-7381241baf17", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -22890,7 +22790,7 @@ ] }, { - "uuid": "dfcf0db7-515e-4c0f-b93e-abcf43e7f85c", + "uuid": "b8a14f99-dee6-4482-a012-fa59e18af8cb", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -22907,7 +22807,7 @@ ] }, { - "uuid": "32230886-c799-49e3-932b-28295a12b17e", + "uuid": "1b1df585-9b9d-4401-aaec-ddb9150ea4a3", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -22924,7 +22824,7 @@ ] }, { - "uuid": "3a78afa7-cf84-458f-a333-4fc2e8ad21d7", + "uuid": "847540c2-7f91-4da7-9002-cc9c8c73af46", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -22941,7 +22841,7 @@ ] }, { - "uuid": "3d448220-cebe-41cc-a93b-794de8124b76", + "uuid": "3bb56d85-33e8-45a6-accd-e8a99909379a", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -22954,7 +22854,7 @@ ] }, { - "uuid": "c877ddca-2a30-44de-aca6-722e7808caa6", + "uuid": "91e7bbb1-4867-4bcd-8ac0-e9ea4d7eb281", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -22967,20 +22867,24 @@ ] }, { - "uuid": "527a5a5b-d0bb-4250-a632-225f2306c162", + "uuid": "206c928e-d6db-4940-8821-fc96299ad940", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "71d11a15-7ce8-4703-88ff-94beef319b2e", + "uuid": "653a7d18-cd57-4e2d-8722-1a82fc56a19d", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -22997,7 +22901,7 @@ ] }, { - "uuid": "0b556092-fcc8-41f0-9b61-55fcf03489b9", + "uuid": "c9e6f9fc-b5bc-4bf6-a128-a746ca09c0f5", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -23010,7 +22914,7 @@ ] }, { - "uuid": "7f667fe4-0a21-47f5-b37c-3ac489191396", + "uuid": "01171f1b-0cef-4a6c-9a6d-ee16af6665f1", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -23027,7 +22931,7 @@ ] }, { - "uuid": "368e248c-0246-47d6-a15c-e21356c8c3b1", + "uuid": "013ecd8e-21ea-44b0-81dc-f43f1f473740", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -23044,7 +22948,7 @@ ] }, { - "uuid": "4a47f2df-bc91-4d24-bdfa-24e8863b6e8d", + "uuid": "f01cc36c-81b7-4983-b984-c2bf4f9caccd", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -23061,7 +22965,7 @@ ] }, { - "uuid": "75f4921b-9df9-46a1-9ced-aff1994f4433", + "uuid": "8b267292-fb92-4e15-a560-661e43472c20", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -23078,7 +22982,7 @@ ] }, { - "uuid": "ae737e6c-f98b-43d0-83ad-eda883a58e24", + "uuid": "991bb43f-fd8a-438d-8f04-edf5043da129", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -23095,7 +22999,7 @@ ] }, { - "uuid": "620180c7-063c-4b8a-adec-98b8259a98c9", + "uuid": "dffd00a3-218e-496c-9d7b-e0dea4203b61", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -23107,7 +23011,7 @@ ] }, { - "uuid": "c56736e2-6d0b-4ef6-8d8e-515b8fe1d079", + "uuid": "8662ac05-2795-4ad0-8a6a-01411aa4dadd", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -23119,7 +23023,7 @@ ] }, { - "uuid": "c0bea0ee-26d3-47a6-b55c-6751a3be3cb2", + "uuid": "61c8e099-ab06-4996-a867-be86ab262b7d", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -23131,7 +23035,7 @@ ] }, { - "uuid": "9df2280a-aa0d-4b1c-b07b-3073acee14a7", + "uuid": "c194e6a6-3ac5-49eb-921a-2a09afed5d12", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -23143,7 +23047,7 @@ ] }, { - "uuid": "497dcd11-d678-4906-906f-e8445af0ef10", + "uuid": "732835c3-a289-4b97-8bda-565639a18ef6", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -23156,7 +23060,7 @@ ] }, { - "uuid": "ca46c5de-701e-4ada-a9a0-65013487b978", + "uuid": "4db28cf1-a5cb-4827-bbdd-c73d3165fd41", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -23169,7 +23073,7 @@ ] }, { - "uuid": "1b372047-121d-4656-940e-8a3a8e8ae843", + "uuid": "fa3a565c-79fb-4e4b-bd0d-4fe0deca2094", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -23181,7 +23085,7 @@ ] }, { - "uuid": "15234f9d-e313-4300-b611-32336b478ef5", + "uuid": "0996814f-70be-467b-9e01-0410c0b0e1f8", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -23194,7 +23098,7 @@ ] }, { - "uuid": "a67eba2c-732a-4d6b-8180-0c936854c09e", + "uuid": "31c097c0-0569-400e-b107-a232bd863dca", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -23221,7 +23125,7 @@ ] }, { - "uuid": "b3b67f6a-5653-4bdb-9548-ebfd1cd75114", + "uuid": "b42c00bb-db99-4f99-ade8-e14b5b83f039", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -23248,7 +23152,7 @@ ] }, { - "uuid": "a9d5ea18-1b9c-4264-b8da-a36719b78958", + "uuid": "515527c2-e7ed-48c3-8e2a-47e8875a0996", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -23275,7 +23179,7 @@ ] }, { - "uuid": "e4ef02fc-9135-4bd7-88a5-6d98ec049d43", + "uuid": "1fc6a2da-a860-4bcd-8e29-d2e16bc7f4b1", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -23302,7 +23206,7 @@ ] }, { - "uuid": "1d4f7ecc-1b88-46cf-b3de-d214d56bfbb9", + "uuid": "29c06752-e6bd-46dd-8e17-2879dbea8410", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -23329,7 +23233,7 @@ ] }, { - "uuid": "d376e5c4-4938-42ca-9a85-b84df7050f00", + "uuid": "81679619-30ff-498e-92b2-a46ccdc32c3e", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -23356,7 +23260,7 @@ ] }, { - "uuid": "0b42e0b7-f50e-40c3-810a-144ed6b7bd8e", + "uuid": "96016956-671b-4658-beb2-5f8e029b541a", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -23383,7 +23287,7 @@ ] }, { - "uuid": "0ba433e5-c6d0-46df-aadf-b51e5df754c8", + "uuid": "04002acb-815d-49f8-8aec-6a0f59d63653", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -23410,7 +23314,7 @@ ] }, { - "uuid": "b9f1f96b-acd8-4158-9430-250411afedac", + "uuid": "0c1aefcc-dca0-40d5-ab60-48a289c57f54", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -23437,7 +23341,7 @@ ] }, { - "uuid": "2c8669a6-15e4-4660-a29a-d5dbd85ceb97", + "uuid": "50a1169a-f5f0-4001-8189-aa7827216d23", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -23464,7 +23368,7 @@ ] }, { - "uuid": "4ca67396-1f1e-489b-856c-9f1ef8d575bc", + "uuid": "24559b73-6258-478d-bfd6-f1d993afca31", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -23506,7 +23410,7 @@ ] }, { - "uuid": "f86b5f58-2de7-43f1-8eee-0a52a0296a89", + "uuid": "fa9d91c6-a77c-4c53-931d-4965619b7fcc", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -23528,7 +23432,7 @@ ] }, { - "uuid": "97a1d846-7ae1-4586-aa01-ec1c7cd01b39", + "uuid": "cabe499e-bacb-4821-951a-a9e923185eda", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -23550,7 +23454,7 @@ ] }, { - "uuid": "2f509f30-d88c-429b-a91f-0517b0e60175", + "uuid": "f017afc0-4046-4464-a2fa-0e240cad6ab4", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -23563,7 +23467,7 @@ ] }, { - "uuid": "b099a0f3-64c1-4b8c-a421-89db28bf8038", + "uuid": "076029cb-95a5-4add-88a0-e3ffc5063592", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -23580,7 +23484,7 @@ ] }, { - "uuid": "76f40cf6-b462-403f-8b6d-e7d6a565424c", + "uuid": "68ac2dea-4834-403b-bb3f-47d11abe7c3a", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -23597,7 +23501,7 @@ ] }, { - "uuid": "55379db7-e74e-422b-ae42-2bce3f15ea60", + "uuid": "6ecf6508-4be4-46e2-9982-deaf29cb2aff", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -23614,7 +23518,7 @@ ] }, { - "uuid": "0be76c73-0901-457f-ad0d-a9ee6362deac", + "uuid": "b2fd7ef9-dee5-4a51-9800-a6d3e3694241", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -23631,7 +23535,7 @@ ] }, { - "uuid": "af74f374-5be3-4e43-9885-4cd4b712b150", + "uuid": "b9eed367-7113-461c-818b-0e67f9e0a443", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -23648,7 +23552,7 @@ ] }, { - "uuid": "1ece051b-6dfb-46ff-99e3-f0ae042c02ad", + "uuid": "f393e2e9-538e-4d54-b477-807b998bf29d", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -23665,7 +23569,7 @@ ] }, { - "uuid": "8c626dc0-eaa1-4fd4-ab62-2071ac2553e5", + "uuid": "2311dbe6-10d9-47d5-9fbf-8554e3fb0f88", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -23682,7 +23586,7 @@ ] }, { - "uuid": "0f0c6c6d-aaea-4f1f-ad77-77dc9e7a014a", + "uuid": "08b9dc78-f49d-4ee9-ac35-bb37b1405f7b", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -23709,7 +23613,7 @@ ] }, { - "uuid": "a110e0a7-6d77-419a-8aee-a30ad411aa0c", + "uuid": "90a7a9eb-8053-43fe-a5c1-a09935ef86b9", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ diff --git a/component-definitions/rhel10/rhel10-cis_rhel10-l1_workstation/component-definition.json b/component-definitions/rhel10/rhel10-cis_rhel10-l1_workstation/component-definition.json index 4b462a80e..5c9488587 100644 --- a/component-definitions/rhel10/rhel10-cis_rhel10-l1_workstation/component-definition.json +++ b/component-definitions/rhel10/rhel10-cis_rhel10-l1_workstation/component-definition.json @@ -3,8 +3,8 @@ "uuid": "f215e0d6-22bf-45fa-955c-4bc760e0ee55", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:26:20.485703+00:00", - "version": "3.2", + "last-modified": "2025-12-17T10:47:54.863368+00:00", + "version": "3.6", "oscal-version": "1.1.3" }, "components": [ @@ -725,7 +725,7 @@ { "name": "Parameter_Value_Alternatives_38", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -743,7 +743,7 @@ { "name": "Parameter_Value_Alternatives_39", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -1451,3403 +1451,3379 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "package_kea_removed", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Uninstall kea Package", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "package_bind_removed", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Uninstall bind Package", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_dnsmasq_removed", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "package_rsync_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Uninstall rsync Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_samba_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall Samba Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "kernel_module_can_disabled", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable CAN Support", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable DCCP Support", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "sshd_disable_forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable SSH Forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "disable_host_auth", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_forwarding", + "value": "sshd_disable_rhosts", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Forwarding", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_use_strong_kex", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", + "value": "package_systemd-journal-remote_installed", "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", + "value": "Install systemd-journal-remote Package", "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", + "value": "service_systemd-journal-upload_enabled", "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", + "value": "Enable systemd-journal-upload Service", "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_systemd-journal-remote_installed", + "value": "socket_systemd-journal-remote_disabled", "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install systemd-journal-remote Package", + "value": "Disable systemd-journal-remote Socket", "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journal-upload_enabled", + "value": "journald_disable_forward_to_syslog", "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journal-upload Service", + "value": "Ensure journald ForwardToSyslog is disabled", "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "socket_systemd-journal-remote_disabled", + "value": "journald_compress", "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable systemd-journal-remote Socket", + "value": "Ensure journald is configured to compress large log files", "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_disable_forward_to_syslog", + "value": "journald_storage", "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald ForwardToSyslog is disabled", + "value": "Ensure journald is configured to write log files to persistent disk", "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_compress", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to compress large log files", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_storage", + "value": "rsyslog_files_ownership", "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to write log files to persistent disk", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_files_permissions", "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "file_groupowner_etc_passwd", "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "Verify Group Who Owns passwd File", "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "file_owner_etc_passwd", "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "Verify User Who Owns passwd File", "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_passwd", + "value": "file_permissions_etc_passwd", "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns passwd File", + "value": "Verify Permissions on passwd File", "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_passwd", + "value": "file_groupowner_backup_etc_passwd", "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns passwd File", + "value": "Verify Group Who Owns Backup passwd File", "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_passwd", + "value": "file_owner_backup_etc_passwd", "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on passwd File", + "value": "Verify User Who Owns Backup passwd File", "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_passwd", + "value": "file_permissions_backup_etc_passwd", "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup passwd File", + "value": "Verify Permissions on Backup passwd File", "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_passwd", + "value": "file_groupowner_etc_group", "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup passwd File", + "value": "Verify Group Who Owns group File", "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_passwd", + "value": "file_owner_etc_group", "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup passwd File", + "value": "Verify User Who Owns group File", "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_group", + "value": "file_permissions_etc_group", "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns group File", + "value": "Verify Permissions on group File", "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_group", + "value": "file_groupowner_backup_etc_group", "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns group File", + "value": "Verify Group Who Owns Backup group File", "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_group", + "value": "file_owner_backup_etc_group", "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on group File", + "value": "Verify User Who Owns Backup group File", "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_group", + "value": "file_permissions_backup_etc_group", "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup group File", + "value": "Verify Permissions on Backup group File", "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_group", + "value": "file_owner_etc_shadow", "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup group File", + "value": "Verify User Who Owns shadow File", "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_group", + "value": "file_groupowner_etc_shadow", "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup group File", + "value": "Verify Group Who Owns shadow File", "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shadow", + "value": "file_permissions_etc_shadow", "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns shadow File", + "value": "Verify Permissions on shadow File", "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shadow", + "value": "file_groupowner_backup_etc_shadow", "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns shadow File", + "value": "Verify User Who Owns Backup shadow File", "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shadow", + "value": "file_owner_backup_etc_shadow", "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on shadow File", + "value": "Verify Group Who Owns Backup shadow File", "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_shadow", + "value": "file_permissions_backup_etc_shadow", "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup shadow File", + "value": "Verify Permissions on Backup shadow File", "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_shadow", + "value": "file_groupowner_etc_gshadow", "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup shadow File", + "value": "Verify Group Who Owns gshadow File", "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_shadow", + "value": "file_owner_etc_gshadow", "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup shadow File", + "value": "Verify User Who Owns gshadow File", "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_gshadow", + "value": "file_permissions_etc_gshadow", "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns gshadow File", + "value": "Verify Permissions on gshadow File", "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_gshadow", + "value": "file_groupowner_backup_etc_gshadow", "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns gshadow File", + "value": "Verify Group Who Owns Backup gshadow File", "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_gshadow", + "value": "file_owner_backup_etc_gshadow", "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on gshadow File", + "value": "Verify User Who Owns Backup gshadow File", "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_gshadow", + "value": "file_permissions_backup_etc_gshadow", "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup gshadow File", + "value": "Verify Permissions on Backup gshadow File", "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_gshadow", + "value": "file_groupowner_etc_shells", "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup gshadow File", + "value": "Verify Group Who Owns /etc/shells File", "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_gshadow", + "value": "file_owner_etc_shells", "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup gshadow File", + "value": "Verify Who Owns /etc/shells File", "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shells", + "value": "file_permissions_etc_shells", "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/shells File", + "value": "Verify Permissions on /etc/shells File", "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shells", + "value": "file_groupowner_etc_security_opasswd", "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Who Owns /etc/shells File", + "value": "Verify Group Who Owns /etc/security/opasswd File", "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shells", + "value": "file_owner_etc_security_opasswd", "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/shells File", + "value": "Verify User Who Owns /etc/security/opasswd File", "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd", + "value": "file_permissions_etc_security_opasswd", "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd File", + "value": "Verify Permissions on /etc/security/opasswd File", "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd", + "value": "file_groupowner_etc_security_opasswd_old", "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd File", + "value": "Verify Group Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_security_opasswd", + "value": "file_owner_etc_security_opasswd_old", "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/security/opasswd File", + "value": "Verify User Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd_old", + "value": "file_permissions_etc_security_opasswd_old", "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd.old File", + "value": "Verify Permissions on /etc/security/opasswd.old File", "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd_old", + "value": "file_permissions_unauthorized_world_writable", "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd.old File", + "value": "Ensure No World-Writable Files Exist", "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_security_opasswd_old", + "value": "dir_perms_world_writable_sticky_bits", "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/security/opasswd.old File", + "value": "Verify that All World-Writable Directories Have Sticky Bits Set", "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_world_writable", + "value": "no_files_or_dirs_unowned_by_user", "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure No World-Writable Files Exist", + "value": "Ensure All Files And Directories Are Owned by a User", "remarks": "rule_set_295" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_296" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_296" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_297" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_297" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_316" + "remarks": "rule_set_314" } ], "control-implementations": [ { - "uuid": "42949130-a6b1-41d4-856a-e53a76c7971b", + "uuid": "e533c784-0c12-440e-b6bd-3d407e67c998", "source": "trestle://profiles/rhel10-cis_rhel10-l1_workstation/profile.json", "description": "Control implementation for cis_workstation_l1", "props": [ @@ -5089,13 +5065,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -5203,7 +5179,7 @@ ], "implemented-requirements": [ { - "uuid": "e7876106-cdb6-471c-9cef-b49911160ef8", + "uuid": "51fcb8f0-ecc4-4386-ac8f-c21cc7bc2f80", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -5220,7 +5196,7 @@ ] }, { - "uuid": "4cae9646-5c83-468d-a4a2-59ea7f9e170f", + "uuid": "e06cfe14-c0c1-4fee-a186-ed5075581f41", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -5237,7 +5213,7 @@ ] }, { - "uuid": "87613717-27a0-4bdd-95e6-53fd0d39cad2", + "uuid": "586741e6-4359-45eb-b87e-a649d8cc628c", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -5254,7 +5230,7 @@ ] }, { - "uuid": "6b32f075-670a-4131-8b7e-ddfe2e699661", + "uuid": "44da5942-cfc8-4151-8e41-1b22d588847c", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -5271,7 +5247,7 @@ ] }, { - "uuid": "ee565c6f-d678-4100-a686-1b9183bf7449", + "uuid": "75014019-8c55-4343-99dc-88af74abec81", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -5288,7 +5264,7 @@ ] }, { - "uuid": "edfaef65-2990-48e5-8cba-e7f94be6a078", + "uuid": "ee906330-9a74-42a3-a2ac-7766765a8e2e", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -5305,7 +5281,7 @@ ] }, { - "uuid": "7cf77426-b0e7-4378-ad1b-541d59254b50", + "uuid": "a5302782-ed8f-432b-9042-618865259299", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -5318,7 +5294,7 @@ ] }, { - "uuid": "99130eec-ce1e-46f9-8c53-8a67bcd28755", + "uuid": "f579c103-7f76-4b97-9643-6b04277ed0e1", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -5335,7 +5311,7 @@ ] }, { - "uuid": "547bf8c7-6309-4282-a6bd-1fa0bb1445ad", + "uuid": "d7752397-ecc5-4277-be9e-4a324e7a3c73", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -5352,7 +5328,7 @@ ] }, { - "uuid": "be3e7614-53a2-4936-8e0e-c9e83205710a", + "uuid": "f08c4c45-c8e2-4434-97f5-5950ce96646f", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -5369,7 +5345,7 @@ ] }, { - "uuid": "127a381a-5cdb-4954-adb6-d662391ea863", + "uuid": "2ffa8dab-e25f-4be1-8dff-5201d25e0fbd", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -5386,7 +5362,7 @@ ] }, { - "uuid": "46c904bf-f98d-4fd0-8430-64b7bf2e0777", + "uuid": "ee95aa3b-4f7e-467a-bcb1-e6bd40255a8e", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -5403,7 +5379,7 @@ ] }, { - "uuid": "b8f010e1-0af6-4fae-8f3f-e63ac63f83e2", + "uuid": "8ba58a92-a199-49c2-bc1c-ab0ee081b2ae", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -5420,7 +5396,7 @@ ] }, { - "uuid": "cb763c14-0567-403a-a2a1-cd862a0f28d7", + "uuid": "c8fb272e-b178-4283-b9b4-3955df56b260", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -5437,7 +5413,7 @@ ] }, { - "uuid": "a28e063a-7522-4750-9253-75a8d08792c8", + "uuid": "ed68ed5a-3832-4ac8-bcb8-6b7835ca68da", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -5454,7 +5430,7 @@ ] }, { - "uuid": "fdb2453d-d703-42b5-a124-dea3a0e608fc", + "uuid": "43b7c55c-e79d-4d40-a3ef-084030e9df6c", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -5471,7 +5447,7 @@ ] }, { - "uuid": "3d179285-6fb3-4d35-9380-c4a2b0ecb5ea", + "uuid": "4904f3db-0714-47e4-9a4a-99a8113dae4d", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -5488,7 +5464,7 @@ ] }, { - "uuid": "d2f8e068-bd23-4883-b318-76a9128c350c", + "uuid": "f6127d4d-397e-42e4-bd2a-6a4811c9e055", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -5505,7 +5481,7 @@ ] }, { - "uuid": "59531b73-d15d-4b07-9297-920d40c8d312", + "uuid": "2f1fc588-e806-4d5a-94f2-5984dab392f1", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -5522,7 +5498,7 @@ ] }, { - "uuid": "6b39203c-8eaf-4ae9-98a7-1cba5fd34fec", + "uuid": "82147aad-93a4-4d4e-a0bc-96a7a1937312", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -5539,7 +5515,7 @@ ] }, { - "uuid": "129a4d26-e41b-462b-825d-95d2cc5ea9d7", + "uuid": "62d2461c-4e64-4d33-a789-55bc3d9a6728", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -5556,7 +5532,7 @@ ] }, { - "uuid": "abe9bdf5-e86b-4baf-84eb-8b1b24b1ab9c", + "uuid": "55b8c7f2-b618-4ab4-9ed9-2cb9205e213c", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -5573,7 +5549,7 @@ ] }, { - "uuid": "c72cdf22-ba0a-40aa-8dee-cf7b0dbc505c", + "uuid": "507a8ccb-e3df-4087-aea3-50f9ef808520", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -5590,7 +5566,7 @@ ] }, { - "uuid": "3144cba9-a50c-4912-9d3a-ecf57680b9ed", + "uuid": "354a47f1-cd6b-4d64-b78b-aa2914e151e9", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -5607,7 +5583,7 @@ ] }, { - "uuid": "dcaae566-feac-410e-8ecf-dab2b9d23a1c", + "uuid": "eb5f891c-45e0-45c0-89f1-acc7e24a12ad", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -5624,7 +5600,7 @@ ] }, { - "uuid": "30773af8-e676-45c2-a398-a5098c1e5395", + "uuid": "0142a17e-919f-456d-9fbc-c365722562a2", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -5641,7 +5617,7 @@ ] }, { - "uuid": "64539bee-3053-4c24-8849-0c18272b6247", + "uuid": "9f7b4c05-b83f-4bfe-bc1e-50383ab49475", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -5658,7 +5634,7 @@ ] }, { - "uuid": "fb60d8ec-d35c-4204-a105-b97a07f49b09", + "uuid": "b87b39c0-ec6a-44d8-a98c-d2e0a2c0d4fa", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -5675,7 +5651,7 @@ ] }, { - "uuid": "f5f586c7-0378-4d1c-be0f-73d22cb005b2", + "uuid": "9c44cc59-dffa-40b8-a616-894e2d639425", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -5688,7 +5664,7 @@ ] }, { - "uuid": "81c83dee-7e15-4d13-8d10-0b96019dbc08", + "uuid": "1022f249-c3c2-4c80-87a5-7ac281a0f05e", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -5705,7 +5681,7 @@ ] }, { - "uuid": "8d6b3d1d-45a2-4fa8-a23c-4744ad7dddee", + "uuid": "110bea66-4702-46d9-9b1f-1b95bd54ca80", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -5718,7 +5694,7 @@ ] }, { - "uuid": "3156ac59-8ce2-490a-9416-9908e53ee875", + "uuid": "272282f4-77c1-429d-9b03-f43d2838050b", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -5731,7 +5707,7 @@ ] }, { - "uuid": "4aecc71c-c7c3-4eed-8449-738130e3ac62", + "uuid": "cb589d54-df0e-4e87-976e-e762e81f632f", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -5748,7 +5724,7 @@ ] }, { - "uuid": "1573e3db-d72f-4c62-8a07-fc676c6e4ca4", + "uuid": "b4fa1267-0789-4781-85c2-848f68615047", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -5765,7 +5741,7 @@ ] }, { - "uuid": "7a06744a-c7af-4869-866e-401cf6c82d38", + "uuid": "d317560c-4a81-46aa-b366-dc70c47547a8", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -5782,7 +5758,7 @@ ] }, { - "uuid": "802586a5-f011-49af-8b32-ea7ad9fc4d60", + "uuid": "ccdf6d9b-dea3-41aa-b119-40922d6c6c1f", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -5799,7 +5775,7 @@ ] }, { - "uuid": "85ecac9d-a03c-4b1f-9f09-846071f20df3", + "uuid": "1ae9ca30-07d5-4e9c-871a-97e4bcbb9a49", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -5816,7 +5792,7 @@ ] }, { - "uuid": "bd3af713-5b75-44cc-9cde-cb0ea3429f9d", + "uuid": "2d3331d5-8c88-49e8-8018-199c4d2000ae", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -5833,50 +5809,34 @@ ] }, { - "uuid": "d36e3e0f-b8ab-449c-ad94-d7034459a908", + "uuid": "10dff3cd-8815-49bb-9da1-674fa7535340", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "0aa0a62c-c4a8-4323-8eee-36c3d6317407", + "uuid": "d8aaf154-ab72-4c5e-b10a-750748c3cad9", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -5893,7 +5853,7 @@ ] }, { - "uuid": "863b97f9-8ede-4779-9188-7fb06b1d446d", + "uuid": "4fa164ea-d237-46b1-9e0f-cf16de3e45c6", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -5910,7 +5870,7 @@ ] }, { - "uuid": "1615b6ba-1f6a-4586-a506-efa71d73a20d", + "uuid": "fc671bbd-3eb5-47eb-8e7e-adf0d64b17ca", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -5927,7 +5887,7 @@ ] }, { - "uuid": "df6858ad-6bef-432c-9051-ce3bf3e3d341", + "uuid": "a5ccd87c-7235-44ea-b718-aa2c509ea09b", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -5944,7 +5904,7 @@ ] }, { - "uuid": "75979fd9-f6a4-4b36-b85d-872a13c7b685", + "uuid": "4dd0774e-0411-4bd4-ad6a-16862c66b8da", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -5961,7 +5921,7 @@ ] }, { - "uuid": "12818e28-879e-4724-8e49-4ea0cb87afa8", + "uuid": "d39b0b6f-b195-4b7e-84e8-dbb24e541aa9", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -5978,7 +5938,7 @@ ] }, { - "uuid": "fbe1b448-34a4-44e4-8f65-9ca9afda97ce", + "uuid": "459269d4-42b6-4ed8-bf72-4e56126b22dc", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -5995,7 +5955,7 @@ ] }, { - "uuid": "b2a95098-e3e3-4c30-8936-7716d095ff14", + "uuid": "7973a6b6-95be-49e4-8a1f-d05dac18560f", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -6012,7 +5972,7 @@ ] }, { - "uuid": "8ed74936-fa8c-4243-bdbb-16589327d7a1", + "uuid": "3180a71d-d0fb-4e92-ad8d-c61f96166655", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -6029,7 +5989,7 @@ ] }, { - "uuid": "7c72ffa5-d96f-4680-a568-4d0a1c3c6954", + "uuid": "88502a01-413e-40d2-b479-11a7e7a51075", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -6046,7 +6006,7 @@ ] }, { - "uuid": "95742197-a5ff-43a9-89fb-04afa6ee73f3", + "uuid": "68b5b890-83c0-48a3-a6d1-8434c4522340", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -6063,7 +6023,7 @@ ] }, { - "uuid": "929af0ca-da0d-4805-9d87-13891e3bd737", + "uuid": "a74a1974-d1b5-420d-a376-c39a970e17ec", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -6080,7 +6040,7 @@ ] }, { - "uuid": "95f23814-6db6-4bfd-8ba4-72e1e2138dae", + "uuid": "1cbb96f6-e4cd-45db-a334-619906ae5448", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -6097,7 +6057,7 @@ ] }, { - "uuid": "092ef3f2-3b23-4a15-b6cb-996296830d6d", + "uuid": "f2038889-2b93-49f9-bb98-2e043f8a7bfb", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -6114,7 +6074,7 @@ ] }, { - "uuid": "dcd2eb9d-47e7-4b67-8395-1a48d766c1fa", + "uuid": "93f911b7-fb05-4f72-aa1f-cc854ad14333", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -6131,7 +6091,7 @@ ] }, { - "uuid": "39b3c71c-2bc0-480e-9eb2-fbbcd5263e7b", + "uuid": "cceee787-fc5d-495c-96ce-71f38dbf5bc8", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -6148,7 +6108,7 @@ ] }, { - "uuid": "6bfb094e-de36-4f26-92ed-e4a6ea4d1842", + "uuid": "546dbc49-b376-4066-986f-f2e6497b9a51", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -6175,7 +6135,7 @@ ] }, { - "uuid": "b1b11c25-7ec3-4a07-a195-89b7ac51333b", + "uuid": "97c15183-d6ca-4c6d-97a6-0448e73ce9a5", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -6202,7 +6162,7 @@ ] }, { - "uuid": "383775a0-e0a9-4a05-be8e-8aff8bffb4f0", + "uuid": "dd96525e-fb07-419e-85bd-74e1424af9d2", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -6229,7 +6189,7 @@ ] }, { - "uuid": "738e0a0e-81f7-4eba-b86d-24ee4f93ee90", + "uuid": "abfff4cb-3904-4f2f-9f3f-be60f8fb2154", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -6251,7 +6211,7 @@ ] }, { - "uuid": "6e224495-177b-4196-be07-954597a6ac34", + "uuid": "c2f8260e-594a-4ca9-921e-51894739e12a", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -6268,7 +6228,7 @@ ] }, { - "uuid": "37d04f06-d5c0-4b72-98de-4aec356a8a76", + "uuid": "dbc7bea4-a378-476f-8dee-2287d64b53c8", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -6300,7 +6260,7 @@ ] }, { - "uuid": "77853784-d218-43fb-87aa-30c53aab3af4", + "uuid": "e6f2f3c8-541e-4104-b9e8-a7f5895ad40e", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -6317,7 +6277,7 @@ ] }, { - "uuid": "2470ba2c-1104-4177-9a1f-193cbd88271d", + "uuid": "256346ec-aad8-403b-b38a-c5693774b669", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -6334,7 +6294,7 @@ ] }, { - "uuid": "b40fd7b1-f7e0-46fb-b0e8-e902a8508900", + "uuid": "71d880b9-0316-44c8-9bfa-5f6f4b29cbd7", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -6351,7 +6311,7 @@ ] }, { - "uuid": "455d0896-2ad9-45f4-bf92-a6a42b76a274", + "uuid": "24313e60-a063-436a-8863-8a89b0f71982", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -6368,7 +6328,7 @@ ] }, { - "uuid": "4adc554b-0564-4a6e-82cc-fa498a6b7da8", + "uuid": "36ff28dc-8ab6-4782-85b9-27149113ee0c", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -6385,7 +6345,7 @@ ] }, { - "uuid": "a5f66099-95bf-4677-8e3a-11c4f6657ac7", + "uuid": "e6007a29-02c2-4f05-991a-ad894fc03599", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -6407,7 +6367,7 @@ ] }, { - "uuid": "81443e4f-55c2-4d88-82df-1d9d63468c32", + "uuid": "9a7c0001-8a0b-490a-b4a3-b5012354a3ba", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -6424,7 +6384,7 @@ ] }, { - "uuid": "fc1c0e58-df0c-4d2e-8766-aa55470337ec", + "uuid": "dd357c6f-713b-445a-a3f3-8d39abe5597f", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -6441,7 +6401,7 @@ ] }, { - "uuid": "8bb469a3-0b23-44b8-850a-4a35466f3826", + "uuid": "a9bdd183-0c06-46e1-8e9e-f19cd1530c14", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -6458,7 +6418,7 @@ ] }, { - "uuid": "993620db-1837-4aca-967c-57a324e5c47f", + "uuid": "8a5d00d2-d613-4da5-90e8-cb467639941c", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -6475,7 +6435,7 @@ ] }, { - "uuid": "5ce6a8b7-b7c8-4478-b052-f88f472561c2", + "uuid": "9e422205-6ca6-4d73-8cec-251fa76437e8", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -6492,7 +6452,7 @@ ] }, { - "uuid": "4f9c289a-e15e-41d0-ac26-aad12f5b8fdd", + "uuid": "822a1175-19aa-451b-bbbe-50711d76e81a", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -6509,7 +6469,7 @@ ] }, { - "uuid": "c98d5fc6-89be-463d-8450-4b812e9b542a", + "uuid": "c6a2b298-0f79-42b1-90de-89e95fc695af", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -6526,7 +6486,7 @@ ] }, { - "uuid": "5c253b67-3742-426f-b9d7-d3adb91efc06", + "uuid": "8ae9ae0d-fe85-4b4d-abaa-74a6f8eb7e63", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -6543,7 +6503,7 @@ ] }, { - "uuid": "f5fb5c64-d867-45a7-972a-093a3ac4ebad", + "uuid": "6dd60ef4-9ada-4952-8247-8dfec607729e", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -6565,7 +6525,7 @@ ] }, { - "uuid": "b415d9ba-052f-40b0-b0e0-395c925eee4c", + "uuid": "a7b051f4-c193-43b2-904f-4618c240a7b2", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -6587,7 +6547,7 @@ ] }, { - "uuid": "d50b2c12-855b-4a26-8fe4-7f3ac1841ff9", + "uuid": "25c75543-249d-48af-b69e-16d2bf1603d0", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -6600,7 +6560,7 @@ ] }, { - "uuid": "2942871c-b709-4a2e-b297-d22a975539f6", + "uuid": "e625f25f-5c9b-44b7-aee2-a20d80715e0e", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -6617,7 +6577,7 @@ ] }, { - "uuid": "be216724-3a97-43b9-b70f-8808501f142f", + "uuid": "e84c3d64-45c8-45f5-8b1f-6279a10d16ad", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -6634,7 +6594,7 @@ ] }, { - "uuid": "af37adfa-a9ae-41c3-981e-e4db82fb0e41", + "uuid": "c72c63ce-1d7b-4e69-9a60-152eec55cf12", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -6651,7 +6611,7 @@ ] }, { - "uuid": "20b5daa2-ce8e-4826-81a0-9919492b0a56", + "uuid": "33d995f6-2319-4df5-a6e0-2d6e929992c3", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -6663,7 +6623,7 @@ ] }, { - "uuid": "b416ff28-a01a-4b2e-938e-d9d9a1752482", + "uuid": "aa96c378-2122-4f7d-9848-a16bd15073c0", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -6680,7 +6640,7 @@ ] }, { - "uuid": "db3cb8c4-5a49-4c9b-bfee-79b26b42759e", + "uuid": "d43de4e3-2d74-4939-b5b6-3d5754a4b58f", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -6697,7 +6657,7 @@ ] }, { - "uuid": "e6976d17-7611-4fc5-9ece-9ef07f28619b", + "uuid": "2be62664-3a87-40d0-bcf9-721080081a5a", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -6719,7 +6679,7 @@ ] }, { - "uuid": "327f01f0-9385-48c9-b63b-570496ff34f6", + "uuid": "242f3bbd-5475-4a50-8974-28aaa304345f", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -6746,7 +6706,7 @@ ] }, { - "uuid": "be997a5a-96aa-4423-b4a3-11bca77fac79", + "uuid": "50830d5d-2510-4f02-9472-a969be57e64e", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -6773,7 +6733,7 @@ ] }, { - "uuid": "cb9b011c-e665-498f-95f2-9bfa835d4082", + "uuid": "44ad82c2-5ea9-46b7-93a3-5280363324f2", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -6800,7 +6760,7 @@ ] }, { - "uuid": "bc4bbec5-f677-4fee-a051-88f6ed9bb501", + "uuid": "271acc14-f460-4401-8760-943bc435fade", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -6827,7 +6787,7 @@ ] }, { - "uuid": "02388989-aea0-4a5b-b5b4-d9c0e17d7a50", + "uuid": "d8f9b97b-694e-43eb-b644-6c8c21571fd0", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -6854,7 +6814,7 @@ ] }, { - "uuid": "9fe72845-a6bf-49d9-9124-980741396646", + "uuid": "70119f3a-cd86-451d-848d-0fa731062742", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -6881,7 +6841,7 @@ ] }, { - "uuid": "6e5007ad-1386-43e7-b40b-5713e80c9cff", + "uuid": "6e6437e9-acce-4dca-988a-52bb09594bb1", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -6908,7 +6868,7 @@ ] }, { - "uuid": "3b499e76-7656-431e-b4e8-ca6be0b4e1c1", + "uuid": "2b66b9f1-9e88-4a7d-a8a5-adffc02355b2", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -6945,7 +6905,7 @@ ] }, { - "uuid": "93fe6f40-14d4-49b2-bce1-fb2e86c3c3ed", + "uuid": "da78c819-9056-43b4-bfe4-f4bb6ab07145", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -6982,7 +6942,7 @@ ] }, { - "uuid": "42a4c19e-df7b-438a-8dcf-ccdf4b4ecbf9", + "uuid": "33d53f7f-3b24-40e9-9f21-d4ca723a2714", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -6995,7 +6955,7 @@ ] }, { - "uuid": "af92258e-f554-4dbc-88e8-335626aa3317", + "uuid": "4b0b4667-828e-45e9-b17e-35f0380f36e7", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -7012,7 +6972,7 @@ ] }, { - "uuid": "194cb2de-f11c-4b79-9760-7a8b9424fa2a", + "uuid": "402467f8-d6a9-4d6e-a1ae-515e92270921", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -7029,7 +6989,7 @@ ] }, { - "uuid": "20298a2d-6932-4988-87c7-d8e7b130a127", + "uuid": "97ce5b79-b0fa-4134-a25b-7f849adc64e4", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -7046,7 +7006,7 @@ ] }, { - "uuid": "7c9425ee-d88f-41a9-8560-1077e1e043aa", + "uuid": "a1a6eb7f-cba1-4d80-985b-8592a27b715e", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -7063,7 +7023,7 @@ ] }, { - "uuid": "d24f3cf9-3039-4aad-b000-162b67a918c2", + "uuid": "388a3bca-6e75-4c40-b435-2c3d08a19a91", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -7080,7 +7040,7 @@ ] }, { - "uuid": "e0be4428-988c-4ee3-a2e0-7033b486294a", + "uuid": "e5da3edb-7374-4e34-9772-05b94f0479b1", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -7097,7 +7057,7 @@ ] }, { - "uuid": "47fd9798-1340-4ce2-8908-f633ce5f4381", + "uuid": "d7822713-1af8-4b24-b775-d517a7489c02", "control-id": "cis_rhel10_3-3.1.1", "description": "No notes for control-id 3.3.1.1.", "props": [ @@ -7114,7 +7074,7 @@ ] }, { - "uuid": "43c4b292-6dcf-4f03-a43e-6fe0179448a6", + "uuid": "4a96ea2c-ff01-4d2b-8dec-0bfe7fde4da8", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -7131,7 +7091,7 @@ ] }, { - "uuid": "63dc5cb9-c18c-4ae9-9383-a630dcced982", + "uuid": "8d952925-a699-4883-a68a-fa476275632f", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -7148,7 +7108,7 @@ ] }, { - "uuid": "a66663cc-3336-45db-aa58-115a76604bc1", + "uuid": "efb163a4-4950-419e-98ac-c4f48febd09d", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -7165,7 +7125,7 @@ ] }, { - "uuid": "58c55346-4c53-4277-9201-377416fecb6e", + "uuid": "8d00de9f-4340-44e2-8ad9-0468fbff08da", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -7182,7 +7142,7 @@ ] }, { - "uuid": "380638b8-4295-4e62-8c78-0d97d3a91552", + "uuid": "e82be7ff-64ee-4a4f-b7b8-96b7a5143fd5", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -7199,7 +7159,7 @@ ] }, { - "uuid": "d7b7431f-9b10-4af9-9669-0a2557a8970e", + "uuid": "1b8865c7-e637-470e-b3cb-af04be2e6ed9", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -7216,7 +7176,7 @@ ] }, { - "uuid": "4d2f9d1a-8cb2-4e90-8efd-d3ed12c131a6", + "uuid": "e30c5a2a-13bc-4aa1-a9f1-70b1efe7dac2", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -7233,7 +7193,7 @@ ] }, { - "uuid": "37c813d5-3356-4e76-aafa-df197543cc78", + "uuid": "febfcc9e-5581-4f2c-aae6-adf62ee63057", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -7250,7 +7210,7 @@ ] }, { - "uuid": "b4b99c8f-4203-4e43-979e-70d4ce865554", + "uuid": "56e08402-da3e-434e-83da-850b041d75b1", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -7267,7 +7227,7 @@ ] }, { - "uuid": "ed601fe7-07ab-45b1-bc3a-59b9dfc217e4", + "uuid": "a0c16d86-c43e-40cc-9683-28829df67462", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -7284,7 +7244,7 @@ ] }, { - "uuid": "ab2fcb4f-c7bd-4bfa-8626-91454b73e215", + "uuid": "1fbe24ea-3b7d-42f5-8405-cb3b3ae49747", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -7301,7 +7261,7 @@ ] }, { - "uuid": "a6d81c8d-c2dc-4535-8de2-adb6e1b9437d", + "uuid": "74e592b2-d2c4-44b3-99bc-d99296ccd6a5", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -7318,7 +7278,7 @@ ] }, { - "uuid": "f3812cb0-0208-4d9f-9504-16b444276b77", + "uuid": "c68bc5af-2c6b-42a8-9c56-ad197d248db8", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -7335,7 +7295,7 @@ ] }, { - "uuid": "5e87690f-391e-4f6b-a6a6-70c5308602ff", + "uuid": "ce97397e-37ca-40af-9b6d-d8b89cd58644", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -7352,7 +7312,7 @@ ] }, { - "uuid": "34d10a7b-e0ba-4ed3-b2d1-d00c999b1bd7", + "uuid": "6f287b55-011b-4b52-9076-d2b0c55e5ed6", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -7369,7 +7329,7 @@ ] }, { - "uuid": "f8792fcb-5481-429f-ba6a-c4591d417ee3", + "uuid": "451b5990-3d13-434d-aa35-2eb3e34ab390", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -7386,7 +7346,7 @@ ] }, { - "uuid": "cc5671df-2367-4110-ac8c-cfdcba75f6c7", + "uuid": "8a7f0754-ec1d-4177-b14a-3eea74f512c6", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -7403,7 +7363,7 @@ ] }, { - "uuid": "7d62b138-9eb7-4e2c-a237-4696b282a556", + "uuid": "33536018-e1b4-4430-aabe-a01b34f479d6", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -7420,7 +7380,7 @@ ] }, { - "uuid": "db1df86a-0cc9-4e11-92c5-82c9037dd19d", + "uuid": "00b69504-6781-40a2-a540-bca1cd5307df", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -7437,7 +7397,7 @@ ] }, { - "uuid": "f398cd8c-45fd-4430-8945-e4cf04aeafbc", + "uuid": "eb119344-6c2d-471a-bff5-7b416c3b8bec", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -7454,7 +7414,7 @@ ] }, { - "uuid": "bc2aeb2a-a808-490b-b31e-987a8ad88942", + "uuid": "11205d67-677d-4dc2-bc19-8f78008c7049", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -7471,7 +7431,7 @@ ] }, { - "uuid": "0903a0b0-4e7f-4468-a9e3-753e265aaeb5", + "uuid": "7c46ff2d-39bb-498f-8201-c6828db22c59", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -7488,7 +7448,7 @@ ] }, { - "uuid": "cb7b2a60-e3d8-4281-b8a0-edea7c0464ad", + "uuid": "2dba4ab8-4a1c-4b4e-9c86-3cdecb670b21", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -7505,7 +7465,7 @@ ] }, { - "uuid": "bd568f0b-3d73-48a4-93de-a933067f5f15", + "uuid": "b60ee3fd-7572-4342-8ac4-f0c90c2ee990", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -7522,7 +7482,7 @@ ] }, { - "uuid": "5f47a603-8001-422f-a5c9-8ca333bb6d4f", + "uuid": "1fb4d2fa-262b-4a5e-b960-840c20c5859e", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -7539,7 +7499,7 @@ ] }, { - "uuid": "60422053-659d-4389-94ea-ca82b95edc37", + "uuid": "65574c1e-127b-4ed2-ab4a-60ed947668e6", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -7556,7 +7516,7 @@ ] }, { - "uuid": "e03c6f49-7fd1-45b4-b062-c8e332239cfe", + "uuid": "b448ee51-28a0-4def-a5fe-fa2e75ed8472", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -7573,7 +7533,7 @@ ] }, { - "uuid": "3b5cf75b-f507-4797-b1d8-fc8f0e75b8f2", + "uuid": "c3881bf0-7d1e-423d-8f4c-c18fe3771934", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -7590,7 +7550,7 @@ ] }, { - "uuid": "cb1d0003-635b-4612-85d3-cd5a7b5c6d52", + "uuid": "01cfacf1-245d-448c-9dbc-c25bc4ebceba", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -7598,12 +7558,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "1a9645ad-d58d-4772-ad48-91e363e8dbe4", + "uuid": "c3f6f184-4c93-4a58-acf3-7d4605bcfdf3", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -7620,7 +7580,7 @@ ] }, { - "uuid": "5698178c-e32c-4a7f-a0fb-b121902adafd", + "uuid": "9c0b44d4-3564-4e97-ac76-414e9e78aa0e", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -7633,7 +7593,7 @@ ] }, { - "uuid": "301c84aa-24d3-4b69-b2ed-8ed27979efeb", + "uuid": "cff34c3c-c2b1-4ffb-905e-49297fad5892", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -7646,7 +7606,7 @@ ] }, { - "uuid": "ad81c7ca-3615-4cd6-9e15-fe39187ac3fb", + "uuid": "07a47fa5-9503-4411-a1fa-2e628447078c", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -7703,7 +7663,7 @@ ] }, { - "uuid": "fd897860-e630-4fe7-b0ee-c8eb31ff35d9", + "uuid": "54f6be2b-96aa-4feb-b5d5-8285878ee897", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -7730,7 +7690,7 @@ ] }, { - "uuid": "66e52be8-69e4-46e9-8c84-45a245d4cd1b", + "uuid": "1cf5baff-cd2b-4041-850b-5cb13316e93a", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -7757,7 +7717,7 @@ ] }, { - "uuid": "9c857b4c-a72b-4fe6-8afd-cf7355da0005", + "uuid": "c00070ff-bd15-4000-8966-1cb0107650fc", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -7774,7 +7734,7 @@ ] }, { - "uuid": "5f47a760-4f89-4f23-8807-3c8ae13719da", + "uuid": "9c1b820c-72ae-470e-b2ab-bf72a7bf78ad", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -7791,7 +7751,7 @@ ] }, { - "uuid": "b23a8c67-7d67-4a19-917c-ed93f251789f", + "uuid": "1610bd2e-7c4a-4f0a-b430-ff03699ccc92", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -7808,7 +7768,7 @@ ] }, { - "uuid": "c4c65a47-130d-49d1-8538-2294d2bda794", + "uuid": "598c7a0b-2611-4406-97cf-8c8cd6fe5093", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -7830,7 +7790,7 @@ ] }, { - "uuid": "73f82ea4-b9a8-4471-920c-d9ce7664549c", + "uuid": "5107fe10-5ae3-4bbc-b506-93b6b48aad19", "control-id": "cis_rhel10_5-1.8", "description": "No notes for control-id 5.1.8.", "props": [ @@ -7847,7 +7807,7 @@ ] }, { - "uuid": "92164194-821f-46a5-88c4-ba320c4c0204", + "uuid": "3e5127cf-664e-4515-b418-60ced3cf05c7", "control-id": "cis_rhel10_5-1.9", "description": "No notes for control-id 5.1.9.", "props": [ @@ -7864,7 +7824,7 @@ ] }, { - "uuid": "50b542a5-1de7-4637-9314-1b3357e69926", + "uuid": "ba5b4f58-b9c8-4df4-adcf-50a0a47929ca", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -7881,7 +7841,7 @@ ] }, { - "uuid": "78199df7-f50c-462a-b63d-a3caaf6caa6a", + "uuid": "1290c164-d491-46b3-ba22-6f42397938a2", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -7898,7 +7858,7 @@ ] }, { - "uuid": "214b4ed5-d6c9-432d-9005-b3b93ec6bae3", + "uuid": "c565e247-781d-472d-b7a1-50afe39b4395", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -7916,7 +7876,7 @@ ] }, { - "uuid": "75afa335-0c38-42a5-b909-8862e9782de3", + "uuid": "73a32e27-4bc7-45cb-84b6-123091c12471", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -7933,7 +7893,7 @@ ] }, { - "uuid": "a9872c00-abb1-4603-a3e4-2f89a5b5ba63", + "uuid": "9a56c456-7833-4725-9466-cbca0b152e2a", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -7950,7 +7910,7 @@ ] }, { - "uuid": "638012cb-350f-4a92-8705-c661fced5ed1", + "uuid": "a2cb93e8-29d4-4209-b2b6-a8556fb21279", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -7967,7 +7927,7 @@ ] }, { - "uuid": "de6f198f-2a6c-4bb7-8e17-51194da4e853", + "uuid": "2ae32f73-6844-442f-ba2c-b7120bec667b", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -7984,7 +7944,7 @@ ] }, { - "uuid": "f493b2a4-0050-4cf7-84ea-a381ad2d4469", + "uuid": "72eb130a-88e4-4925-8789-b73e250b7155", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -8001,7 +7961,7 @@ ] }, { - "uuid": "3325b516-2d31-4da4-8e57-ee527fbbb9be", + "uuid": "29042c19-e891-4089-ae2e-1701b7a59d8d", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -8018,7 +7978,7 @@ ] }, { - "uuid": "4e1f87cd-84af-40e1-aa34-41f4e98f2e7a", + "uuid": "a60b3596-0da0-4858-9bb9-105d8456fb38", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -8035,7 +7995,7 @@ ] }, { - "uuid": "b57ee297-ff85-432a-9345-4342c9e8bf55", + "uuid": "73fb301b-92f0-4079-aa19-d0b00b6d5823", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -8052,7 +8012,7 @@ ] }, { - "uuid": "f0cb386b-ac1a-460b-a6ce-7575ed2b9745", + "uuid": "9f052ebe-bf49-485c-9791-1cb8143aa200", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -8069,7 +8029,7 @@ ] }, { - "uuid": "9c04f52f-1ea2-4a02-bdc6-581699ab802b", + "uuid": "d4389002-736c-4634-ba88-c0239dd930ea", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -8086,7 +8046,7 @@ ] }, { - "uuid": "646f9ab2-3d00-40e3-8f56-ab46b0049f67", + "uuid": "2f0001d6-cb93-4a33-a8dd-6a65ae3c3866", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -8103,7 +8063,7 @@ ] }, { - "uuid": "0e6fd26e-baae-419b-b7a5-289a5ce63f39", + "uuid": "cd80f1d1-9724-4656-a616-bb100eec26c7", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -8120,7 +8080,7 @@ ] }, { - "uuid": "d41393e5-515e-4689-b773-13f49dec9473", + "uuid": "f5452c55-c4c0-49ca-988e-ca0d8a2c87f9", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -8137,7 +8097,7 @@ ] }, { - "uuid": "60edd9f7-e14b-43a5-9894-32ae9320adb6", + "uuid": "effad9e8-1610-49c9-9576-12650f0ed913", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -8154,7 +8114,7 @@ ] }, { - "uuid": "fe9f3a2a-3077-4b78-a015-6d4c38b2bacc", + "uuid": "d49937e6-2083-4de7-8c7a-c6c7afcc193a", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -8171,7 +8131,7 @@ ] }, { - "uuid": "cca06061-fa55-43ad-aebc-c52f9fdb5bfa", + "uuid": "d24a6cda-d42a-477c-bad6-b15e38ceb1db", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -8193,7 +8153,7 @@ ] }, { - "uuid": "8ba5bcab-aea2-4ae0-a420-b76cadd75f09", + "uuid": "ab3f6d0c-2b9a-4250-9660-e2867ef78f0b", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -8205,7 +8165,7 @@ ] }, { - "uuid": "e3816ed1-89b1-43ef-ad51-5beed8fc0a57", + "uuid": "2a498765-c80b-479b-9aa9-cf5a47d72eb8", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -8227,7 +8187,7 @@ ] }, { - "uuid": "0a0b4711-1bc2-4508-89e0-c90f02c5d47a", + "uuid": "ae18bb5b-f100-4f4a-8b16-384c0eafcfcf", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -8254,7 +8214,7 @@ ] }, { - "uuid": "99eb3fb4-9864-4731-ab92-803adf5be2ea", + "uuid": "e5dd7f11-9a14-46e7-8944-83e191822c89", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -8266,7 +8226,7 @@ ] }, { - "uuid": "6b22b804-1910-453d-af24-94706e15eefd", + "uuid": "33158e2c-13c8-4213-b521-0a3a5a910f3c", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -8283,7 +8243,7 @@ ] }, { - "uuid": "5176521d-d7a8-4c9e-9250-1e3c728ed041", + "uuid": "35567e82-338c-484e-b91e-317e06e9fd7d", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -8300,7 +8260,7 @@ ] }, { - "uuid": "cdebdc1e-bb31-4369-b224-6a479791c20d", + "uuid": "b862baf9-e95f-419f-9561-5eb96ed41f91", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -8317,7 +8277,7 @@ ] }, { - "uuid": "fe219d15-9caf-4153-a32f-f9facca217c7", + "uuid": "ea437d53-c26a-4980-8bf3-1fe09b36288b", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -8334,7 +8294,7 @@ ] }, { - "uuid": "a53cf25e-86c3-4563-ade3-4a1fdc1170de", + "uuid": "376e2ea5-3d87-4791-a0c2-26551a6f8399", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -8351,7 +8311,7 @@ ] }, { - "uuid": "67cf4ddd-b185-451c-8d05-af36d817b605", + "uuid": "e396afad-68b7-4286-add3-daca333f79a6", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -8368,7 +8328,7 @@ ] }, { - "uuid": "7372873f-9272-4deb-8197-c42bbe1df4c5", + "uuid": "91dac91b-bb32-47e1-8217-307337646217", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -8385,7 +8345,7 @@ ] }, { - "uuid": "6bce1e92-728f-4a6e-bfc8-9de6c5babde5", + "uuid": "81a8d363-0dfd-414b-b43c-d3b618850a5b", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -8402,7 +8362,7 @@ ] }, { - "uuid": "acb107c7-bcef-4747-a922-095323ab5af8", + "uuid": "e5a9e733-fb62-417b-9b91-a23a90389987", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -8419,7 +8379,7 @@ ] }, { - "uuid": "549d0359-2a2d-4780-b89e-7598f7334464", + "uuid": "4a663833-3342-4f31-b8da-7ad5cbb0e718", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -8436,7 +8396,7 @@ ] }, { - "uuid": "3607fd91-f3c0-4a6a-852a-1058edafedb8", + "uuid": "2e71542c-8057-4dbd-b44c-6e4c439e4dc6", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -8458,7 +8418,7 @@ ] }, { - "uuid": "a2180a0e-e72f-4ac6-9675-8f98870bb6f3", + "uuid": "1e0fab66-4941-404b-aa08-e4c80cc1980b", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -8475,7 +8435,7 @@ ] }, { - "uuid": "a7e4edd9-0583-48af-8742-169b1ad71fce", + "uuid": "677b6b92-8c7a-4c98-bf4c-5bda2b6a4318", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -8492,7 +8452,7 @@ ] }, { - "uuid": "1512144b-a59c-42f6-82ed-93fee577b9d1", + "uuid": "4dde3bf7-ca23-475c-a4f9-a8499c84c6f5", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -8509,7 +8469,7 @@ ] }, { - "uuid": "fa0e66e1-8e1b-4573-9db7-c4ea227c7c83", + "uuid": "07dd0a2e-8534-45bf-83fa-0f02e0f82fad", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -8526,7 +8486,7 @@ ] }, { - "uuid": "ccfcd1f4-22da-4d1b-bdcd-ded3373e171f", + "uuid": "63f1e4d1-64f7-4ca9-92eb-7c47b720a804", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -8548,7 +8508,7 @@ ] }, { - "uuid": "1783f2d8-7a90-40a8-8c88-4a7bd2c9d78d", + "uuid": "94fd466d-87ee-48b0-a2d1-08c9b0b9b82d", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -8565,7 +8525,7 @@ ] }, { - "uuid": "c04b2e49-956b-4f1c-a7e9-c08b647a1b54", + "uuid": "69e54ddc-4fa5-4485-b7e6-2ab4437e47e4", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -8587,7 +8547,7 @@ ] }, { - "uuid": "f7d6f1d6-0715-4059-92f8-f891a0a4fad6", + "uuid": "d9a537e0-2bcb-40ab-aad5-b12dc978bc38", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -8609,20 +8569,15 @@ ] }, { - "uuid": "8729cd52-3931-4f53-ad56-6b3facef1582", + "uuid": "e5d52ed1-414f-4240-a2e5-b7ecffd77e32", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -8631,7 +8586,7 @@ ] }, { - "uuid": "98dfaae7-914d-41ca-87e8-690135d30c9b", + "uuid": "d834aeb5-e6c2-487e-896b-8c912539a711", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -8653,7 +8608,7 @@ ] }, { - "uuid": "c77045fe-c92b-4006-beaf-29dae5040ce6", + "uuid": "7e999dbb-868e-44cf-a645-dd83e82ed7d7", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -8670,7 +8625,7 @@ ] }, { - "uuid": "06c7e694-1db7-489f-9e70-75b9f6575a22", + "uuid": "6a7ce269-c257-4e81-a17e-0c7bd218112d", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -8687,7 +8642,7 @@ ] }, { - "uuid": "baa4dc42-b84d-498d-abcb-1dee2031e054", + "uuid": "0b200651-fb84-450b-9ef6-e327635f7d4b", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -8704,7 +8659,7 @@ ] }, { - "uuid": "58e0f37a-62dd-4097-aa59-fa7d06467053", + "uuid": "650aba1c-ac0e-404d-80d8-387fb538d6f2", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -8721,7 +8676,7 @@ ] }, { - "uuid": "65aae962-3eee-466b-9b82-c91a6c96afec", + "uuid": "d64d02d5-b077-47ff-a764-9e360f101723", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -8738,7 +8693,7 @@ ] }, { - "uuid": "0315c6b7-7173-44a6-85b0-e822609863b2", + "uuid": "5b656e57-0165-420f-a660-6973e4ebe188", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -8760,7 +8715,7 @@ ] }, { - "uuid": "0cf43bc1-57e9-4eae-94f1-b42d465ba605", + "uuid": "c48b4857-0c84-4f46-be8f-7b0ea9dd166e", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -8777,7 +8732,7 @@ ] }, { - "uuid": "4409f6a8-0c31-43be-9f6f-4c5d4f735aad", + "uuid": "41d3984a-792e-4170-9395-9aac4e99080d", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -8799,19 +8754,24 @@ ] }, { - "uuid": "e6d30520-b326-4dcd-bc0b-eb63573f7c2d", + "uuid": "dbee3d8f-62f2-4c82-bdab-c8a7a2b013c0", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "2296775b-3cc1-4d9f-b606-c6ef5f2a42da", + "uuid": "033faad0-11b9-4d72-a57b-6eccc02b6afa", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -8828,7 +8788,7 @@ ] }, { - "uuid": "4279755c-7304-4c34-983c-239cd71f612b", + "uuid": "99c62a9c-004e-4a6f-8262-c4fa3266d1e0", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -8855,7 +8815,7 @@ ] }, { - "uuid": "dc1d533c-8eef-45be-a9ae-163273be80b6", + "uuid": "13a506c8-691b-4640-bb0a-4b75d4e8b72e", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -8877,7 +8837,7 @@ ] }, { - "uuid": "c0e9f410-71e8-421f-8223-653e88492f54", + "uuid": "dea927b6-857e-40c9-bc33-a6bb67095868", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -8894,7 +8854,7 @@ ] }, { - "uuid": "011605ad-d1d9-48be-830a-9baeecf80062", + "uuid": "ef8e782a-300e-43d1-978c-3872560b6b83", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -8911,7 +8871,7 @@ ] }, { - "uuid": "be2e971e-7bef-4034-bcc7-891e5647d693", + "uuid": "649f682e-6b04-44b0-9efc-3a94adc39371", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -8928,7 +8888,7 @@ ] }, { - "uuid": "f2be1745-cd6e-4d5b-b7e0-2bc41caa3f53", + "uuid": "217a2727-e91f-441c-b9cc-855902a471f6", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -8941,7 +8901,7 @@ ] }, { - "uuid": "e11fd7dc-4a63-4b5e-9f5d-40d132de580d", + "uuid": "f1db3bb0-ed2c-4594-8d64-44d363a66375", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -8954,20 +8914,24 @@ ] }, { - "uuid": "35595054-6a49-44f3-a51e-71bc7ce70eb4", + "uuid": "3ae0b409-74a4-4f47-8ece-ee2cb6451a11", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "cb6ac739-3d9a-4df1-bd25-abfe2d647986", + "uuid": "72f7aec5-b877-43ad-a82d-3b834379cca3", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -8984,7 +8948,7 @@ ] }, { - "uuid": "0fcb48a2-1a6c-464b-9075-8990de3cffd5", + "uuid": "89d49aec-a45f-467d-84e7-1cd235e7cd56", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -8997,7 +8961,7 @@ ] }, { - "uuid": "b8203bf1-7218-47f5-8512-e6efa938f78e", + "uuid": "806e483a-f792-4cb1-a550-891359a63c13", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -9014,7 +8978,7 @@ ] }, { - "uuid": "18849776-ad5c-4ca2-b4d8-4c400dbc8e79", + "uuid": "c8b063b1-3528-498a-a1c7-5162790aa53b", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -9031,7 +8995,7 @@ ] }, { - "uuid": "091bbacc-2825-4e46-9216-ea1555f06e0a", + "uuid": "45676999-fde5-44c5-95c7-e746d97a8004", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -9048,7 +9012,7 @@ ] }, { - "uuid": "af06ef40-7563-4424-b4a9-0a26bcb09158", + "uuid": "a2aded40-86ca-4c80-a4ab-d6c12b3925af", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -9065,7 +9029,7 @@ ] }, { - "uuid": "a34e24c5-f01c-42b2-bde6-d78a202d98bc", + "uuid": "39f3b710-213c-40d6-8ac8-d12614079d8e", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -9082,7 +9046,7 @@ ] }, { - "uuid": "6aa54fdf-73fb-4d81-b11a-affc24308d11", + "uuid": "17a82860-89cf-4e67-81bc-e7d3b73f6f39", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -9094,7 +9058,7 @@ ] }, { - "uuid": "a6d35f8a-d1fa-45c7-9a56-d81501b8fea7", + "uuid": "63ffa128-eb8d-4f3c-9040-52ab5a41521c", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -9106,7 +9070,7 @@ ] }, { - "uuid": "9b1c6719-b7c6-461a-bbed-00b8006799fb", + "uuid": "002e9d3e-0d95-4a9b-a2b1-361edac0793e", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -9118,7 +9082,7 @@ ] }, { - "uuid": "10df7c08-617c-4eb3-b2f7-d75b169d624d", + "uuid": "697a938b-cfe2-4eed-b9a8-6228d725fe9f", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -9130,7 +9094,7 @@ ] }, { - "uuid": "ce84d7be-f0f4-4089-9dd1-3add45dffede", + "uuid": "298396a8-486e-49be-aa5c-4a7137090b0c", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -9143,7 +9107,7 @@ ] }, { - "uuid": "80feffe9-0427-433f-83de-9b8d99070494", + "uuid": "81a51350-a047-4b9f-9ed5-cedc9d32eb7b", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -9156,7 +9120,7 @@ ] }, { - "uuid": "6807b8b5-edda-42b9-9fce-05695c37a6d5", + "uuid": "1bc3957a-408a-4546-8d2d-b100ae332703", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -9168,7 +9132,7 @@ ] }, { - "uuid": "78be3ac8-74e7-42e4-ac01-5b58978ed56d", + "uuid": "655126eb-132f-47d2-9489-8f5900f48d0a", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -9181,7 +9145,7 @@ ] }, { - "uuid": "59c8f4b3-17fc-4407-8900-256ea38939ed", + "uuid": "ec594c20-f26b-4cb4-bf1c-907407ee5d29", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -9208,7 +9172,7 @@ ] }, { - "uuid": "9594c2e0-b71f-4868-8bb5-ca87bf357fd1", + "uuid": "6dad4b28-1b26-47a9-a8f3-d03a750c108d", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -9235,7 +9199,7 @@ ] }, { - "uuid": "4fe73091-20eb-4f94-844c-c6e1fc06b2d9", + "uuid": "953b185d-8198-47d4-beca-e6836c0b3464", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -9262,7 +9226,7 @@ ] }, { - "uuid": "bf8c08c7-7027-4235-b6a8-e4eb78cf3e6c", + "uuid": "06cde94a-d5da-4e6e-8c02-25a559cf64e6", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -9289,7 +9253,7 @@ ] }, { - "uuid": "7e0883bb-c909-463a-9109-33b6abb10c78", + "uuid": "89fde16c-038c-43d4-a219-b75466bb3bac", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -9316,7 +9280,7 @@ ] }, { - "uuid": "10c3239f-22eb-4676-9675-de74a92e8a45", + "uuid": "ed11f852-50df-477f-91fa-78965ecb359c", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -9343,7 +9307,7 @@ ] }, { - "uuid": "671ff6ec-d4af-4474-bc4b-b128c3691a61", + "uuid": "7d1f5af3-3842-4116-b650-58bcdcd427f2", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -9370,7 +9334,7 @@ ] }, { - "uuid": "2891408c-eef8-494d-98c3-93144e631485", + "uuid": "3968df96-2bc2-4e27-b67a-92027d50f8bd", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -9397,7 +9361,7 @@ ] }, { - "uuid": "6a9260ae-9da1-4895-9020-1818320e39a0", + "uuid": "a05b9cf7-2422-4e3b-8a15-8f3064436f75", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -9424,7 +9388,7 @@ ] }, { - "uuid": "82c1bda3-a4c2-449e-9035-c41936364929", + "uuid": "29d3b5f9-30b4-4546-9a57-c6d4e1d2bbcf", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -9451,7 +9415,7 @@ ] }, { - "uuid": "456b8242-8e38-4f87-8df1-9c1d900c27e2", + "uuid": "cbffda21-9f83-4312-986b-8d73a99643fb", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -9493,7 +9457,7 @@ ] }, { - "uuid": "f2b239aa-9230-498c-b4ba-7de5620aa292", + "uuid": "0538998c-d038-4971-861f-5d17bfc6af40", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -9515,7 +9479,7 @@ ] }, { - "uuid": "f6b2a0ba-b6e0-4eb5-8098-c8c599b292b6", + "uuid": "ac7a0cca-f526-458c-a013-518eadad68f4", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -9537,7 +9501,7 @@ ] }, { - "uuid": "d4818c2e-c801-4422-8674-f21f074805d5", + "uuid": "7a8b421a-9088-4f04-a03c-60f684fb25a6", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -9550,7 +9514,7 @@ ] }, { - "uuid": "7f5857d1-57c6-4fef-9626-fd209d1ae1e9", + "uuid": "86afa457-f1ce-4958-aa42-a0455bb1d966", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -9567,7 +9531,7 @@ ] }, { - "uuid": "91b5de63-1739-4f98-a20d-2f1dc09ab1ca", + "uuid": "e4159c31-c62c-4e1f-b1e1-994b766ff6b0", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -9584,7 +9548,7 @@ ] }, { - "uuid": "39208f53-ebe4-4842-b0e4-26632823c776", + "uuid": "71fdbd6e-efa8-4aef-a885-a683a854dc19", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -9601,7 +9565,7 @@ ] }, { - "uuid": "ff424e0d-a972-4de2-994f-1ac3c72784fa", + "uuid": "5ed26172-7794-4f8d-81db-490b166fca97", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -9618,7 +9582,7 @@ ] }, { - "uuid": "e0bb9134-c35d-4f8c-bd5a-01ee7f82caca", + "uuid": "81625973-2d57-4b26-8059-70c873efbc38", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -9635,7 +9599,7 @@ ] }, { - "uuid": "54d80d20-0568-489b-b544-87bdff724d0d", + "uuid": "dd83548d-02ca-4254-ab68-2e387e06119e", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -9652,7 +9616,7 @@ ] }, { - "uuid": "23fff9ff-fd25-4cf1-881e-c7276fe5d509", + "uuid": "1fc6f891-c551-4fe3-88fa-6702599f19ad", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -9669,7 +9633,7 @@ ] }, { - "uuid": "7faee12c-547a-4dce-b04e-1fda39fb0624", + "uuid": "04387809-578b-4e9e-9df4-71e95b1a3a15", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -9696,7 +9660,7 @@ ] }, { - "uuid": "1f5c56be-d83f-4867-adc8-5723986f5e8b", + "uuid": "abdad12d-2b65-481f-a422-e750b19161fc", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ @@ -10480,7 +10444,7 @@ { "name": "Parameter_Value_Alternatives_38", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -10498,7 +10462,7 @@ { "name": "Parameter_Value_Alternatives_39", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -11602,6799 +11566,6751 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_034" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_034" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "package_kea_removed", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Uninstall kea Package", "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "package_kea_removed", "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Uninstall kea Package", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "package_bind_removed", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Uninstall bind Package", "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "package_bind_removed", "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Uninstall bind Package", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_dnsmasq_removed", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_dnsmasq_removed", "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "package_rsync_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Uninstall rsync Package", "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "package_rsync_removed", "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Uninstall rsync Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_samba_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall Samba Package", "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_samba_removed", "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall Samba Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "kernel_module_can_disabled", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable CAN Support", "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "kernel_module_can_disabled", "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable CAN Support", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable DCCP Support", "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable DCCP Support", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "sshd_disable_forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable SSH Forwarding", "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "sshd_disable_forwarding", "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable SSH Forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "disable_host_auth", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "disable_host_auth", "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_forwarding", + "value": "sshd_disable_rhosts", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Forwarding", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_forwarding", + "value": "sshd_disable_rhosts", "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Forwarding", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_use_strong_kex", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_use_strong_kex", "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_187" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_187" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_227" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_227" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_228" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_228" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_229" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_229" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_230" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_230" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_231" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_231" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_232" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_232" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_233" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_233" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_234" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_234" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_235" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_235" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_236" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_236" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_237" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_237" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_238" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_238" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_239" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_239" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_240" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_240" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_241" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_241" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_242" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_242" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_243" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_243" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_244" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_244" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_245" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_245" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_246" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_246" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_247" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_247" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_248" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_248" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_249" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_249" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_250" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_250" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_250" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_251" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_251" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_251" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_251" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_252" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_252" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_252" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_252" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_316" + "remarks": "rule_set_314" } ], "control-implementations": [ { - "uuid": "3d071398-e31c-4fc8-8dca-73aab9173f14", + "uuid": "92677bf4-b6dc-483d-8f29-d9f2735af874", "source": "trestle://profiles/rhel10-cis_rhel10-l1_workstation/profile.json", "description": "Control implementation for cis_workstation_l1", "props": [ @@ -18636,13 +18552,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -18750,7 +18666,7 @@ ], "implemented-requirements": [ { - "uuid": "71092472-0975-4617-b803-32c95f73b76d", + "uuid": "a7b046ca-a581-4be4-b5c7-7fcd16cb0055", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -18767,7 +18683,7 @@ ] }, { - "uuid": "833b71dd-983a-4ae9-811b-3f1fb39bb9bb", + "uuid": "88aa8ea7-54e6-4547-95b9-420fa7f05d39", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -18784,7 +18700,7 @@ ] }, { - "uuid": "5c2d5f68-2b19-4c5b-a7a6-9055414603b6", + "uuid": "5b0b7cf3-5aff-4226-b7d2-72e1e2517987", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -18801,7 +18717,7 @@ ] }, { - "uuid": "470ed4d6-5c68-4095-a960-c74ddd44eae9", + "uuid": "c9c96e38-b66e-43cf-b65a-fe343ab07ae2", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -18818,7 +18734,7 @@ ] }, { - "uuid": "b0b5ddf0-bf8e-45c7-b02b-3390dcd3ef37", + "uuid": "44d37587-b66e-421e-8763-9ce1cfd1f932", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -18835,7 +18751,7 @@ ] }, { - "uuid": "eb58a640-3d4a-412c-8208-4200d77ab73d", + "uuid": "58ed101f-c785-41d6-9d5c-2884a1625647", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -18852,7 +18768,7 @@ ] }, { - "uuid": "3e46d7ef-7748-4e72-b9ea-632ff1fa400c", + "uuid": "6334692c-efeb-4666-a048-b571468782e7", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -18865,7 +18781,7 @@ ] }, { - "uuid": "60976649-3867-4d63-8ae3-ff3d10f2f9e5", + "uuid": "8ab95994-91c9-43e7-a9e8-8518daba0bf7", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -18882,7 +18798,7 @@ ] }, { - "uuid": "2b53c2af-a8ef-48b7-a10b-216ca8899887", + "uuid": "ec43cb0d-8e85-4aa7-815e-ac53417a3f61", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -18899,7 +18815,7 @@ ] }, { - "uuid": "f55b57f4-50f4-4a83-9661-52fab21ee137", + "uuid": "31bfb3a4-3f8d-4e0b-b764-f5adb9d5c632", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -18916,7 +18832,7 @@ ] }, { - "uuid": "98d8d54a-4c3b-4312-b289-0c38b9ee8a5b", + "uuid": "a2e28ed8-7a99-4bf3-bca6-bc790de7438c", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -18933,7 +18849,7 @@ ] }, { - "uuid": "cbf51e06-646c-4686-8b01-377f8854646e", + "uuid": "e6758382-d3be-40a6-8398-3819f926484d", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -18950,7 +18866,7 @@ ] }, { - "uuid": "66c79e99-0ab0-45b3-a8e5-54a874438cde", + "uuid": "51b1ffca-093f-45e3-9728-6bc7135cbc58", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -18967,7 +18883,7 @@ ] }, { - "uuid": "16a24548-6590-4fef-9b63-2be15c7a04ee", + "uuid": "24187955-c825-4344-a2e1-3b9e244deb4c", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -18984,7 +18900,7 @@ ] }, { - "uuid": "3d63541a-4ddc-4862-92b4-dffc89586f29", + "uuid": "8a224161-d13d-4a31-93b1-be0167cd4d8b", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -19001,7 +18917,7 @@ ] }, { - "uuid": "4697f731-a767-4a43-a4fd-a870cb432fff", + "uuid": "5cfa0414-3756-44c8-a805-57904d2e7db2", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -19018,7 +18934,7 @@ ] }, { - "uuid": "6e654300-dc25-4f6c-8938-733b079d55a6", + "uuid": "74cdd9c4-65ff-4c56-a034-4358a0eca5dc", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -19035,7 +18951,7 @@ ] }, { - "uuid": "e27972ea-4525-434a-999a-c42e4a0eb88d", + "uuid": "d7cdf0b7-95bb-4d97-bea3-b96388c5eb58", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -19052,7 +18968,7 @@ ] }, { - "uuid": "77827507-7f5f-418d-8a28-9822a3b8c31a", + "uuid": "f67b13fa-6f60-42a8-9c90-972b2af86ddc", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -19069,7 +18985,7 @@ ] }, { - "uuid": "3b67b286-a1e3-4c04-8317-f8aaffcb54c6", + "uuid": "f8bd2c51-842d-40fe-b536-920e0e03f4c9", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -19086,7 +19002,7 @@ ] }, { - "uuid": "7fa0b690-9a84-493a-b1e0-1af6e2da70eb", + "uuid": "28547804-eacc-43bb-a461-d3157398a9e1", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -19103,7 +19019,7 @@ ] }, { - "uuid": "810700ca-e4ed-4af3-b46e-c478a8a7ee50", + "uuid": "3b630198-3dac-40f0-9741-8f0d07b4cd73", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -19120,7 +19036,7 @@ ] }, { - "uuid": "d2cafa3f-2939-4a68-8ee4-bd4645ff6aa9", + "uuid": "8e602c0f-1595-492f-860c-f8b1e8d1f1df", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -19137,7 +19053,7 @@ ] }, { - "uuid": "6f7acf4b-578c-4b03-a2b7-3712b64d5879", + "uuid": "baba4554-3e35-42b0-8323-b6d2cdf990d5", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -19154,7 +19070,7 @@ ] }, { - "uuid": "b7548f2c-8eba-45bb-9be5-1c715c02870d", + "uuid": "d01b2a20-9b0c-4c73-aab5-b7f78f84a3e1", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -19171,7 +19087,7 @@ ] }, { - "uuid": "5c87d0d1-b418-4469-9222-0970be30c7de", + "uuid": "de52f3c7-044a-4e36-b6e7-047db770bf0c", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -19188,7 +19104,7 @@ ] }, { - "uuid": "f0f053ca-9c44-4d13-b56e-05574ccf3c7e", + "uuid": "44c4b736-7c5b-4300-a517-d4608a81d95d", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -19205,7 +19121,7 @@ ] }, { - "uuid": "ca9751e6-99dc-430f-9fb0-3ca33af8677b", + "uuid": "e0fd98bb-cf49-40fb-8c87-519158eedb6e", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -19222,7 +19138,7 @@ ] }, { - "uuid": "b90e5060-1c1b-45b3-b882-4715aeece1c8", + "uuid": "c3cbe59f-09d2-489b-aeb5-e2fcdc240512", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -19235,7 +19151,7 @@ ] }, { - "uuid": "ca383870-d62a-47f4-95b1-8e49f49dddc5", + "uuid": "e369d7c3-ec5c-4db1-87aa-68a1a8142eee", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -19252,7 +19168,7 @@ ] }, { - "uuid": "ceaca091-26e0-4b43-906f-66bf8dff9410", + "uuid": "b80d499c-20f0-460d-a0d7-0020f9f8db12", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -19265,7 +19181,7 @@ ] }, { - "uuid": "a5d265be-2130-495d-a720-5b88964c8668", + "uuid": "55f0e089-fec6-4d5a-9fd2-bfe34549c999", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -19278,7 +19194,7 @@ ] }, { - "uuid": "3d60d475-b25c-494d-abad-9e351067770a", + "uuid": "743e72d4-15d6-4cab-8fc5-10c4b7fcb9de", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -19295,7 +19211,7 @@ ] }, { - "uuid": "397cd45e-15c0-4a24-b11e-e8629a43895c", + "uuid": "5c3628be-84bf-42e9-bd90-40d0741cf365", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -19312,7 +19228,7 @@ ] }, { - "uuid": "e191a712-4938-4576-a737-57e3ab7b085c", + "uuid": "83eb4c28-633e-48b5-8f93-aca12477ca72", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -19329,7 +19245,7 @@ ] }, { - "uuid": "41f57554-1f5b-4aab-93fc-bfcc417fc851", + "uuid": "b6f510b6-b424-43d9-91d6-71a8d9d5bb3d", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -19346,7 +19262,7 @@ ] }, { - "uuid": "e3933eab-e4bd-456d-be8c-cf31b47736d2", + "uuid": "e0c618c2-71c1-4972-b42e-75715cbe9ce4", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -19363,7 +19279,7 @@ ] }, { - "uuid": "c3d9ac15-9d86-4678-a3ef-a7c1dc5f9a29", + "uuid": "b598806a-29f2-4085-8985-c7c22de5a6d0", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -19380,50 +19296,34 @@ ] }, { - "uuid": "5b34379c-33a9-475b-b46c-637e462f9991", + "uuid": "3376bfe9-f544-4650-b7da-1f73325e1041", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "43290bb7-2195-4d70-a845-ce0c74274079", + "uuid": "203913bd-cd28-40ed-b3b2-a9086a66fff3", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -19440,7 +19340,7 @@ ] }, { - "uuid": "b228ef73-bf80-4be9-8401-5966fde435fa", + "uuid": "8b49ed12-1dec-49b1-b65c-93c2079e24aa", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -19457,7 +19357,7 @@ ] }, { - "uuid": "8f1ef9b1-1d99-47bb-95cc-275daf7975a3", + "uuid": "c9fc7646-3672-48fa-a04c-ca0bf1a5ea35", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -19474,7 +19374,7 @@ ] }, { - "uuid": "3a49ccfb-5a55-441c-a2d4-384213a42d1f", + "uuid": "56cbf1dd-de5b-417c-80ff-0c3159d5533d", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -19491,7 +19391,7 @@ ] }, { - "uuid": "fd22a53a-47bb-4ab0-86e9-5962c482b3cb", + "uuid": "9527784a-bf29-43cf-8f49-54b8d4554502", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -19508,7 +19408,7 @@ ] }, { - "uuid": "b9cc01a6-9edd-4b4f-82c9-0745f0373404", + "uuid": "aa7de458-b1f5-4bbd-a315-cb8bd17dd66a", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -19525,7 +19425,7 @@ ] }, { - "uuid": "fc0f8592-4510-4b07-a7f2-d79a866d5579", + "uuid": "73df987e-ed4d-4602-a744-b44c39634797", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -19542,7 +19442,7 @@ ] }, { - "uuid": "31bc94fb-24b5-4b09-848d-259ab836079d", + "uuid": "dfd7c767-add4-41ae-b906-45e10fa71fc0", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -19559,7 +19459,7 @@ ] }, { - "uuid": "5e37dafd-7356-416b-9d47-f0fbfd9d7b36", + "uuid": "6fe709a6-2ae4-44f1-b455-b3998f2bf1a7", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -19576,7 +19476,7 @@ ] }, { - "uuid": "21a04384-4549-4460-a796-92f8768545d9", + "uuid": "2b71a590-3e8a-45a2-a6b7-12248af97152", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -19593,7 +19493,7 @@ ] }, { - "uuid": "aed83e8d-a721-4b62-8829-dee80862a7f7", + "uuid": "36fbfa0f-68ce-45bf-abd0-eaf26710b315", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -19610,7 +19510,7 @@ ] }, { - "uuid": "a13f7ba1-3516-472e-9f51-e857880ac47d", + "uuid": "863d82c7-88a2-4f84-8bd2-0ac856088e7d", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -19627,7 +19527,7 @@ ] }, { - "uuid": "a2977359-2a49-4bfb-9cff-164083637fc6", + "uuid": "cb111af2-8b69-462b-9881-6f234c3a6e48", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -19644,7 +19544,7 @@ ] }, { - "uuid": "be160b88-d0aa-44ff-a3d6-50c0b7f3114e", + "uuid": "633bfde6-3a00-482c-9095-3b5d85d7e905", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -19661,7 +19561,7 @@ ] }, { - "uuid": "4b346df8-5818-4a30-9b2f-e68cafc87881", + "uuid": "f3365a62-93d8-4dec-94bd-fc0eb5e2b8ac", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -19678,7 +19578,7 @@ ] }, { - "uuid": "d7578567-cb14-47f9-ba3f-fc3b0321257d", + "uuid": "02b6765b-da34-412f-ac52-57db128a89ce", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -19695,7 +19595,7 @@ ] }, { - "uuid": "c394d285-7881-49bc-9946-7a9fa04df58c", + "uuid": "3206a88b-d261-41a4-9db9-98b45dabaa55", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -19722,7 +19622,7 @@ ] }, { - "uuid": "74e0810c-74d8-4cc5-bf4d-dae06f968612", + "uuid": "926b0acb-cbc1-4696-8f78-e71932d78322", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -19749,7 +19649,7 @@ ] }, { - "uuid": "f037ada2-7479-4b47-aad2-151855c7add1", + "uuid": "a1ad3510-215a-4bcf-b66e-e55718cfa493", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -19776,7 +19676,7 @@ ] }, { - "uuid": "3fb580bc-c22d-4b01-8e66-0f102afa6b74", + "uuid": "ebb1cde0-51df-435d-9dba-793ff0750fc3", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -19798,7 +19698,7 @@ ] }, { - "uuid": "49956479-33be-4e37-bf1c-12aeb64a1845", + "uuid": "dc91ce55-3f53-4451-a57a-77c104e4cfe3", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -19815,7 +19715,7 @@ ] }, { - "uuid": "7c0c64dc-3a3b-47c9-af8f-7a9e203b857b", + "uuid": "3ee50f2f-19f8-4aa4-8f87-4cad8424b9b4", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -19847,7 +19747,7 @@ ] }, { - "uuid": "04efb78d-1ae5-40ba-8518-903d6e0180ef", + "uuid": "bde726e2-6a0f-4c91-ac1e-2183b978cf84", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -19864,7 +19764,7 @@ ] }, { - "uuid": "ea8ce282-a05e-437a-9784-cfb852fb85fb", + "uuid": "74a7a542-5553-42ed-ba35-3e53dfb44a2f", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -19881,7 +19781,7 @@ ] }, { - "uuid": "d40b69c8-ee1b-4bb8-a55c-b57857cc7b6c", + "uuid": "0c58c98c-3c74-4aa8-ab40-71d7b0bf992e", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -19898,7 +19798,7 @@ ] }, { - "uuid": "af831146-0914-4591-b1f2-45c6459cf7c7", + "uuid": "6a6ea33b-ed9b-457c-86c4-37fdb60c5fae", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -19915,7 +19815,7 @@ ] }, { - "uuid": "be9590a8-3a63-4b98-88d2-eabc49d5649f", + "uuid": "ff70d2b5-c50b-4ba7-b8cc-03b09fe0cbd3", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -19932,7 +19832,7 @@ ] }, { - "uuid": "f277db6c-e610-4bd9-80ea-aa956d451a52", + "uuid": "e27181f5-2581-4888-aa30-db5f4434a0f7", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -19954,7 +19854,7 @@ ] }, { - "uuid": "381608a1-0546-4da8-bf32-f94a34314f09", + "uuid": "b3bc6c5e-6726-423c-83a5-f208a086c00f", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -19971,7 +19871,7 @@ ] }, { - "uuid": "4053d5d6-1a37-46bd-9139-3367afb26c2d", + "uuid": "c0ad7122-9d7c-4892-92ea-4853a3937239", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -19988,7 +19888,7 @@ ] }, { - "uuid": "bc0d232e-0c45-4c20-8a1d-e59f89d733a3", + "uuid": "870425a1-b097-41f9-9475-fd21308926f1", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -20005,7 +19905,7 @@ ] }, { - "uuid": "fb27708b-1479-4412-bd37-eed379a0c1f7", + "uuid": "110adb31-6f2a-49b9-8efe-da5a55c7d415", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -20022,7 +19922,7 @@ ] }, { - "uuid": "22c8f47a-ae55-45cc-a6c7-495f9620f5a4", + "uuid": "c86b4080-791c-4ce2-9ff2-6db6bae4a266", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -20039,7 +19939,7 @@ ] }, { - "uuid": "166ef6ea-a46d-4f75-85b0-d5ba020aec3b", + "uuid": "49e2d579-fe55-4f93-9e50-f29dd5df233a", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -20056,7 +19956,7 @@ ] }, { - "uuid": "bd3362ec-54d3-475a-9699-5867f1f4a453", + "uuid": "e3e5aea3-76a3-4477-9744-fd0b82fbe6c3", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -20073,7 +19973,7 @@ ] }, { - "uuid": "a731541d-d64f-492d-8c98-1f02eb8d9c9b", + "uuid": "f574cd91-bf79-4ef6-b602-b009dde6b887", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -20090,7 +19990,7 @@ ] }, { - "uuid": "c0183f5c-a3ce-4675-b7bc-8bd89ef5f0d7", + "uuid": "2e6d8f30-c5fb-4455-8812-5be86cc1b711", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -20112,7 +20012,7 @@ ] }, { - "uuid": "fceb6e88-6a61-46ef-b362-b0257437f26d", + "uuid": "35253a6e-4cc4-4ab4-a925-cf1bd60bf533", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -20134,7 +20034,7 @@ ] }, { - "uuid": "6d408da1-3faa-4a54-bcef-01e13cf549a7", + "uuid": "0151424e-26cd-4a9b-9bbd-34c2ef6622f3", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -20147,7 +20047,7 @@ ] }, { - "uuid": "1c42230f-aa56-4b41-818b-47a5368c32db", + "uuid": "376c95f3-c4ee-4d68-ae9c-878b3fc9a9b6", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -20164,7 +20064,7 @@ ] }, { - "uuid": "fe68e6e0-7ee3-4ec5-85a1-180b0dffa605", + "uuid": "361be0a7-c49e-4e23-91be-2ff340237e78", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -20181,7 +20081,7 @@ ] }, { - "uuid": "0402cfa5-68f2-4e93-8a76-da90f78518ca", + "uuid": "69aa6640-71e8-4a24-b03d-35b58e99bd12", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -20198,7 +20098,7 @@ ] }, { - "uuid": "64dcde8a-ca73-4618-8a2e-03e5d909002f", + "uuid": "a1319ff6-5f1b-4959-bdf0-6e6d75b2a47b", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -20210,7 +20110,7 @@ ] }, { - "uuid": "1b0ec528-b276-4acf-ac7f-da99adbb26bc", + "uuid": "4e04b3e2-45b7-4751-8254-57f9b3d5979d", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -20227,7 +20127,7 @@ ] }, { - "uuid": "74baa54f-52c8-468d-bf72-9c701275e445", + "uuid": "3c859a11-5d96-4ec9-ac9b-0b02ab359bba", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -20244,7 +20144,7 @@ ] }, { - "uuid": "c629d808-daca-439d-921a-25c6034b5447", + "uuid": "349c7e72-8340-4895-9b4c-124b91072384", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -20266,7 +20166,7 @@ ] }, { - "uuid": "c04e6489-ea37-4294-a59d-37a310d4f632", + "uuid": "b4013cac-ce3d-4ec9-84e2-c0defb80f7d6", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -20293,7 +20193,7 @@ ] }, { - "uuid": "2cbf11b1-ab03-4e30-bad5-064cb9558da7", + "uuid": "9afab428-ed45-499d-83d1-7ec665f13f9f", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -20320,7 +20220,7 @@ ] }, { - "uuid": "dbe5c748-c0e7-49dd-ae65-8bff963d3195", + "uuid": "43bdf617-5209-49d7-890a-17806eb35217", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -20347,7 +20247,7 @@ ] }, { - "uuid": "eefb9b7d-dbc3-4fd2-8c36-2b49f039f7f7", + "uuid": "f34337fd-6e06-4d60-a376-6c18501c06cc", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -20374,7 +20274,7 @@ ] }, { - "uuid": "423437e6-6efc-4114-94b3-d594785b1e9f", + "uuid": "3f6415de-808c-4950-9cf3-318114952810", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -20401,7 +20301,7 @@ ] }, { - "uuid": "2e6fc88c-15be-4008-b33c-092739dc60da", + "uuid": "a2a3d641-a887-43b7-946a-ff928c0382e6", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -20428,7 +20328,7 @@ ] }, { - "uuid": "7ec779c0-094d-4d31-995f-ebd3a5efb9dd", + "uuid": "f7afbf1e-481e-4d6f-8c0e-9146c3748d19", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -20455,7 +20355,7 @@ ] }, { - "uuid": "0456a4fd-1727-4c18-9e66-564035054c7f", + "uuid": "efc53ee8-c352-4a81-a3cb-f0a0e2b0b3c2", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -20492,7 +20392,7 @@ ] }, { - "uuid": "221fe3c9-4c51-4af6-b579-5c9e31aeecf9", + "uuid": "95462c0a-dc4b-4ed9-a627-998804d10d63", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -20529,7 +20429,7 @@ ] }, { - "uuid": "c26beb50-03a0-4514-96cc-7f41b62bd0b8", + "uuid": "3c3ae38e-5a48-4a4b-a67c-8a09caa439b5", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -20542,7 +20442,7 @@ ] }, { - "uuid": "70ba2019-2d1f-41b0-bffd-095c7d6c5e7a", + "uuid": "951f4fd3-7369-463b-89ef-20bd281825ac", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -20559,7 +20459,7 @@ ] }, { - "uuid": "6bcc5eec-69dd-4981-8a4a-533efac1d909", + "uuid": "7691336d-9a3a-4e3c-99be-dd5d3a6f843c", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -20576,7 +20476,7 @@ ] }, { - "uuid": "20ed263b-dd69-4936-9cb1-b1d42b4bcd6c", + "uuid": "4558e7bd-9067-4e86-a035-8a82d4f9fcdc", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -20593,7 +20493,7 @@ ] }, { - "uuid": "164141f2-d4ee-447f-b920-ac4a83e64ba0", + "uuid": "b02ce256-679a-4a29-984a-2d4ff8b643c6", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -20610,7 +20510,7 @@ ] }, { - "uuid": "5671c37a-75cf-421f-92ad-b8d0621b1e81", + "uuid": "a7794f6d-b2ac-4d57-87d6-adbfcf42a731", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -20627,7 +20527,7 @@ ] }, { - "uuid": "fab95ecf-9208-4dcb-a7e7-d1cc6f2aa167", + "uuid": "e332459c-f7e8-4303-bf3d-0488d23eb402", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -20644,7 +20544,7 @@ ] }, { - "uuid": "911c6bf6-6964-4fb4-955c-9e673be2e80d", + "uuid": "21841ba6-d9c6-473b-a7b2-ba86621f8af2", "control-id": "cis_rhel10_3-3.1.1", "description": "No notes for control-id 3.3.1.1.", "props": [ @@ -20661,7 +20561,7 @@ ] }, { - "uuid": "5240c6ca-4f4d-4930-a8cf-902ded50be99", + "uuid": "5f3cb5e9-e1c4-4e68-a6a0-55955771b3a6", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -20678,7 +20578,7 @@ ] }, { - "uuid": "952df28c-42a2-45da-b9d7-07830fc6920e", + "uuid": "a81c0c9f-9b6d-4efa-b4de-3949eb8e183d", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -20695,7 +20595,7 @@ ] }, { - "uuid": "4ddafc69-5235-4f68-9f0a-e0ce3d887183", + "uuid": "bd93d3a2-1c7e-4d1d-bf79-58b67ecd8bf7", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -20712,7 +20612,7 @@ ] }, { - "uuid": "c18600a8-b208-442d-bccd-5b2b1dbfa86d", + "uuid": "38fc3ec5-e41c-4397-bd27-6eb4aeb9bdea", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -20729,7 +20629,7 @@ ] }, { - "uuid": "1e3271a9-0f71-4cee-b45b-afc78cadf5b7", + "uuid": "e46388d1-f393-4762-a049-f01d66c3f2f6", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -20746,7 +20646,7 @@ ] }, { - "uuid": "7d6af1f1-4b81-4fd5-b6d5-1ca0fd1f6401", + "uuid": "a306a9d9-f48f-448d-9d09-1d8a393250fa", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -20763,7 +20663,7 @@ ] }, { - "uuid": "998c75a6-c4d2-4c62-8135-6ce6c7cc9bab", + "uuid": "c258439a-8c71-49df-80e7-bc04b1a2418f", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -20780,7 +20680,7 @@ ] }, { - "uuid": "7bbf1800-2064-4b6f-86f4-064a71f5236c", + "uuid": "672a8c70-aa98-44a2-ac5f-215a9fd99af8", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -20797,7 +20697,7 @@ ] }, { - "uuid": "58f1a170-0dac-43a5-815f-276bb87df567", + "uuid": "24c8272d-91fc-4a13-9049-04521c78e888", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -20814,7 +20714,7 @@ ] }, { - "uuid": "3e61024f-8345-4824-a84d-98992ce3f7d3", + "uuid": "7641ffc0-2ad6-410b-9146-f6b68a3330bd", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -20831,7 +20731,7 @@ ] }, { - "uuid": "b0b135b7-86f2-4c9c-85b8-16ea9a4f76ab", + "uuid": "056460f4-57a2-4148-92a2-0388b717f3a5", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -20848,7 +20748,7 @@ ] }, { - "uuid": "bd524869-5fc4-4c2e-bf9d-e47be3c7ffe3", + "uuid": "6a2bbaef-61fd-4783-a4d1-b03b7c38bf14", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -20865,7 +20765,7 @@ ] }, { - "uuid": "dad22f08-bcb7-470b-9cfc-ad02003eb39e", + "uuid": "f5ab7fa5-e2f6-4e2e-a722-c710fb39c220", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -20882,7 +20782,7 @@ ] }, { - "uuid": "3e44654c-1053-49f3-b291-a0f560cd04bc", + "uuid": "b9493626-ccee-423e-acb7-3c313b9fc221", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -20899,7 +20799,7 @@ ] }, { - "uuid": "8bc4675f-0237-4829-8c54-e643eb83a7e3", + "uuid": "ba08b3fd-2081-42ee-b067-37a80e637773", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -20916,7 +20816,7 @@ ] }, { - "uuid": "46d39529-4284-4eae-8adf-b853b6a30787", + "uuid": "54fa0fa7-4d73-454e-a1f8-a04041d9f5f9", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -20933,7 +20833,7 @@ ] }, { - "uuid": "a65c9b9a-5517-4731-90fe-df113a9854be", + "uuid": "f98c9933-dfee-4556-b2c3-dfc84def3c66", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -20950,7 +20850,7 @@ ] }, { - "uuid": "f0a65dba-6d13-457e-9d44-b65f652ea3a9", + "uuid": "6c6dd092-c351-4cad-af7f-5be167a503ea", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -20967,7 +20867,7 @@ ] }, { - "uuid": "4805446a-6502-47ca-8b4a-f16e08ae723d", + "uuid": "d4bb3387-fe5c-455e-8902-d6dd0e173b7c", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -20984,7 +20884,7 @@ ] }, { - "uuid": "9b190c71-cb6e-4a44-8d19-69e4d76e84ef", + "uuid": "87476242-b74b-4092-8880-5e81102761cd", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -21001,7 +20901,7 @@ ] }, { - "uuid": "a2f94c0f-588a-42ad-9d9c-000e7a952fa5", + "uuid": "fbade312-2d20-4c70-9908-f1011951b280", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -21018,7 +20918,7 @@ ] }, { - "uuid": "901df8c6-15b6-4ac3-98f1-0237f2939b3f", + "uuid": "a15a6103-32c5-4935-ba18-90629550b7c1", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -21035,7 +20935,7 @@ ] }, { - "uuid": "3c736001-763d-4b6c-8c8e-5e91b0d6c030", + "uuid": "3e27cad9-1fd1-4501-9482-0256f2e81da6", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -21052,7 +20952,7 @@ ] }, { - "uuid": "e8fae310-c2d6-43f4-968a-fd83d24052ba", + "uuid": "9544cc7b-fe70-4737-a4f8-1fffbb39d51b", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -21069,7 +20969,7 @@ ] }, { - "uuid": "077715f9-a02c-4ac3-b768-91cd11922888", + "uuid": "787573be-dd9d-45ad-902f-38afba2c5258", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -21086,7 +20986,7 @@ ] }, { - "uuid": "e33319c6-6d93-4901-9ec2-e9bcd4020208", + "uuid": "c363e643-fedf-409b-9360-ab986f559385", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -21103,7 +21003,7 @@ ] }, { - "uuid": "2f67e57f-f3de-4f5b-afd6-4bdbe0995afa", + "uuid": "24eb6971-685b-4706-8793-c9456507a1fd", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -21120,7 +21020,7 @@ ] }, { - "uuid": "808f46b1-8ff0-4ce4-9cc7-86b03a6bca05", + "uuid": "351906ae-e324-49cb-80f1-915a75370804", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -21137,7 +21037,7 @@ ] }, { - "uuid": "cbd5b3a8-a447-471a-81ce-dd5b01bf46b2", + "uuid": "5cdc7765-481d-41de-a368-9b3547e43848", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -21145,12 +21045,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "91dd50cd-7ba8-4112-9f36-58452b1fe134", + "uuid": "14d2d9a8-0864-41e3-b5d0-98a512b457a7", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -21167,7 +21067,7 @@ ] }, { - "uuid": "284e9f65-7eb5-4e10-a5bd-3ca30e905e51", + "uuid": "b2e9ca20-6957-4b2f-929c-de28e1b0641c", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -21180,7 +21080,7 @@ ] }, { - "uuid": "e34b1379-93ff-4a5d-b406-d93912aa4d93", + "uuid": "062ce721-24e9-4efa-8ba8-c7b981e7fd03", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -21193,7 +21093,7 @@ ] }, { - "uuid": "43e29281-892a-4fcc-8ce2-32f74ab18f26", + "uuid": "873bb25c-d47b-459b-9054-91a88a4ee0fe", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -21250,7 +21150,7 @@ ] }, { - "uuid": "0235b6cb-1f67-4b5f-8248-68656ed773e5", + "uuid": "9af3a3cb-2048-4506-8eb9-1d437c70171c", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -21277,7 +21177,7 @@ ] }, { - "uuid": "03665b2d-e8eb-4300-8298-ca9a9de1da73", + "uuid": "f3b5c572-116f-49a4-85b1-935807d8500c", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -21304,7 +21204,7 @@ ] }, { - "uuid": "08850eb2-54d8-4be5-b2a0-279b3e01255d", + "uuid": "c86352ca-2fc7-4d35-8313-2bdc0b626eb4", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -21321,7 +21221,7 @@ ] }, { - "uuid": "0b74127f-156a-4d0a-b8b5-18b7aeece29b", + "uuid": "263e7750-7ce8-4b80-855e-b1449a57eb4f", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -21338,7 +21238,7 @@ ] }, { - "uuid": "df9b9dd6-a3bf-458b-9c81-6939cf5007a5", + "uuid": "0fcf56a8-3f7d-4e52-86ad-4f5f866a3e4c", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -21355,7 +21255,7 @@ ] }, { - "uuid": "9355a51d-d1fc-4ab6-8f00-8f3caed91ae0", + "uuid": "808977fd-077c-47f6-b127-ab7fdd75ef9c", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -21377,7 +21277,7 @@ ] }, { - "uuid": "b1662812-13b3-4f78-b43b-3ac23b1d075d", + "uuid": "9ef194d9-7228-44ec-9605-34d51962429e", "control-id": "cis_rhel10_5-1.8", "description": "No notes for control-id 5.1.8.", "props": [ @@ -21394,7 +21294,7 @@ ] }, { - "uuid": "f300e25e-b21d-45c1-addd-071d479bcb64", + "uuid": "fb9e827a-31fb-4b27-99df-ad365fa40e1b", "control-id": "cis_rhel10_5-1.9", "description": "No notes for control-id 5.1.9.", "props": [ @@ -21411,7 +21311,7 @@ ] }, { - "uuid": "ff48d9e5-3e2b-4050-acc4-d60e216839c7", + "uuid": "81b62f47-8eae-4126-9266-d278f7479cd2", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -21428,7 +21328,7 @@ ] }, { - "uuid": "eab34bdd-3f5b-4503-87a0-697242e861f6", + "uuid": "96f42506-9821-490e-9ca3-97340d074d9d", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -21445,7 +21345,7 @@ ] }, { - "uuid": "1fdf078d-e4b0-4b50-91ac-fc7f67a5369d", + "uuid": "9331e2cf-360b-4f57-9d33-0702e2fc6694", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -21463,7 +21363,7 @@ ] }, { - "uuid": "2f0ead6b-c817-4f43-adb8-820b818e6f81", + "uuid": "1e8cee79-e548-4057-b939-24e45ab210fe", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -21480,7 +21380,7 @@ ] }, { - "uuid": "7585215e-fcef-427a-848b-f4634bd50a93", + "uuid": "6e1371aa-8693-4835-8c46-9f90c55140ba", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -21497,7 +21397,7 @@ ] }, { - "uuid": "4de4f898-1ede-4639-9a58-03e758090e55", + "uuid": "372d26db-0ddd-408a-b67c-b4a5f5a76e47", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -21514,7 +21414,7 @@ ] }, { - "uuid": "0acb5aad-4e23-460d-b969-587282e11c27", + "uuid": "497b5c41-48ed-4253-8ab7-df13c59ab982", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -21531,7 +21431,7 @@ ] }, { - "uuid": "854e6c28-984b-44fe-823e-112fdb59f125", + "uuid": "210d865c-5d9a-4c60-9ca7-76213c79ac49", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -21548,7 +21448,7 @@ ] }, { - "uuid": "60ec599c-7171-46c3-a6fc-6883d997615b", + "uuid": "ea3ec5a7-a054-4b4b-b1bc-531ae16e5719", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -21565,7 +21465,7 @@ ] }, { - "uuid": "14bf5925-8e88-477b-9c6f-54a6bccc0006", + "uuid": "0edafd4d-1dfc-4d0d-b8c4-17678d40b34a", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -21582,7 +21482,7 @@ ] }, { - "uuid": "44fda8c0-217f-4082-9214-dd5f3dc81c70", + "uuid": "4ab6c708-705b-464c-b582-d7e2d0abbc4d", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -21599,7 +21499,7 @@ ] }, { - "uuid": "1077af38-f08a-4549-8c9c-9c20937fc9f4", + "uuid": "b343c97d-246f-4d97-9c08-e6ba806dd635", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -21616,7 +21516,7 @@ ] }, { - "uuid": "c0329ba5-1960-482d-a68b-9555f4438b0b", + "uuid": "8414194e-9ad9-4c49-8c3e-b3179962cc26", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -21633,7 +21533,7 @@ ] }, { - "uuid": "189fe849-8367-4304-ade8-45ed582fb522", + "uuid": "bae9a31a-e4a4-452d-b76b-76b2754d514a", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -21650,7 +21550,7 @@ ] }, { - "uuid": "8008f894-01c7-4be8-b2b3-4d830daf3e5d", + "uuid": "426f3efa-2a3e-437f-ab56-8a846046d0bf", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -21667,7 +21567,7 @@ ] }, { - "uuid": "252b0edf-551f-428a-bb30-ed7ad47898f7", + "uuid": "da0978b5-cf4c-4a70-985f-2ba5077e9209", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -21684,7 +21584,7 @@ ] }, { - "uuid": "8ee805e8-1a70-428f-8504-1f9417345359", + "uuid": "c67c90d6-9c58-49cf-8ca3-73f36af4f4c3", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -21701,7 +21601,7 @@ ] }, { - "uuid": "1ea2eda4-6a2a-4e5c-bb09-f0c66f03af83", + "uuid": "a791d648-e2a3-4d99-8de5-59fde35b4a6e", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -21718,7 +21618,7 @@ ] }, { - "uuid": "0af8fe3e-7b99-467f-8065-65f3f64ad1ef", + "uuid": "239d1b57-180c-4baf-9e34-275843627ca1", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -21740,7 +21640,7 @@ ] }, { - "uuid": "6902e79e-72e6-43a6-9c87-2fa9a86987b4", + "uuid": "f7a88a37-4e15-429c-bdd7-0c39dd779dfa", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -21752,7 +21652,7 @@ ] }, { - "uuid": "d37886e0-e1a3-49f5-a721-7825465087a6", + "uuid": "e0779c93-dd93-45b0-a315-54553b8024e2", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -21774,7 +21674,7 @@ ] }, { - "uuid": "1d9867f7-c9a6-475e-b3be-23c2a8f09714", + "uuid": "8a9d805a-38bc-421a-bb30-844c26268333", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -21801,7 +21701,7 @@ ] }, { - "uuid": "67cb6f00-d7f5-4453-aea6-b97a11631928", + "uuid": "80417cd6-a654-479b-ade1-acb1115b54fb", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -21813,7 +21713,7 @@ ] }, { - "uuid": "a6c922b3-4dbe-417e-95b5-623431f7d576", + "uuid": "bd18b598-8b40-4ac2-813e-88ebc6fbca1e", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -21830,7 +21730,7 @@ ] }, { - "uuid": "9a01f87f-95f7-4b93-bdd0-2dfaa0df9b64", + "uuid": "6b7b19d0-4733-49b2-9f9a-b46b5a57a05c", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -21847,7 +21747,7 @@ ] }, { - "uuid": "3437c3ea-c8e0-416b-a16a-8af236be1890", + "uuid": "e3b01ae1-df59-4848-8207-96617bd61496", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -21864,7 +21764,7 @@ ] }, { - "uuid": "3f15b388-7251-4c7f-a29b-0baa2dd6ddd8", + "uuid": "fb931b7f-0f0e-4e10-a8cb-bf083eee55bd", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -21881,7 +21781,7 @@ ] }, { - "uuid": "bf32567d-1090-47ba-b38d-8bf8735e7a30", + "uuid": "75c99911-ffba-435a-b20f-4974955062c2", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -21898,7 +21798,7 @@ ] }, { - "uuid": "19d27cb0-16bb-4325-8979-f21f9649a751", + "uuid": "e5fac67f-0a03-42cf-adf4-a47aa7510a3c", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -21915,7 +21815,7 @@ ] }, { - "uuid": "a3448ada-1d37-477b-9641-f7c416c62c92", + "uuid": "21488ace-06c2-463e-abb7-48a2fa9d8712", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -21932,7 +21832,7 @@ ] }, { - "uuid": "0404a399-e8b9-4293-8e01-29e19335c932", + "uuid": "e9934300-8757-4f85-b271-c2c86ab57bed", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -21949,7 +21849,7 @@ ] }, { - "uuid": "93dfeacc-d016-4c27-8f5e-756ffe4e1b3d", + "uuid": "39919b42-3e08-4e77-962f-9ef74043be32", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -21966,7 +21866,7 @@ ] }, { - "uuid": "cd63028c-7db6-469c-b8cf-8cb3cc8c5eb6", + "uuid": "001345d9-0c98-4167-8aff-a89dd18d8ed9", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -21983,7 +21883,7 @@ ] }, { - "uuid": "2c8ace40-2de6-4b87-82d1-8829ec4ea34b", + "uuid": "fe4b926e-d100-4b05-8202-c4ba3094fbc2", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -22005,7 +21905,7 @@ ] }, { - "uuid": "cd4c7755-983d-4314-8f32-f909beee0d80", + "uuid": "5fe221cd-49a5-4cb9-9800-5d48404ce783", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -22022,7 +21922,7 @@ ] }, { - "uuid": "36deb29f-520f-48f6-8cf3-d04cf08624d6", + "uuid": "669d02a9-c5e8-4e24-b5cd-e78935b3acce", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -22039,7 +21939,7 @@ ] }, { - "uuid": "90222bd9-9a7c-43e1-9def-80c930be97fc", + "uuid": "5760381a-61ac-4d2d-92c3-c1049d3908be", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -22056,7 +21956,7 @@ ] }, { - "uuid": "57545d1f-9e11-4557-8e35-1ea8fe8977d9", + "uuid": "320f4c47-df6d-4968-8cc4-1d6708e2291e", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -22073,7 +21973,7 @@ ] }, { - "uuid": "f5e234ad-a88d-4f19-9e0c-46bc615516b6", + "uuid": "736554e0-0adb-4fc7-92fb-b1e9a5f45db6", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -22095,7 +21995,7 @@ ] }, { - "uuid": "38d19767-fa05-4d3b-aad9-f6809a1b0da3", + "uuid": "59329cb0-0742-43a0-93c6-95aa36f9bb65", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -22112,7 +22012,7 @@ ] }, { - "uuid": "01678de3-8cb3-40c3-bd6b-9260aa5e4c41", + "uuid": "98ae4f7f-fb4b-446b-8956-251072bae628", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -22134,7 +22034,7 @@ ] }, { - "uuid": "cb0975e8-025d-49a6-9e69-12774607919b", + "uuid": "e8a1fadf-0e14-4bd8-914c-7d63608771ab", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -22156,20 +22056,15 @@ ] }, { - "uuid": "a04690e6-7805-4455-a35c-d21730a466b8", + "uuid": "e6038520-e5f0-454c-a9af-8d33a201077d", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -22178,7 +22073,7 @@ ] }, { - "uuid": "31ea9a40-baff-40e4-9e43-22040efa225d", + "uuid": "0f8d3394-358b-4eb7-9172-2aa60058b550", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -22200,7 +22095,7 @@ ] }, { - "uuid": "9116b6cf-bdda-4b6f-9394-780f26173df2", + "uuid": "dca57ad0-125b-4563-b471-ffb1722d6021", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -22217,7 +22112,7 @@ ] }, { - "uuid": "43768857-aaa9-4b90-ba89-a0f3a7de9110", + "uuid": "9d494571-364d-46aa-a1ef-8a62df2245df", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -22234,7 +22129,7 @@ ] }, { - "uuid": "d5b44e57-9763-441c-b52a-2abede4a1d87", + "uuid": "3733eddc-1ff0-4c60-b204-d7b2916473ee", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -22251,7 +22146,7 @@ ] }, { - "uuid": "dc0e8993-ded5-4eab-bfcd-11a85346d918", + "uuid": "1247677f-148f-4e44-8b9d-abcd191bcf39", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -22268,7 +22163,7 @@ ] }, { - "uuid": "1a5502dd-b500-43d3-96dc-9fcf80d32d33", + "uuid": "570b2e95-5e19-4c38-a0ab-3a7a2aadb703", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -22285,7 +22180,7 @@ ] }, { - "uuid": "5572866c-9323-43d0-ae81-769dbc889070", + "uuid": "05af9b80-a5ed-4950-a211-61349966a6c4", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -22307,7 +22202,7 @@ ] }, { - "uuid": "01f4964f-3dc6-415c-93b1-c0f68171576f", + "uuid": "3441dd13-abfb-4216-86cb-27ca2a452755", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -22324,7 +22219,7 @@ ] }, { - "uuid": "f0ff81ab-a475-4e45-8eea-96fa556ef0bc", + "uuid": "c1175a4b-bac4-4d88-92e3-a72467dd8ec6", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -22346,19 +22241,24 @@ ] }, { - "uuid": "ace22baa-9989-4e42-9842-c7c10709e359", + "uuid": "93b596d5-1daf-41dc-99b4-e3f615345c89", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "b4cc2a82-8d8f-475e-8b29-597319adc26a", + "uuid": "9d3880bf-4c60-40e5-a65d-e879bee2352c", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -22375,7 +22275,7 @@ ] }, { - "uuid": "78651c36-1efa-4206-a2c2-d7bfe32b9c9a", + "uuid": "06e7bcb1-ab83-492a-af60-117e0055f68d", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -22402,7 +22302,7 @@ ] }, { - "uuid": "a3b10178-0432-43d8-ad4d-67f6a309abad", + "uuid": "58fff4a9-3c44-4beb-9cf2-e716e74a7ef1", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -22424,7 +22324,7 @@ ] }, { - "uuid": "b201d034-1361-49ce-a004-9e7d147f2d4e", + "uuid": "25110447-5827-4d05-bcaa-ebca3840d053", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -22441,7 +22341,7 @@ ] }, { - "uuid": "7025ae96-2482-41c9-9d80-501e5d5eb9f2", + "uuid": "7da46282-67a3-4952-8068-44eb8148a9db", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -22458,7 +22358,7 @@ ] }, { - "uuid": "7baeb9f0-cdde-4b98-a73d-66d26b1bb57e", + "uuid": "f045d8d2-46f6-4aeb-95da-e2e388cea474", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -22475,7 +22375,7 @@ ] }, { - "uuid": "11e55cd5-15d8-44fc-a728-468ece731146", + "uuid": "2a7ddde1-9387-406e-910f-c0201594d2db", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -22488,7 +22388,7 @@ ] }, { - "uuid": "98afe2b2-d2d1-4525-a224-eee411ad29fd", + "uuid": "3ed23d4a-6e68-48ca-bf1c-98b5b4d16c18", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -22501,20 +22401,24 @@ ] }, { - "uuid": "076ab3b8-0aac-4648-b99d-eb26ae8983da", + "uuid": "78ed1ea0-d876-4685-8959-de86cd3d5058", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "54ad5d0b-3818-4f6b-a618-ceaa240acdbc", + "uuid": "8b8c994c-e101-4efc-b868-3699f90c9fed", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -22531,7 +22435,7 @@ ] }, { - "uuid": "91f3e584-efdf-4ba4-b6cb-a9a8b5cfcf53", + "uuid": "7450357e-985a-446a-a70f-a9496c65da7e", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -22544,7 +22448,7 @@ ] }, { - "uuid": "09742a85-965e-4150-a2a1-6f798b4c1e7e", + "uuid": "8c24ad3d-f130-4600-a01d-ae660b4877e7", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -22561,7 +22465,7 @@ ] }, { - "uuid": "189dd756-b2db-4e76-8e94-b1bc99dccc7d", + "uuid": "7561296f-62d7-463a-b9d0-a3e6dd2d920f", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -22578,7 +22482,7 @@ ] }, { - "uuid": "343efc7e-3269-49a6-83e8-980b82e4b197", + "uuid": "8611fd35-6328-4e9a-b3c2-4e195ce36ba5", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -22595,7 +22499,7 @@ ] }, { - "uuid": "e488d7b2-533b-4d30-8c4b-abf27d5008cf", + "uuid": "9c08b4b8-e00f-4acf-bc40-233b01f8139c", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -22612,7 +22516,7 @@ ] }, { - "uuid": "fa896ef9-a4a7-4046-bc3c-fd9f15cde7e9", + "uuid": "85920911-979c-484e-80d1-0d33dbacf4b9", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -22629,7 +22533,7 @@ ] }, { - "uuid": "a9334ea6-ed35-48fc-a225-5e7ec0f2615b", + "uuid": "7b5d58bb-5e53-4dd4-a321-4a10e98c615a", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -22641,7 +22545,7 @@ ] }, { - "uuid": "6db47d05-74db-4695-ac50-8e1f5ee50e03", + "uuid": "3d2fb540-d202-48de-8640-a667aa10edb0", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -22653,7 +22557,7 @@ ] }, { - "uuid": "b241582a-25f0-4d4f-a2f8-084939336b58", + "uuid": "6813e080-1c80-48aa-b45f-d86a10a4069f", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -22665,7 +22569,7 @@ ] }, { - "uuid": "de8bca02-89d1-479c-9ada-0d9d96efaa31", + "uuid": "b0d68327-38a4-4b67-bef0-db490c174cde", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -22677,7 +22581,7 @@ ] }, { - "uuid": "9cad0a82-20a1-433b-981a-74b07f8f8120", + "uuid": "77c250cc-90d1-4cdd-8885-602e7603ae69", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -22690,7 +22594,7 @@ ] }, { - "uuid": "06063c0d-ad6a-4463-bf09-c406ec086cb4", + "uuid": "621f2874-76b9-45be-a485-0755050a994a", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -22703,7 +22607,7 @@ ] }, { - "uuid": "e6b87ad1-e1ef-462c-aaa4-117a60c44d26", + "uuid": "c64d3beb-e731-4464-8185-032465744279", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -22715,7 +22619,7 @@ ] }, { - "uuid": "3204cce6-e8db-4c9b-bf71-c56ee7c6451a", + "uuid": "050bcfda-d819-4a8a-b298-3acceb00b21d", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -22728,7 +22632,7 @@ ] }, { - "uuid": "c63a5230-0190-45d4-8a50-bf57ad221602", + "uuid": "3bcfa418-1fb0-4c6d-aad5-9a44263d12e8", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -22755,7 +22659,7 @@ ] }, { - "uuid": "690eeb85-7ab5-4a0d-a335-8a90bb105e10", + "uuid": "b12fb1f0-9530-4fa6-b0d8-358bac0c1ae6", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -22782,7 +22686,7 @@ ] }, { - "uuid": "23816218-7d66-421a-ab44-241178c36476", + "uuid": "27dbab49-9c47-4b85-82c8-a98b25256a7b", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -22809,7 +22713,7 @@ ] }, { - "uuid": "2b32b8ea-e045-4ca6-a683-62ecea7221ed", + "uuid": "4f62d640-8322-47f3-8ba1-4b04a1fe11d7", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -22836,7 +22740,7 @@ ] }, { - "uuid": "e085cc5e-20e7-444b-a4b3-8b25d40ca7f5", + "uuid": "6dfe267e-d51b-4b41-8873-b885cd596fad", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -22863,7 +22767,7 @@ ] }, { - "uuid": "12bdf529-51a6-4657-b9a7-9b851e17adac", + "uuid": "bacc080b-8629-4013-89c0-43a0c24835af", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -22890,7 +22794,7 @@ ] }, { - "uuid": "99705a84-8a4b-47cb-b126-56a9b0e200a1", + "uuid": "8f901fce-c5d5-436c-b753-1fa47a3de6d0", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -22917,7 +22821,7 @@ ] }, { - "uuid": "18e64bac-7823-4fdd-bbfb-55dc2a620d89", + "uuid": "a4727b62-679d-4333-b72e-d65ec42d57e1", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -22944,7 +22848,7 @@ ] }, { - "uuid": "f34f9eba-6e1b-4894-936d-582b52508a5a", + "uuid": "8da1c1b9-8a15-480a-8d44-3a40520eb171", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -22971,7 +22875,7 @@ ] }, { - "uuid": "4e4659ff-0f34-4711-bbf9-1d0319a70ca9", + "uuid": "04095bf9-0372-4451-9279-49670c404a78", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -22998,7 +22902,7 @@ ] }, { - "uuid": "86bda1c7-11aa-4ea8-a12e-db2ed90f2d8b", + "uuid": "10a65c7d-a4f1-4afc-912a-0aee1a5b885b", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -23040,7 +22944,7 @@ ] }, { - "uuid": "7c99d064-77fb-4b31-a3c5-1dbffafa4335", + "uuid": "737aa899-f156-4fff-9a5c-817350ce0f04", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -23062,7 +22966,7 @@ ] }, { - "uuid": "dc84c9b8-68ab-4884-9cf7-35c45c44ef3f", + "uuid": "67f9a6b3-04d1-499b-a1b0-5224e02504ec", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -23084,7 +22988,7 @@ ] }, { - "uuid": "a32b6846-11a5-468c-b424-fe2e46400d24", + "uuid": "e492936a-f68a-4664-8f63-7cd814b47f56", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -23097,7 +23001,7 @@ ] }, { - "uuid": "52cc77b4-138f-428c-b2a1-9ebde34316cf", + "uuid": "b290503a-facc-4954-b60b-226b45a2b7a0", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -23114,7 +23018,7 @@ ] }, { - "uuid": "ef3bbb0f-249f-4acd-8154-62a3bde92d13", + "uuid": "85b8c190-6acc-4600-9c1d-fe2b43c504dd", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -23131,7 +23035,7 @@ ] }, { - "uuid": "8908b513-a0ec-457a-bc3e-70f7bd52e306", + "uuid": "e5b9288f-f729-429d-8fe9-9fbe2bcf3f49", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -23148,7 +23052,7 @@ ] }, { - "uuid": "44f5e9b5-1bd7-421c-b36b-80641a128bd6", + "uuid": "fe66b159-bbef-4753-bab6-46f3447b29e9", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -23165,7 +23069,7 @@ ] }, { - "uuid": "c3973af8-4a9d-463e-85b8-77543a3c9a4c", + "uuid": "5e34d698-24ac-460b-b04c-f46b7ba67564", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -23182,7 +23086,7 @@ ] }, { - "uuid": "4773dbc7-1cf4-4fb7-958a-47f8ba9f0570", + "uuid": "fee15855-4e2f-4885-8422-ab4e4bac366e", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -23199,7 +23103,7 @@ ] }, { - "uuid": "d031379d-0759-4a88-b663-3556c62eb52c", + "uuid": "00aadea4-66db-463c-a870-6c2bb2f68d23", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -23216,7 +23120,7 @@ ] }, { - "uuid": "ed208fce-f4ee-4bb4-bb51-907408e6b17e", + "uuid": "12f37979-ee29-4d9a-871a-78971c3c3a4c", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -23243,7 +23147,7 @@ ] }, { - "uuid": "61ede15b-ce46-4d86-b6cd-c55486505043", + "uuid": "d1651952-3ac9-464c-bf63-1641ef69ce79", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ diff --git a/component-definitions/rhel10/rhel10-cis_rhel10-l2_server/component-definition.json b/component-definitions/rhel10/rhel10-cis_rhel10-l2_server/component-definition.json index 887fdf82f..413c3b1e2 100644 --- a/component-definitions/rhel10/rhel10-cis_rhel10-l2_server/component-definition.json +++ b/component-definitions/rhel10/rhel10-cis_rhel10-l2_server/component-definition.json @@ -3,8 +3,8 @@ "uuid": "6531a0d9-efde-405d-ba52-aab8178414c4", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:24:45.474598+00:00", - "version": "4.5", + "last-modified": "2025-12-17T10:46:14.034708+00:00", + "version": "4.9", "oscal-version": "1.1.3" }, "components": [ @@ -887,7 +887,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -905,7 +905,7 @@ { "name": "Parameter_Value_Alternatives_48", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -1667,4807 +1667,4783 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_automount", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automounting", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_gnome_disable_automount_open", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Disable GNOME3 Automount Opening", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount", + "value": "service_autofs_disabled", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automounting", + "value": "Disable the Automounter", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount_open", + "value": "service_avahi-daemon_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount Opening", + "value": "Disable Avahi Server Software", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_kea_removed", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall kea Package", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_autofs_disabled", + "value": "package_bind_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the Automounter", + "value": "Uninstall bind Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_avahi-daemon_disabled", + "value": "package_dnsmasq_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Avahi Server Software", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_cups_disabled", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable the CUPS Service", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_rsync_removed", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall rsync Package", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cups_disabled", + "value": "package_samba_removed", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the CUPS Service", + "value": "Uninstall Samba Package", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "wireless_disable_interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "service_bluetooth_disabled", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable Bluetooth Service", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "kernel_module_can_disabled", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Disable CAN Support", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_bluetooth_disabled", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Bluetooth Service", + "value": "Disable DCCP Support", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "disable_host_auth", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_rhosts", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_use_strong_kex", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", + "value": "package_systemd-journal-remote_installed", "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", + "value": "Install systemd-journal-remote Package", "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", + "value": "service_systemd-journal-upload_enabled", "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", + "value": "Enable systemd-journal-upload Service", "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_systemd-journal-remote_installed", + "value": "socket_systemd-journal-remote_disabled", "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install systemd-journal-remote Package", + "value": "Disable systemd-journal-remote Socket", "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journal-upload_enabled", + "value": "journald_disable_forward_to_syslog", "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journal-upload Service", + "value": "Ensure journald ForwardToSyslog is disabled", "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "socket_systemd-journal-remote_disabled", + "value": "journald_compress", "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable systemd-journal-remote Socket", + "value": "Ensure journald is configured to compress large log files", "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_disable_forward_to_syslog", + "value": "journald_storage", "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald ForwardToSyslog is disabled", + "value": "Ensure journald is configured to write log files to persistent disk", "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_compress", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to compress large log files", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_storage", + "value": "rsyslog_files_ownership", "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to write log files to persistent disk", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_files_permissions", "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "file_groupowner_etc_passwd", "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "Verify Group Who Owns passwd File", "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "file_owner_etc_passwd", "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "Verify User Who Owns passwd File", "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_passwd", + "value": "file_permissions_etc_passwd", "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns passwd File", + "value": "Verify Permissions on passwd File", "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_passwd", + "value": "file_groupowner_backup_etc_passwd", "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns passwd File", + "value": "Verify Group Who Owns Backup passwd File", "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_passwd", + "value": "file_owner_backup_etc_passwd", "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on passwd File", + "value": "Verify User Who Owns Backup passwd File", "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_passwd", + "value": "file_permissions_backup_etc_passwd", "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup passwd File", + "value": "Verify Permissions on Backup passwd File", "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_passwd", + "value": "file_groupowner_etc_group", "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup passwd File", + "value": "Verify Group Who Owns group File", "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_passwd", + "value": "file_owner_etc_group", "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup passwd File", + "value": "Verify User Who Owns group File", "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_group", + "value": "file_permissions_etc_group", "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns group File", + "value": "Verify Permissions on group File", "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_group", + "value": "file_groupowner_backup_etc_group", "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns group File", + "value": "Verify Group Who Owns Backup group File", "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_group", + "value": "file_owner_backup_etc_group", "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on group File", + "value": "Verify User Who Owns Backup group File", "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_group", + "value": "file_permissions_backup_etc_group", "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup group File", + "value": "Verify Permissions on Backup group File", "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_group", + "value": "file_owner_etc_shadow", "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup group File", + "value": "Verify User Who Owns shadow File", "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_group", + "value": "file_groupowner_etc_shadow", "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup group File", + "value": "Verify Group Who Owns shadow File", "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shadow", + "value": "file_permissions_etc_shadow", "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns shadow File", + "value": "Verify Permissions on shadow File", "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shadow", + "value": "file_groupowner_backup_etc_shadow", "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns shadow File", + "value": "Verify User Who Owns Backup shadow File", "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shadow", + "value": "file_owner_backup_etc_shadow", "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on shadow File", + "value": "Verify Group Who Owns Backup shadow File", "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_shadow", + "value": "file_permissions_backup_etc_shadow", "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup shadow File", + "value": "Verify Permissions on Backup shadow File", "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_shadow", + "value": "file_groupowner_etc_gshadow", "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup shadow File", + "value": "Verify Group Who Owns gshadow File", "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_shadow", + "value": "file_owner_etc_gshadow", "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup shadow File", + "value": "Verify User Who Owns gshadow File", "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_gshadow", + "value": "file_permissions_etc_gshadow", "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns gshadow File", + "value": "Verify Permissions on gshadow File", "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_gshadow", + "value": "file_groupowner_backup_etc_gshadow", "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns gshadow File", + "value": "Verify Group Who Owns Backup gshadow File", "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_gshadow", + "value": "file_owner_backup_etc_gshadow", "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on gshadow File", + "value": "Verify User Who Owns Backup gshadow File", "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_gshadow", + "value": "file_permissions_backup_etc_gshadow", "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup gshadow File", + "value": "Verify Permissions on Backup gshadow File", "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_gshadow", + "value": "file_groupowner_etc_shells", "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup gshadow File", + "value": "Verify Group Who Owns /etc/shells File", "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_gshadow", + "value": "file_owner_etc_shells", "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup gshadow File", + "value": "Verify Who Owns /etc/shells File", "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shells", + "value": "file_permissions_etc_shells", "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/shells File", + "value": "Verify Permissions on /etc/shells File", "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shells", + "value": "file_groupowner_etc_security_opasswd", "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Who Owns /etc/shells File", + "value": "Verify Group Who Owns /etc/security/opasswd File", "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shells", + "value": "file_owner_etc_security_opasswd", "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/shells File", + "value": "Verify User Who Owns /etc/security/opasswd File", "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd", + "value": "file_permissions_etc_security_opasswd", "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd File", + "value": "Verify Permissions on /etc/security/opasswd File", "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd", + "value": "file_groupowner_etc_security_opasswd_old", "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd File", + "value": "Verify Group Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_security_opasswd", + "value": "file_owner_etc_security_opasswd_old", "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/security/opasswd File", + "value": "Verify User Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd_old", + "value": "file_permissions_etc_security_opasswd_old", "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd.old File", + "value": "Verify Permissions on /etc/security/opasswd.old File", "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd_old", + "value": "file_permissions_unauthorized_world_writable", "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd.old File", + "value": "Ensure No World-Writable Files Exist", "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_security_opasswd_old", + "value": "dir_perms_world_writable_sticky_bits", "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/security/opasswd.old File", + "value": "Verify that All World-Writable Directories Have Sticky Bits Set", "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_world_writable", + "value": "no_files_or_dirs_unowned_by_user", "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure No World-Writable Files Exist", + "value": "Ensure All Files And Directories Are Owned by a User", "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_perms_world_writable_sticky_bits", + "value": "no_files_or_dirs_ungroupowned", "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that All World-Writable Directories Have Sticky Bits Set", + "value": "Ensure All Files And Directories Are Owned by a Group", "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_files_or_dirs_unowned_by_user", + "value": "accounts_password_all_shadowed", "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Files And Directories Are Owned by a User", + "value": "Verify All Account Password Hashes are Shadowed", "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_files_or_dirs_ungroupowned", + "value": "no_empty_passwords_etc_shadow", "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Files And Directories Are Owned by a Group", + "value": "Ensure There Are No Accounts With Blank or Null Passwords", "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_all_shadowed", + "value": "gid_passwd_group_same", "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify All Account Password Hashes are Shadowed", + "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords_etc_shadow", + "value": "account_unique_id", "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure There Are No Accounts With Blank or Null Passwords", + "value": "Ensure All Accounts on the System Have Unique User IDs", "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gid_passwd_group_same", + "value": "group_unique_id", "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", + "value": "Ensure All Groups on the System Have Unique Group ID", "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_id", + "value": "account_unique_name", "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique User IDs", + "value": "Ensure All Accounts on the System Have Unique Names", "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_id", + "value": "group_unique_name", "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group ID", + "value": "Ensure All Groups on the System Have Unique Group Names", "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_name", + "value": "accounts_user_interactive_home_directory_exists", "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique Names", + "value": "All Interactive Users Home Directories Must Exist", "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_name", + "value": "file_ownership_home_directories", "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group Names", + "value": "All Interactive User Home Directories Must Be Owned By The Primary User", "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_interactive_home_directory_exists", + "value": "file_permissions_home_directories", "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All Interactive Users Home Directories Must Exist", + "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_home_directories", + "value": "accounts_user_dot_group_ownership", "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All Interactive User Home Directories Must Be Owned By The Primary User", + "value": "User Initialization Files Must Be Group-Owned By The Primary Group", "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_home_directories", + "value": "accounts_user_dot_user_ownership", "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", + "value": "User Initialization Files Must Be Owned By the Primary User", "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_group_ownership", + "value": "accounts_user_dot_no_world_writable_programs", "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Group-Owned By The Primary Group", + "value": "User Initialization Files Must Not Run World-Writable Programs", "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_user_ownership", + "value": "file_permission_user_init_files", "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Owned By the Primary User", + "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_no_world_writable_programs", + "value": "no_forward_files", "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Not Run World-Writable Programs", + "value": "Verify No .forward Files Exist", "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permission_user_init_files", + "value": "no_netrc_files", "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", + "value": "Verify No netrc Files Exist", "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_forward_files", + "value": "no_rhost_files", "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify No .forward Files Exist", + "value": "Verify No .rhost Files Exist", "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_netrc_files", + "value": "file_permission_user_bash_history", "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify No netrc Files Exist", + "value": "Ensure User Bash History File Has Correct Permissions", "remarks": "rule_set_321" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_rhost_files", + "value": "kernel_module_overlayfs_disabled", "remarks": "rule_set_322" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify No .rhost Files Exist", + "value": "Ensure overlayfs kernel module is not available", "remarks": "rule_set_322" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permission_user_bash_history", + "value": "kernel_module_squashfs_disabled", "remarks": "rule_set_323" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure User Bash History File Has Correct Permissions", + "value": "Disable Mounting of squashfs", "remarks": "rule_set_323" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_overlayfs_disabled", + "value": "kernel_module_udf_disabled", "remarks": "rule_set_324" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure overlayfs kernel module is not available", + "value": "Disable Mounting of udf", "remarks": "rule_set_324" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_squashfs_disabled", + "value": "partition_for_home", "remarks": "rule_set_325" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Mounting of squashfs", + "value": "Ensure /home Located On Separate Partition", "remarks": "rule_set_325" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_udf_disabled", + "value": "partition_for_var", "remarks": "rule_set_326" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Mounting of udf", + "value": "Ensure /var Located On Separate Partition", "remarks": "rule_set_326" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_home", + "value": "partition_for_var_tmp", "remarks": "rule_set_327" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /home Located On Separate Partition", + "value": "Ensure /var/tmp Located On Separate Partition", "remarks": "rule_set_327" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var", + "value": "partition_for_var_log", "remarks": "rule_set_328" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var Located On Separate Partition", + "value": "Ensure /var/log Located On Separate Partition", "remarks": "rule_set_328" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_tmp", + "value": "partition_for_var_log_audit", "remarks": "rule_set_329" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/tmp Located On Separate Partition", + "value": "Ensure /var/log/audit Located On Separate Partition", "remarks": "rule_set_329" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_log", + "value": "disable_weak_deps", "remarks": "rule_set_330" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/log Located On Separate Partition", + "value": "Disable Installation of Weak Dependencies in DNF", "remarks": "rule_set_330" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_log_audit", + "value": "selinux_state", "remarks": "rule_set_331" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/log/audit Located On Separate Partition", + "value": "Ensure SELinux State is Enforcing", "remarks": "rule_set_331" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_weak_deps", + "value": "sysctl_fs_protected_symlinks", "remarks": "rule_set_332" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Installation of Weak Dependencies in DNF", + "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", "remarks": "rule_set_332" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_state", + "value": "xwayland_disabled", "remarks": "rule_set_333" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SELinux State is Enforcing", + "value": "Disable XWayland", "remarks": "rule_set_333" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_symlinks", + "value": "service_cockpit_disabled", "remarks": "rule_set_334" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", + "value": "Disable Cockpit Management Server", "remarks": "rule_set_334" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "xwayland_disabled", + "value": "package_gdm_removed", "remarks": "rule_set_335" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable XWayland", + "value": "Remove the GDM Package Group", "remarks": "rule_set_335" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cockpit_disabled", + "value": "package_xorg-x11-server-Xwayland_removed", "remarks": "rule_set_336" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Cockpit Management Server", + "value": "Remove the X Windows Xwayland Package", "remarks": "rule_set_336" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_gdm_removed", + "value": "package_openldap-clients_removed", "remarks": "rule_set_337" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove the GDM Package Group", + "value": "Ensure LDAP client is not installed", "remarks": "rule_set_337" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_xorg-x11-server-Xwayland_removed", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_338" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove the X Windows Xwayland Package", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_338" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_openldap-clients_removed", + "value": "sshd_disable_forwarding", "remarks": "rule_set_339" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure LDAP client is not installed", + "value": "Disable SSH Forwarding", "remarks": "rule_set_339" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_340" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_340" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_forwarding", + "value": "sudo_remove_nopasswd", "remarks": "rule_set_341" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Forwarding", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", "remarks": "rule_set_341" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "accounts_passwords_pam_faillock_deny_root", "remarks": "rule_set_342" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Configure the root Account for Failed Password Attempts", "remarks": "rule_set_342" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_nopasswd", + "value": "accounts_minimum_age_login_defs", "remarks": "rule_set_343" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", + "value": "Set Password Minimum Age", "remarks": "rule_set_343" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny_root", + "value": "accounts_password_set_min_life_existing", "remarks": "rule_set_344" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the root Account for Failed Password Attempts", + "value": "Set Existing Passwords Minimum Age", "remarks": "rule_set_344" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_minimum_age_login_defs", + "value": "no_nologin_in_shells", "remarks": "rule_set_345" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Age", + "value": "Ensure nologin Shell is Not Listed in /etc/shells", "remarks": "rule_set_345" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_min_life_existing", + "value": "package_audit_installed", "remarks": "rule_set_346" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Minimum Age", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_346" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_nologin_in_shells", + "value": "package_audit-libs_installed", "remarks": "rule_set_347" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure nologin Shell is Not Listed in /etc/shells", + "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", "remarks": "rule_set_347" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "grub2_audit_argument", "remarks": "rule_set_348" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", "remarks": "rule_set_348" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit-libs_installed", + "value": "grub2_audit_backlog_limit_argument", "remarks": "rule_set_349" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", + "value": "Extend Audit Backlog Limit for the Audit Daemon", "remarks": "rule_set_349" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_audit_argument", + "value": "service_auditd_enabled", "remarks": "rule_set_350" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", + "value": "Enable auditd Service", "remarks": "rule_set_350" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_audit_backlog_limit_argument", + "value": "auditd_data_retention_max_log_file", "remarks": "rule_set_351" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Extend Audit Backlog Limit for the Audit Daemon", + "value": "Configure auditd Max Log File Size", "remarks": "rule_set_351" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "auditd_data_retention_max_log_file_action", "remarks": "rule_set_352" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", "remarks": "rule_set_352" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_max_log_file", + "value": "auditd_data_disk_error_action", "remarks": "rule_set_353" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd Max Log File Size", + "value": "Configure auditd Disk Error Action on Disk Error", "remarks": "rule_set_353" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_max_log_file_action", + "value": "auditd_data_disk_full_action", "remarks": "rule_set_354" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", + "value": "Configure auditd Disk Full Action when Disk Space Is Full", "remarks": "rule_set_354" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_disk_error_action", + "value": "auditd_data_retention_admin_space_left_action", "remarks": "rule_set_355" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd Disk Error Action on Disk Error", + "value": "Configure auditd admin_space_left Action on Low Disk Space", "remarks": "rule_set_355" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_disk_full_action", + "value": "auditd_data_retention_space_left_action", "remarks": "rule_set_356" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd Disk Full Action when Disk Space Is Full", + "value": "Configure auditd space_left Action on Low Disk Space", "remarks": "rule_set_356" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_admin_space_left_action", + "value": "audit_rules_sysadmin_actions", "remarks": "rule_set_357" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd admin_space_left Action on Low Disk Space", + "value": "Ensure auditd Collects System Administrator Actions", "remarks": "rule_set_357" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_space_left_action", + "value": "audit_rules_suid_auid_privilege_function", "remarks": "rule_set_358" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd space_left Action on Low Disk Space", + "value": "Record Events When Executables Are Run As Another User", "remarks": "rule_set_358" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_sysadmin_actions", + "value": "audit_sudo_log_events", "remarks": "rule_set_359" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects System Administrator Actions", + "value": "Record Attempts to perform maintenance activities", "remarks": "rule_set_359" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_suid_auid_privilege_function", + "value": "audit_rules_time_adjtimex", "remarks": "rule_set_360" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events When Executables Are Run As Another User", + "value": "Record attempts to alter time through adjtimex", "remarks": "rule_set_360" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_sudo_log_events", + "value": "audit_rules_time_settimeofday", "remarks": "rule_set_361" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to perform maintenance activities", + "value": "Record attempts to alter time through settimeofday", "remarks": "rule_set_361" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_adjtimex", + "value": "audit_rules_time_clock_settime", "remarks": "rule_set_362" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through adjtimex", + "value": "Record Attempts to Alter Time Through clock_settime", "remarks": "rule_set_362" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_settimeofday", + "value": "audit_rules_time_watch_localtime", "remarks": "rule_set_363" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through settimeofday", + "value": "Record Attempts to Alter the localtime File", "remarks": "rule_set_363" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_clock_settime", + "value": "audit_rules_networkconfig_modification_setdomainname", "remarks": "rule_set_364" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through clock_settime", + "value": "Record Events that Modify the System's Network Environment - setdomainname", "remarks": "rule_set_364" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_watch_localtime", + "value": "audit_rules_networkconfig_modification_sethostname", "remarks": "rule_set_365" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter the localtime File", + "value": "Record Events that Modify the System's Network Environment - sethostname", "remarks": "rule_set_365" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_setdomainname", + "value": "audit_rules_networkconfig_modification_etc_issue", "remarks": "rule_set_366" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - setdomainname", + "value": "Record Events that Modify the System's Network Environment - /etc/issue", "remarks": "rule_set_366" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_sethostname", + "value": "audit_rules_networkconfig_modification_etc_issue_net", "remarks": "rule_set_367" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - sethostname", + "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", "remarks": "rule_set_367" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_issue", + "value": "audit_rules_networkconfig_modification_etc_hosts", "remarks": "rule_set_368" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/issue", + "value": "Record Events that Modify the System's Network Environment - /etc/hosts", "remarks": "rule_set_368" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_issue_net", + "value": "audit_rules_networkconfig_modification_hostname_file", "remarks": "rule_set_369" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", + "value": "Record Events that Modify the System's Network Environment - /etc/hostname", "remarks": "rule_set_369" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_hosts", + "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", "remarks": "rule_set_370" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/hosts", + "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", "remarks": "rule_set_370" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_hostname_file", + "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", "remarks": "rule_set_371" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/hostname", + "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", "remarks": "rule_set_371" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", + "value": "audit_rules_networkconfig_modification_networkmanager", "remarks": "rule_set_372" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", + "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", "remarks": "rule_set_372" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", + "value": "audit_rules_privileged_commands", "remarks": "rule_set_373" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands", "remarks": "rule_set_373" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_networkmanager", + "value": "audit_rules_unsuccessful_file_modification_creat", "remarks": "rule_set_374" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", + "value": "Record Unsuccessful Access Attempts to Files - creat", "remarks": "rule_set_374" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands", + "value": "audit_rules_unsuccessful_file_modification_ftruncate", "remarks": "rule_set_375" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands", + "value": "Record Unsuccessful Access Attempts to Files - ftruncate", "remarks": "rule_set_375" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_creat", + "value": "audit_rules_unsuccessful_file_modification_open", "remarks": "rule_set_376" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - creat", + "value": "Record Unsuccessful Access Attempts to Files - open", "remarks": "rule_set_376" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_ftruncate", + "value": "audit_rules_unsuccessful_file_modification_openat", "remarks": "rule_set_377" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - ftruncate", + "value": "Record Unsuccessful Access Attempts to Files - openat", "remarks": "rule_set_377" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open", + "value": "audit_rules_unsuccessful_file_modification_truncate", "remarks": "rule_set_378" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open", + "value": "Record Unsuccessful Access Attempts to Files - truncate", "remarks": "rule_set_378" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_openat", + "value": "audit_rules_usergroup_modification_group", "remarks": "rule_set_379" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - openat", + "value": "Record Events that Modify User/Group Information - /etc/group", "remarks": "rule_set_379" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_truncate", + "value": "audit_rules_usergroup_modification_passwd", "remarks": "rule_set_380" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - truncate", + "value": "Record Events that Modify User/Group Information - /etc/passwd", "remarks": "rule_set_380" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_group", + "value": "audit_rules_usergroup_modification_gshadow", "remarks": "rule_set_381" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/group", + "value": "Record Events that Modify User/Group Information - /etc/gshadow", "remarks": "rule_set_381" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_passwd", + "value": "audit_rules_usergroup_modification_shadow", "remarks": "rule_set_382" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/passwd", + "value": "Record Events that Modify User/Group Information - /etc/shadow", "remarks": "rule_set_382" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_gshadow", + "value": "audit_rules_usergroup_modification_opasswd", "remarks": "rule_set_383" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/gshadow", + "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", "remarks": "rule_set_383" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_shadow", + "value": "audit_rules_usergroup_modification_nsswitch_conf", "remarks": "rule_set_384" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/shadow", + "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", "remarks": "rule_set_384" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_opasswd", + "value": "audit_rules_usergroup_modification_pam_conf", "remarks": "rule_set_385" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", + "value": "Record Events that Modify User/Group Information - /etc/pam.conf", "remarks": "rule_set_385" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_nsswitch_conf", + "value": "audit_rules_usergroup_modification_pamd", "remarks": "rule_set_386" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", + "value": "Record Events that Modify User/Group Information - /etc/pam.d/", "remarks": "rule_set_386" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_pam_conf", + "value": "audit_rules_dac_modification_chmod", "remarks": "rule_set_387" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/pam.conf", + "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", "remarks": "rule_set_387" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_pamd", + "value": "audit_rules_dac_modification_fchmod", "remarks": "rule_set_388" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/pam.d/", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", "remarks": "rule_set_388" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chmod", + "value": "audit_rules_dac_modification_fchmodat", "remarks": "rule_set_389" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", "remarks": "rule_set_389" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmod", + "value": "audit_rules_dac_modification_fchmodat2", "remarks": "rule_set_390" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", "remarks": "rule_set_390" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmodat", + "value": "audit_rules_dac_modification_chown", "remarks": "rule_set_391" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", + "value": "Record Events that Modify the System's Discretionary Access Controls - chown", "remarks": "rule_set_391" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmodat2", + "value": "audit_rules_dac_modification_fchown", "remarks": "rule_set_392" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", "remarks": "rule_set_392" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chown", + "value": "audit_rules_dac_modification_fchownat", "remarks": "rule_set_393" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chown", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", "remarks": "rule_set_393" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchown", + "value": "audit_rules_dac_modification_lchown", "remarks": "rule_set_394" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", + "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", "remarks": "rule_set_394" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchownat", + "value": "audit_rules_dac_modification_fremovexattr", "remarks": "rule_set_395" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", + "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", "remarks": "rule_set_395" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lchown", + "value": "audit_rules_dac_modification_fsetxattr", "remarks": "rule_set_396" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", + "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", "remarks": "rule_set_396" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fremovexattr", + "value": "audit_rules_dac_modification_lremovexattr", "remarks": "rule_set_397" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", "remarks": "rule_set_397" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fsetxattr", + "value": "audit_rules_dac_modification_lsetxattr", "remarks": "rule_set_398" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", "remarks": "rule_set_398" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lremovexattr", + "value": "audit_rules_dac_modification_removexattr", "remarks": "rule_set_399" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", "remarks": "rule_set_399" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lsetxattr", + "value": "audit_rules_dac_modification_setxattr", "remarks": "rule_set_400" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", "remarks": "rule_set_400" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_removexattr", + "value": "audit_rules_media_export", "remarks": "rule_set_401" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", + "value": "Ensure auditd Collects Information on Exporting to Media (successful)", "remarks": "rule_set_401" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_setxattr", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_402" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_402" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_media_export", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_403" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Exporting to Media (successful)", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_403" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_session_events_wtmp", "remarks": "rule_set_404" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", "remarks": "rule_set_404" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_405" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_405" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_login_events_lastlog", "remarks": "rule_set_406" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Logon and Logout Events - lastlog", "remarks": "rule_set_406" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "audit_rules_file_deletion_events_unlink", "remarks": "rule_set_407" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Ensure auditd Collects File Deletion Events by User - unlink", "remarks": "rule_set_407" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_lastlog", + "value": "audit_rules_file_deletion_events_unlinkat", "remarks": "rule_set_408" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - lastlog", + "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", "remarks": "rule_set_408" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_unlink", + "value": "audit_rules_file_deletion_events_rename", "remarks": "rule_set_409" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - unlink", + "value": "Ensure auditd Collects File Deletion Events by User - rename", "remarks": "rule_set_409" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_unlinkat", + "value": "audit_rules_file_deletion_events_renameat", "remarks": "rule_set_410" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", + "value": "Ensure auditd Collects File Deletion Events by User - renameat", "remarks": "rule_set_410" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_rename", + "value": "audit_rules_file_deletion_events_renameat2", "remarks": "rule_set_411" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - rename", + "value": "Ensure auditd Collects File Deletion Events by User - renameat2", "remarks": "rule_set_411" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_renameat", + "value": "audit_rules_mac_modification_etc_selinux", "remarks": "rule_set_412" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - renameat", + "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", "remarks": "rule_set_412" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_renameat2", + "value": "audit_rules_mac_modification_usr_share", "remarks": "rule_set_413" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - renameat2", + "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", "remarks": "rule_set_413" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_mac_modification_etc_selinux", + "value": "audit_rules_execution_chcon", "remarks": "rule_set_414" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", + "value": "Record Any Attempts to Run chcon", "remarks": "rule_set_414" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_mac_modification_usr_share", + "value": "audit_rules_execution_setfacl", "remarks": "rule_set_415" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", + "value": "Record Any Attempts to Run setfacl", "remarks": "rule_set_415" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_chcon", + "value": "audit_rules_execution_chacl", "remarks": "rule_set_416" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run chcon", + "value": "Record Any Attempts to Run chacl", "remarks": "rule_set_416" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setfacl", + "value": "audit_rules_privileged_commands_usermod", "remarks": "rule_set_417" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setfacl", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", "remarks": "rule_set_417" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_chacl", + "value": "audit_rules_privileged_commands_kmod", "remarks": "rule_set_418" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run chacl", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", "remarks": "rule_set_418" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands_usermod", + "value": "audit_rules_kernel_module_loading_init", "remarks": "rule_set_419" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", + "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", "remarks": "rule_set_419" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands_kmod", + "value": "audit_rules_kernel_module_loading_finit", "remarks": "rule_set_420" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", + "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", "remarks": "rule_set_420" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_init", + "value": "audit_rules_kernel_module_loading_delete", "remarks": "rule_set_421" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", + "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", "remarks": "rule_set_421" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_finit", + "value": "audit_rules_kernel_module_loading_query", "remarks": "rule_set_422" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", + "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", "remarks": "rule_set_422" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_delete", + "value": "audit_rules_continue_loading", "remarks": "rule_set_423" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", + "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", "remarks": "rule_set_423" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_query", + "value": "audit_rules_immutable", "remarks": "rule_set_424" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", + "value": "Make the auditd Configuration Immutable", "remarks": "rule_set_424" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_continue_loading", + "value": "directory_permissions_var_log_audit", "remarks": "rule_set_425" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", + "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", "remarks": "rule_set_425" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_immutable", + "value": "file_permissions_var_log_audit", "remarks": "rule_set_426" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Make the auditd Configuration Immutable", + "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", "remarks": "rule_set_426" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_var_log_audit", - "remarks": "rule_set_427" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", - "remarks": "rule_set_427" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_var_log_audit", - "remarks": "rule_set_428" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", - "remarks": "rule_set_428" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_var_log_audit_stig", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_configuration", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Permissions are 640 or More Restrictive", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_configuration", - "remarks": "rule_set_432" + "remarks": "rule_set_430" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Root", - "remarks": "rule_set_432" + "remarks": "rule_set_430" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_configuration", - "remarks": "rule_set_433" + "remarks": "rule_set_431" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Group root", - "remarks": "rule_set_433" + "remarks": "rule_set_431" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_binaries", - "remarks": "rule_set_434" + "remarks": "rule_set_432" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools Have Mode 0755 or less", - "remarks": "rule_set_434" + "remarks": "rule_set_432" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_binaries", - "remarks": "rule_set_435" + "remarks": "rule_set_433" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by root", - "remarks": "rule_set_435" + "remarks": "rule_set_433" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_binaries", - "remarks": "rule_set_436" + "remarks": "rule_set_434" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by group root", - "remarks": "rule_set_436" + "remarks": "rule_set_434" } ], "control-implementations": [ { - "uuid": "c1d2a913-8b3b-40b3-8c25-c284560f568c", + "uuid": "776886cb-25e9-4e6f-8a0a-e7418bf4acac", "source": "trestle://profiles/rhel10-cis_rhel10-l2_server/profile.json", "description": "Control implementation for cis", "props": [ @@ -6763,13 +6739,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -6883,7 +6859,7 @@ ], "implemented-requirements": [ { - "uuid": "6d6344d6-f4d5-460a-aeca-e54b0378a266", + "uuid": "7bd9e7a8-a0ea-4c8f-ae5d-bd0ce9a6a9d2", "control-id": "cis_rhel10_1-1.1.6", "description": "No notes for control-id 1.1.1.6.", "props": [ @@ -6900,7 +6876,7 @@ ] }, { - "uuid": "103e11b5-f69e-4e91-965d-3e22b4047041", + "uuid": "c4f3dbbc-576d-47c2-a4b9-b07959290c1f", "control-id": "cis_rhel10_1-1.1.7", "description": "No notes for control-id 1.1.1.7.", "props": [ @@ -6917,7 +6893,7 @@ ] }, { - "uuid": "78eeb7da-c986-456b-a1f7-a0e164c12d90", + "uuid": "443b8869-a3f8-40b4-9aa7-3d4dfb351e3e", "control-id": "cis_rhel10_1-1.1.8", "description": "No notes for control-id 1.1.1.8.", "props": [ @@ -6934,7 +6910,7 @@ ] }, { - "uuid": "9d1d4900-c464-4693-bbb6-52bde2691a4d", + "uuid": "a7cd7ff1-942a-405d-975a-62d5155f7117", "control-id": "cis_rhel10_1-1.2.3.1", "description": "No notes for control-id 1.1.2.3.1.", "props": [ @@ -6951,7 +6927,7 @@ ] }, { - "uuid": "dcbc4748-9a90-4c13-86fe-34b6f563fc63", + "uuid": "f028f50d-504f-4d37-a64a-b1ee938b3993", "control-id": "cis_rhel10_1-1.2.4.1", "description": "No notes for control-id 1.1.2.4.1.", "props": [ @@ -6968,7 +6944,7 @@ ] }, { - "uuid": "ba064367-b839-48b2-bc7e-3d238fd71c97", + "uuid": "26081c57-de30-4ecd-a0d1-19249159560c", "control-id": "cis_rhel10_1-1.2.5.1", "description": "No notes for control-id 1.1.2.5.1.", "props": [ @@ -6985,7 +6961,7 @@ ] }, { - "uuid": "b02edf5b-5ccb-4c52-b8c3-5bd259b12933", + "uuid": "09868660-d082-479e-a451-37fe958ba10a", "control-id": "cis_rhel10_1-1.2.6.1", "description": "No notes for control-id 1.1.2.6.1.", "props": [ @@ -7002,7 +6978,7 @@ ] }, { - "uuid": "b08d9533-167b-4608-8fc2-7c58d9411ed3", + "uuid": "3db24e49-035f-4e32-9768-348e296bbeae", "control-id": "cis_rhel10_1-1.2.7.1", "description": "No notes for control-id 1.1.2.7.1.", "props": [ @@ -7019,7 +6995,7 @@ ] }, { - "uuid": "9eeb0bc2-1b6b-4aaf-b990-95f2508ba10c", + "uuid": "8b5838f5-241c-4dd5-82df-c0635cbf1918", "control-id": "cis_rhel10_1-2.1.3", "description": "The description for control-id cis_rhel10_1-2.1.3.", "props": [ @@ -7032,7 +7008,7 @@ ] }, { - "uuid": "25973778-8247-4097-84a2-48b4ea27484b", + "uuid": "70fe7141-4312-465f-8bf7-22845e3dd2cc", "control-id": "cis_rhel10_1-2.1.5", "description": "No notes for control-id 1.2.1.5.", "props": [ @@ -7049,7 +7025,7 @@ ] }, { - "uuid": "1a075dba-7979-4697-9457-d9482d89e4c7", + "uuid": "f8b75abf-768f-4aef-b0ee-8edacde771d7", "control-id": "cis_rhel10_1-3.1.5", "description": "No notes for control-id 1.3.1.5.", "props": [ @@ -7066,7 +7042,7 @@ ] }, { - "uuid": "b1c61839-5a77-4b47-aea0-eccc2c12483e", + "uuid": "d50432d7-48d2-425a-a772-e9378e579938", "control-id": "cis_rhel10_1-3.1.6", "description": "The description for control-id cis_rhel10_1-3.1.6.", "props": [ @@ -7079,7 +7055,7 @@ ] }, { - "uuid": "d3e20480-d74a-4782-ad2f-2aa3332f85e3", + "uuid": "b44f1d4a-6873-4c08-b880-dee247742d3a", "control-id": "cis_rhel10_1-5.3", "description": "No notes for control-id 1.5.3.", "props": [ @@ -7096,7 +7072,7 @@ ] }, { - "uuid": "40e79094-b239-4f81-8057-0bf5aa13aede", + "uuid": "99b95b18-9ae7-4fbb-9edd-d3d76b1d0b73", "control-id": "cis_rhel10_1-8.6", "description": "No notes for control-id 1.8.6.", "props": [ @@ -7113,7 +7089,7 @@ ] }, { - "uuid": "648a66d0-c246-46ae-8110-ebb0b8881c96", + "uuid": "4facf7bf-cb20-422f-a939-608417396a1d", "control-id": "cis_rhel10_2-1.3", "description": "No notes for control-id 2.1.3.", "props": [ @@ -7130,7 +7106,7 @@ ] }, { - "uuid": "be2f29fe-84ad-4de8-bf79-6a49f64c6f25", + "uuid": "9f8db744-4cba-404c-b7fc-31d7bc6f98cf", "control-id": "cis_rhel10_2-1.19", "description": "No notes for control-id 2.1.19.", "props": [ @@ -7147,7 +7123,7 @@ ] }, { - "uuid": "a4ee8b99-2429-476c-84a4-839ce32ac852", + "uuid": "a57333ce-15e6-4e29-a462-8fed0a08e68b", "control-id": "cis_rhel10_2-1.20", "description": "No notes for control-id 2.1.20.", "props": [ @@ -7164,7 +7140,7 @@ ] }, { - "uuid": "3264ca19-e69b-4c2d-b55b-02f9679ee625", + "uuid": "c3214cce-fb8c-4786-b70a-639c4f699655", "control-id": "cis_rhel10_2-2.2", "description": "No notes for control-id 2.2.2.", "props": [ @@ -7181,7 +7157,7 @@ ] }, { - "uuid": "163c241b-a780-4dbc-8a46-457d53ce7aa1", + "uuid": "941db62c-01e0-4603-8123-5b7d1b83bbf6", "control-id": "cis_rhel10_3-3.1.1", "description": "No notes for control-id 3.3.1.1.", "props": [ @@ -7198,7 +7174,7 @@ ] }, { - "uuid": "ba40f570-4316-49d5-8c60-a787548c3e07", + "uuid": "d22d0804-a2cd-4472-922f-be21e9b8bb32", "control-id": "cis_rhel10_5-1.8", "description": "No notes for control-id 5.1.8.", "props": [ @@ -7215,7 +7191,7 @@ ] }, { - "uuid": "6c5b81a0-5486-4c35-9fb0-37c8a0f793f9", + "uuid": "6faf4968-807a-40a0-a0e7-f55ef7e12dca", "control-id": "cis_rhel10_5-1.9", "description": "No notes for control-id 5.1.9.", "props": [ @@ -7232,7 +7208,7 @@ ] }, { - "uuid": "f6daf154-429c-4cbe-9ff6-ecc27414c5e6", + "uuid": "31170ecb-6d61-434a-8689-7d3b54c751f4", "control-id": "cis_rhel10_5-2.4", "description": "No notes for control-id 5.2.4.", "props": [ @@ -7249,7 +7225,7 @@ ] }, { - "uuid": "f9a198cc-fd04-4f7e-9645-c1525aa9cafb", + "uuid": "5a571931-82a3-45ab-98dd-6ae53a2e8179", "control-id": "cis_rhel10_5-3.2.1.3", "description": "No notes for control-id 5.3.2.1.3.", "props": [ @@ -7266,7 +7242,7 @@ ] }, { - "uuid": "d2faf37c-2705-41cb-9d4b-c7fcffdd9887", + "uuid": "455a4854-5d47-4e5f-a37c-84c78c893ad8", "control-id": "cis_rhel10_5-4.1.2", "description": "No notes for control-id 5.4.1.2.", "props": [ @@ -7288,7 +7264,7 @@ ] }, { - "uuid": "8156dd40-a3ff-411f-a8ff-df82dd0864ae", + "uuid": "42e088ae-4790-4ccc-aa63-1d2033c4e114", "control-id": "cis_rhel10_5-4.3.1", "description": "No notes for control-id 5.4.3.1.", "props": [ @@ -7305,7 +7281,7 @@ ] }, { - "uuid": "9118f619-e027-484f-ad1b-e72978fc0b39", + "uuid": "d2dab19a-82bb-45a7-97c6-6cffce1376f3", "control-id": "cis_rhel10_6-3.1.1", "description": "No notes for control-id 6.3.1.1.", "props": [ @@ -7327,7 +7303,7 @@ ] }, { - "uuid": "59b0a617-f265-4d09-ac7e-7171c0648179", + "uuid": "b890c2ae-bd26-4374-98e3-e8a5dd0b437b", "control-id": "cis_rhel10_6-3.1.2", "description": "No notes for control-id 6.3.1.2.", "props": [ @@ -7344,7 +7320,7 @@ ] }, { - "uuid": "11ee246c-5389-426d-94d6-1ed25f3774ef", + "uuid": "f1e677fb-4dd1-4e28-9bc5-83b41aefe170", "control-id": "cis_rhel10_6-3.1.3", "description": "No notes for control-id 6.3.1.3.", "props": [ @@ -7361,7 +7337,7 @@ ] }, { - "uuid": "c58c7f29-cfab-41e8-a54a-e6bda76c85f1", + "uuid": "09a827c7-c7ef-490d-849a-881900b2570c", "control-id": "cis_rhel10_6-3.1.4", "description": "No notes for control-id 6.3.1.4.", "props": [ @@ -7378,7 +7354,7 @@ ] }, { - "uuid": "5fbc36fc-73b2-47a5-9310-6399d3d6e254", + "uuid": "0576e0ef-9901-43a3-82f0-09e8e751c973", "control-id": "cis_rhel10_6-3.2.1", "description": "No notes for control-id 6.3.2.1.", "props": [ @@ -7395,7 +7371,7 @@ ] }, { - "uuid": "ccf80745-94d3-4755-8f8d-4f19f627951b", + "uuid": "fa5a648e-1514-4148-9b5b-ca62ca2eb1c9", "control-id": "cis_rhel10_6-3.2.2", "description": "No notes for control-id 6.3.2.2.", "props": [ @@ -7412,7 +7388,7 @@ ] }, { - "uuid": "324737a7-2fcf-44c3-9cba-628acc4d522b", + "uuid": "acfdf550-1ee8-4f5d-8bab-9b69f7100781", "control-id": "cis_rhel10_6-3.2.3", "description": "No notes for control-id 6.3.2.3.", "props": [ @@ -7434,7 +7410,7 @@ ] }, { - "uuid": "3ba5b075-3afa-44aa-842c-641f583845e2", + "uuid": "b6b48caf-f9af-4d7f-8a6f-dfb7839718e4", "control-id": "cis_rhel10_6-3.2.4", "description": "No notes for control-id 6.3.2.4.", "props": [ @@ -7456,7 +7432,7 @@ ] }, { - "uuid": "bd1ae7a3-3f17-4ef7-a2fc-80d15b81908a", + "uuid": "716f37a9-3db9-4850-84b6-8abf8b749c63", "control-id": "cis_rhel10_6-3.3.1", "description": "No notes for control-id 6.3.3.1.", "props": [ @@ -7473,7 +7449,7 @@ ] }, { - "uuid": "3e7e1917-227f-4bd3-b884-d18add076879", + "uuid": "0240d9ab-1b55-4775-acb9-aff6a033bbb5", "control-id": "cis_rhel10_6-3.3.2", "description": "No notes for control-id 6.3.3.2.", "props": [ @@ -7490,7 +7466,7 @@ ] }, { - "uuid": "654b20d6-0c98-4fda-a7a2-22c1de3c95e5", + "uuid": "385902d2-f754-4c03-a98b-ec6cac6fb9f4", "control-id": "cis_rhel10_6-3.3.3", "description": "No notes for control-id 6.3.3.3.", "props": [ @@ -7507,7 +7483,7 @@ ] }, { - "uuid": "45fbe780-bc4d-4460-b305-a9fa6ac2ac5c", + "uuid": "7651f519-5347-49af-9ed9-4ac36a6af9d4", "control-id": "cis_rhel10_6-3.3.4", "description": "No notes for control-id 6.3.3.4.", "props": [ @@ -7539,7 +7515,7 @@ ] }, { - "uuid": "5d57f263-9874-4f42-b146-c168c8eb125d", + "uuid": "27b93fe6-0d02-497f-8f58-1e2fa50ead32", "control-id": "cis_rhel10_6-3.3.5", "description": "No notes for control-id 6.3.3.5.", "props": [ @@ -7561,7 +7537,7 @@ ] }, { - "uuid": "8b38e2cb-bc63-4ccb-90c5-d61b9b3e0f07", + "uuid": "454a1442-359d-49e5-8b27-2c946479d666", "control-id": "cis_rhel10_6-3.3.6", "description": "No notes for control-id 6.3.3.6.", "props": [ @@ -7583,7 +7559,7 @@ ] }, { - "uuid": "92ff4f3d-a2a8-4bc0-a3ab-968d8a766947", + "uuid": "f298990f-3d12-4c10-890e-e3488e3589a9", "control-id": "cis_rhel10_6-3.3.7", "description": "No notes for control-id 6.3.3.7.", "props": [ @@ -7605,7 +7581,7 @@ ] }, { - "uuid": "03c2fd87-ac88-43ac-a024-7bdfd36db5bb", + "uuid": "0f2b88e9-0c98-48d8-976c-4beb7aa8d0f4", "control-id": "cis_rhel10_6-3.3.8", "description": "No notes for control-id 6.3.3.8.", "props": [ @@ -7627,7 +7603,7 @@ ] }, { - "uuid": "3532800d-9f78-4c89-89a3-7ccda449bbdd", + "uuid": "13cdff3d-c9a1-41a4-95cc-9c2fb696440c", "control-id": "cis_rhel10_6-3.3.9", "description": "No notes for control-id 6.3.3.9.", "props": [ @@ -7644,7 +7620,7 @@ ] }, { - "uuid": "7bdc67cd-7551-4e6c-8bf8-e34d3a7cc4a2", + "uuid": "d880730d-2d31-4774-bb8a-e8ca05f38ba4", "control-id": "cis_rhel10_6-3.3.10", "description": "No notes for control-id 6.3.3.10.", "props": [ @@ -7661,7 +7637,7 @@ ] }, { - "uuid": "e4539beb-4f2e-4ab4-84d8-ede618310fc6", + "uuid": "0159ae7a-4a9f-46a8-b1c6-493bdf1076b4", "control-id": "cis_rhel10_6-3.3.11", "description": "No notes for control-id 6.3.3.11.", "props": [ @@ -7698,7 +7674,7 @@ ] }, { - "uuid": "839bfece-7177-480a-b1f0-6d0b2522fa78", + "uuid": "1f7bc8d8-feda-4639-ac91-9ed9550407a2", "control-id": "cis_rhel10_6-3.3.12", "description": "No notes for control-id 6.3.3.12.", "props": [ @@ -7715,7 +7691,7 @@ ] }, { - "uuid": "2386ea60-86e5-4370-bcd8-29f82a4e3275", + "uuid": "7628f543-4b2a-4ee5-8480-5fb834bc98b4", "control-id": "cis_rhel10_6-3.3.13", "description": "No notes for control-id 6.3.3.13.", "props": [ @@ -7732,7 +7708,7 @@ ] }, { - "uuid": "71fd6fd0-ae7c-4e3f-b355-667d81f6ab5a", + "uuid": "40d9eaac-26c7-47f5-beee-0583d14050a9", "control-id": "cis_rhel10_6-3.3.14", "description": "No notes for control-id 6.3.3.14.", "props": [ @@ -7754,7 +7730,7 @@ ] }, { - "uuid": "ff4f5c29-dc2d-4769-9541-4c88815c718d", + "uuid": "aa9aac2d-e021-4259-b4a9-0ac273a19d5d", "control-id": "cis_rhel10_6-3.3.15", "description": "No notes for control-id 6.3.3.15.", "props": [ @@ -7771,7 +7747,7 @@ ] }, { - "uuid": "4b0be3c4-81ab-42e7-ad9d-4f860ba31223", + "uuid": "e55809d2-e800-452f-98a2-8043b8bb0a35", "control-id": "cis_rhel10_6-3.3.16", "description": "No notes for control-id 6.3.3.16.", "props": [ @@ -7788,7 +7764,7 @@ ] }, { - "uuid": "2a3cb5e1-45bd-4c21-aec7-44033dcaa8e1", + "uuid": "40bc582d-ab28-4d8e-a7b5-ac5921924e74", "control-id": "cis_rhel10_6-3.3.17", "description": "No notes for control-id 6.3.3.17.", "props": [ @@ -7810,7 +7786,7 @@ ] }, { - "uuid": "a8204588-ecbf-48da-9b88-a7a80b64475a", + "uuid": "9cefb3df-b401-4446-ad9e-fbb19594dc48", "control-id": "cis_rhel10_6-3.3.18", "description": "No notes for control-id 6.3.3.18.", "props": [ @@ -7842,7 +7818,7 @@ ] }, { - "uuid": "b9745d75-b8c4-4898-98b8-cba2291ec5f3", + "uuid": "c3f9d58c-62ce-43e8-9cef-09727791eaba", "control-id": "cis_rhel10_6-3.3.19", "description": "No notes for control-id 6.3.3.19.", "props": [ @@ -7874,7 +7850,7 @@ ] }, { - "uuid": "509bff24-30e0-4b79-af5a-e6da3385459b", + "uuid": "3c6fb6b5-ab29-43be-a1d3-99c588a86fa5", "control-id": "cis_rhel10_6-3.3.20", "description": "No notes for control-id 6.3.3.20.", "props": [ @@ -7916,7 +7892,7 @@ ] }, { - "uuid": "2d46ccf8-5190-4ea2-bd11-fe05617193d1", + "uuid": "6312e884-62ce-454c-a49f-f08d9d9097c4", "control-id": "cis_rhel10_6-3.3.21", "description": "No notes for control-id 6.3.3.21.", "props": [ @@ -7933,7 +7909,7 @@ ] }, { - "uuid": "8f5e3cb4-4828-40bb-b726-b40b8dc2ec8f", + "uuid": "830a3ac0-763c-49fe-b3a7-c3fffb1da1a4", "control-id": "cis_rhel10_6-3.3.22", "description": "No notes for control-id 6.3.3.22.", "props": [ @@ -7960,7 +7936,7 @@ ] }, { - "uuid": "5838cd91-c335-4177-a87b-348c5050208e", + "uuid": "854a39b7-7158-4be1-9417-4c791f4e322a", "control-id": "cis_rhel10_6-3.3.23", "description": "No notes for control-id 6.3.3.23.", "props": [ @@ -7982,7 +7958,7 @@ ] }, { - "uuid": "13d526bd-6143-4cc3-b076-0c809983e917", + "uuid": "b2298f40-b35e-4765-b837-8e5a99e6f401", "control-id": "cis_rhel10_6-3.3.24", "description": "No notes for control-id 6.3.3.24.", "props": [ @@ -8004,7 +7980,7 @@ ] }, { - "uuid": "02907321-c6a5-481c-a83d-6f719312ed83", + "uuid": "c12deaa3-22f5-4304-9af4-eae9484b830c", "control-id": "cis_rhel10_6-3.3.25", "description": "No notes for control-id 6.3.3.25.", "props": [ @@ -8031,7 +8007,7 @@ ] }, { - "uuid": "7725dd8f-4715-4cb5-b315-e57e8fe8141a", + "uuid": "00c9d83f-6699-4626-8bed-a988439031db", "control-id": "cis_rhel10_6-3.3.26", "description": "No notes for control-id 6.3.3.26.", "props": [ @@ -8053,7 +8029,7 @@ ] }, { - "uuid": "23b4bb48-9f30-4316-9fc9-f19f9e7c60f7", + "uuid": "7e8173b0-80d5-4da4-af8e-c32618ba74b2", "control-id": "cis_rhel10_6-3.3.27", "description": "No notes for control-id 6.3.3.27.", "props": [ @@ -8070,7 +8046,7 @@ ] }, { - "uuid": "9339e356-e4dc-4e66-a497-a75ea36cd802", + "uuid": "33d04045-9cdc-4f75-b060-08ba4032b62d", "control-id": "cis_rhel10_6-3.3.28", "description": "No notes for control-id 6.3.3.28.", "props": [ @@ -8087,7 +8063,7 @@ ] }, { - "uuid": "b4c4fd74-f828-4f5e-b9de-e31293cde9dc", + "uuid": "1ddeab0f-420e-45a7-9620-bc5ca8010433", "control-id": "cis_rhel10_6-3.3.29", "description": "No notes for control-id 6.3.3.29.", "props": [ @@ -8104,7 +8080,7 @@ ] }, { - "uuid": "884afd79-4653-44a2-8d85-874dc078eb97", + "uuid": "c250836b-31af-490d-aac9-160f1c7d1c60", "control-id": "cis_rhel10_6-3.3.30", "description": "No notes for control-id 6.3.3.30.", "props": [ @@ -8121,7 +8097,7 @@ ] }, { - "uuid": "985cc5d3-5511-488d-8f6d-06d555e1b640", + "uuid": "af386b42-cd41-4311-87f3-a5bee07138f6", "control-id": "cis_rhel10_6-3.3.31", "description": "No notes for control-id 6.3.3.31.", "props": [ @@ -8138,7 +8114,7 @@ ] }, { - "uuid": "36f82a13-d0ca-4eb1-928f-4d7f57d5a623", + "uuid": "6c0bd2f1-0497-409a-aef7-dfb8228f6a7e", "control-id": "cis_rhel10_6-3.3.32", "description": "No notes for control-id 6.3.3.32.", "props": [ @@ -8160,7 +8136,7 @@ ] }, { - "uuid": "42361023-10e4-485d-ba13-b0f6b07a0382", + "uuid": "6006399d-2a23-449e-b115-2ae3769cae52", "control-id": "cis_rhel10_6-3.3.33", "description": "No notes for control-id 6.3.3.33.", "props": [ @@ -8177,7 +8153,7 @@ ] }, { - "uuid": "f462cdc8-a92f-4781-aaa7-cfb5812eaca1", + "uuid": "96fd2e2d-f650-49f2-bcf6-f27d963700d2", "control-id": "cis_rhel10_6-3.3.34", "description": "No notes for control-id 6.3.3.34.", "props": [ @@ -8194,7 +8170,7 @@ ] }, { - "uuid": "2268889a-94ac-483e-b876-1237e1ed3d28", + "uuid": "9167c70b-b17a-4e53-b441-a9b8f9b92aef", "control-id": "cis_rhel10_6-3.3.35", "description": "No notes for control-id 6.3.3.35.", "props": [ @@ -8211,7 +8187,7 @@ ] }, { - "uuid": "21b52178-6182-46c1-b344-b03cea420dbc", + "uuid": "2c035f2c-ca18-4606-9357-3ef002f7a981", "control-id": "cis_rhel10_6-3.3.36", "description": "No notes for control-id 6.3.3.36.", "props": [ @@ -8228,7 +8204,7 @@ ] }, { - "uuid": "a5bf2483-f85b-40be-bf92-72e0450b6e0e", + "uuid": "cc995f82-1184-4f39-b459-014b1332965f", "control-id": "cis_rhel10_6-3.3.37", "description": "The description for control-id cis_rhel10_6-3.3.37.", "props": [ @@ -8241,7 +8217,7 @@ ] }, { - "uuid": "77d5b346-ea8f-4a0c-9a38-ce8448186006", + "uuid": "b31c9e1b-fdac-42d0-9a73-2396c0c22e60", "control-id": "cis_rhel10_6-3.4.1", "description": "No notes for control-id 6.3.4.1.", "props": [ @@ -8258,7 +8234,7 @@ ] }, { - "uuid": "64880293-ca5b-4298-aa66-3b1b71c4d441", + "uuid": "07771178-ce68-451a-ae63-81ec6f329497", "control-id": "cis_rhel10_6-3.4.2", "description": "No notes for control-id 6.3.4.2.", "props": [ @@ -8275,7 +8251,7 @@ ] }, { - "uuid": "d1bc42e9-598c-4e54-8a72-7285a9e813cb", + "uuid": "f9affe74-6045-4184-8a98-5ac8feba589c", "control-id": "cis_rhel10_6-3.4.3", "description": "No notes for control-id 6.3.4.3.", "props": [ @@ -8292,7 +8268,7 @@ ] }, { - "uuid": "487eb87a-2f04-416f-b27a-958286c2702c", + "uuid": "5f2f8314-184e-48a0-b943-4ee03d497719", "control-id": "cis_rhel10_6-3.4.4", "description": "No notes for control-id 6.3.4.4.", "props": [ @@ -8309,7 +8285,7 @@ ] }, { - "uuid": "80cc660b-442c-4168-a1ee-72a028d62082", + "uuid": "163d10d0-f335-42a9-a196-d1e699403db1", "control-id": "cis_rhel10_6-3.4.5", "description": "No notes for control-id 6.3.4.5.", "props": [ @@ -8326,7 +8302,7 @@ ] }, { - "uuid": "2c690971-1f0c-452c-af7e-f949ad66a093", + "uuid": "26e72ce8-e7d2-46d4-9c6d-be85915fefb9", "control-id": "cis_rhel10_6-3.4.6", "description": "No notes for control-id 6.3.4.6.", "props": [ @@ -8343,7 +8319,7 @@ ] }, { - "uuid": "9e107b25-7a28-4e0b-a219-3d54e1d9a185", + "uuid": "1b589d22-6652-4019-9739-c50bcecfd263", "control-id": "cis_rhel10_6-3.4.7", "description": "No notes for control-id 6.3.4.7.", "props": [ @@ -8360,7 +8336,7 @@ ] }, { - "uuid": "107cd39a-d6b0-4e4c-95d3-f15961c8f9cd", + "uuid": "7a652790-f6ff-4b79-9297-557dd7475ddd", "control-id": "cis_rhel10_6-3.4.8", "description": "No notes for control-id 6.3.4.8.", "props": [ @@ -8377,7 +8353,7 @@ ] }, { - "uuid": "d031a6ee-1e1d-4add-9309-c43fed9107a5", + "uuid": "1722cece-1652-40ba-832e-703ea7c09890", "control-id": "cis_rhel10_6-3.4.9", "description": "No notes for control-id 6.3.4.9.", "props": [ @@ -8394,7 +8370,7 @@ ] }, { - "uuid": "8bfdae3b-edfa-44f2-8fb6-94da1af27f4d", + "uuid": "399424b7-097e-4a42-9ee6-ce7fb89f76ab", "control-id": "cis_rhel10_6-3.4.10", "description": "No notes for control-id 6.3.4.10.", "props": [ @@ -8411,7 +8387,7 @@ ] }, { - "uuid": "ec72dd54-79ad-436d-a86b-026dd37b04e2", + "uuid": "b10cf50c-520d-444e-ad32-2aa77743e492", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -8428,7 +8404,7 @@ ] }, { - "uuid": "087cd9dc-7460-4cea-9bd9-8830aecf8690", + "uuid": "51adfbfd-75de-4d48-bcf1-a74b5242d15a", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -8445,7 +8421,7 @@ ] }, { - "uuid": "2b83adbd-6a98-4f73-b4d2-69ecbfaf1389", + "uuid": "b13e56d6-80a3-4450-b6ca-798e112fc7cb", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -8462,7 +8438,7 @@ ] }, { - "uuid": "ac3b30d4-f090-4e3c-9d0c-3288cd64f5a6", + "uuid": "8b8cd2e5-4a69-4a2d-a6b8-3de06597691f", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -8479,7 +8455,7 @@ ] }, { - "uuid": "e0309c5b-4fe5-4a4a-bbfe-00f39b3b2b12", + "uuid": "49e2d7ef-dde9-43bd-9035-4a0b892368a3", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -8496,7 +8472,7 @@ ] }, { - "uuid": "cda022e6-ba41-4c68-be42-d6eaf6d07dab", + "uuid": "30827078-a466-4d12-a463-b554fbe91e8b", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -8513,7 +8489,7 @@ ] }, { - "uuid": "1acfb59b-57c3-44b6-99c1-a6f1a5eebfc8", + "uuid": "d5dabdb5-91b7-45da-aa80-ec5afbf48f27", "control-id": "cis_rhel10_1-1.1.9", "description": "No notes for control-id 1.1.1.9.", "props": [ @@ -8530,7 +8506,7 @@ ] }, { - "uuid": "f15d00eb-64ab-44ee-9fd4-984da398e0cf", + "uuid": "746ba73f-cf6c-4920-ba0c-a47b58c75e58", "control-id": "cis_rhel10_1-1.1.10", "description": "No notes for control-id 1.1.1.10.", "props": [ @@ -8547,7 +8523,7 @@ ] }, { - "uuid": "b224770c-60a8-42f2-866d-4e64c669ce61", + "uuid": "48c8e8f7-4cd9-4711-b460-611ef84b6a9a", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -8560,7 +8536,7 @@ ] }, { - "uuid": "340f4653-bdac-4ba9-b115-db1b9038620f", + "uuid": "15f814aa-ce8d-4ccf-905e-8a2b301e095e", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -8577,7 +8553,7 @@ ] }, { - "uuid": "45e9bc3d-946c-4199-b1ed-a038037b1b0f", + "uuid": "3cc9e540-f6e2-4633-8c76-cdad2fb76aa6", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -8594,7 +8570,7 @@ ] }, { - "uuid": "0ac37e63-20f7-4329-9820-c1b8f9a222df", + "uuid": "2cdb8e39-e101-4e6d-bfd8-2081b64d867e", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -8611,7 +8587,7 @@ ] }, { - "uuid": "155a03c4-4ea4-4884-ae1a-d5ff096e4bea", + "uuid": "ca7f1779-de42-4ee4-a819-e83e3c5f0bc9", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -8628,7 +8604,7 @@ ] }, { - "uuid": "d710525e-821e-46ca-91b5-3d431a2d6e45", + "uuid": "1f267e63-b97a-40b3-9dcb-238bac6d9b83", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -8645,7 +8621,7 @@ ] }, { - "uuid": "fd1c04bc-887f-476d-8da7-67fea6be7725", + "uuid": "4c3c7bf3-0d1d-4452-909e-9a4635f7c5ec", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -8662,7 +8638,7 @@ ] }, { - "uuid": "4016f546-8c23-4a53-b8b9-059580766d8b", + "uuid": "5e2e37fb-2bfd-4759-8870-a87edec12f3f", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -8679,7 +8655,7 @@ ] }, { - "uuid": "0e9b81e8-7e05-4d7d-9f25-085422b7ca09", + "uuid": "71adc202-a46f-48b5-9b69-5c10593dc802", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -8696,7 +8672,7 @@ ] }, { - "uuid": "b32e83c7-9147-4144-b582-665f9a11561e", + "uuid": "8b056747-0643-48a8-9ea4-68b613494b6d", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -8713,7 +8689,7 @@ ] }, { - "uuid": "82b4a16a-2e3d-4aa2-8227-4abac8a9a4be", + "uuid": "2d01998e-0f8c-4c0f-b4fc-60ae704b46d7", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -8730,7 +8706,7 @@ ] }, { - "uuid": "72b8e263-5d32-4679-a68b-350a698d0230", + "uuid": "f32c16e6-ee42-47b7-a522-ca1cce9be1d2", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -8747,7 +8723,7 @@ ] }, { - "uuid": "dfb7ca2c-78c3-45f3-9b5c-e5908989e4a6", + "uuid": "cc64b6e1-3258-436c-9b90-77ffd4927d21", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -8764,7 +8740,7 @@ ] }, { - "uuid": "b6ffdd1c-9313-42b2-bee9-b3e7f94e343a", + "uuid": "a00c7d6c-f1d5-4127-825f-59525732f64a", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -8781,7 +8757,7 @@ ] }, { - "uuid": "fe397e6f-35f8-4aa2-9840-ed87623799b4", + "uuid": "a8cbe763-15b0-4d79-9886-8422ad2a0946", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -8798,7 +8774,7 @@ ] }, { - "uuid": "666fd9e2-4ca8-4bc1-a48a-87bfa7b1bebd", + "uuid": "9f47090e-1ff0-496e-9f13-838e7fda34e5", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -8815,7 +8791,7 @@ ] }, { - "uuid": "0ba3812c-193a-41d0-a537-35e0762805ff", + "uuid": "0f84a792-3f6c-445d-84d1-dd9510a8c0cb", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -8832,7 +8808,7 @@ ] }, { - "uuid": "5a718a51-6ff1-4b45-ab4c-9308aa628f99", + "uuid": "d180a3c6-154e-4ab3-8a7f-5d7ef3b799d2", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -8849,7 +8825,7 @@ ] }, { - "uuid": "cd7d704d-3619-4c30-a08f-2d780c66ca7f", + "uuid": "e1202bd9-ce31-4538-9e69-4e371bd094cb", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -8866,7 +8842,7 @@ ] }, { - "uuid": "bd066cb4-9e9c-4773-b4c9-63da7383a12d", + "uuid": "2e2d6f84-196e-4068-8835-d8b990346e7c", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -8883,7 +8859,7 @@ ] }, { - "uuid": "fb8b1604-9582-4f0c-80ad-3281e1b80ad9", + "uuid": "35bee545-06b1-421c-9681-483ad7b65ff2", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -8900,7 +8876,7 @@ ] }, { - "uuid": "b4aca79f-1abd-498a-a378-0bc5f3607588", + "uuid": "2d554004-e8d6-49e6-9662-fa61e2fb64a0", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -8917,7 +8893,7 @@ ] }, { - "uuid": "01042e80-d731-4135-b891-087dac3a2356", + "uuid": "f965f343-b9b0-4996-af47-b2c746530bc7", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -8930,7 +8906,7 @@ ] }, { - "uuid": "04d3f5be-8b45-4bff-858f-79d37acca83b", + "uuid": "0fd49fb3-8634-4475-8a05-8b8657410abd", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -8947,7 +8923,7 @@ ] }, { - "uuid": "fc790e89-f9ec-45b0-8c80-04f34ccf7901", + "uuid": "3f4d1266-6acb-468d-a771-7520c83ce0a4", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -8960,7 +8936,7 @@ ] }, { - "uuid": "8ac05e6c-a7c8-4424-94a2-cbebfe17cffa", + "uuid": "d75a3848-f890-4b7d-aca8-7568591db5de", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -8973,7 +8949,7 @@ ] }, { - "uuid": "34b78005-bbcb-47fa-bd50-f5a372bd9f2a", + "uuid": "5a094e94-4e5e-4b04-b023-fed6a96bee78", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -8990,7 +8966,7 @@ ] }, { - "uuid": "48291d75-88a5-4a3e-9e9d-ec7b3b4ac882", + "uuid": "4da7a24e-5d39-4440-b828-268724df1c6a", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -9007,7 +8983,7 @@ ] }, { - "uuid": "ea609bdf-2466-4cd7-a348-d24969c1c27e", + "uuid": "3ebed778-d770-45e5-ab38-2fde67a5d001", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -9024,7 +9000,7 @@ ] }, { - "uuid": "47d3184f-5020-4135-8959-beaa901dd2ba", + "uuid": "6c2d32e6-81c0-42af-8e5d-b2b3d4cb6a87", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -9041,7 +9017,7 @@ ] }, { - "uuid": "7bf04605-8c3a-43e2-9d94-64854d6b255c", + "uuid": "6dbd570b-fa7f-4b93-9b88-3fb25c635aa5", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -9058,7 +9034,7 @@ ] }, { - "uuid": "5d164646-fb2b-4dc4-baa4-2f9a38e1fb34", + "uuid": "aff8bab9-8aaa-4f27-8067-569c7b3cb6cb", "control-id": "cis_rhel10_1-3.1.8", "description": "No notes for control-id 1.3.1.8.", "props": [ @@ -9075,7 +9051,7 @@ ] }, { - "uuid": "ba272c23-8cc1-4ad0-b7ce-03be5a873de9", + "uuid": "77205555-5eb3-476b-897f-5a506c6830dc", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -9092,50 +9068,34 @@ ] }, { - "uuid": "ea52f93d-6b4a-4334-b9b1-fbe4651c7dc6", + "uuid": "ac1cac8c-15d9-4f77-a0d7-21f60f807b9d", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "2feeb82a-8661-4e1f-9be9-fbcf618d7f10", + "uuid": "ceef36f8-19d0-43e8-8494-9121a383547f", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -9152,7 +9112,7 @@ ] }, { - "uuid": "a32bee64-aa78-4aac-af3a-88cea73cd209", + "uuid": "773d078a-9306-4402-ad55-1817f2dd92df", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -9169,7 +9129,7 @@ ] }, { - "uuid": "577f8a27-e2b8-41dd-8262-6d83fe143f08", + "uuid": "3216ff42-7bf5-435e-b895-5f3b1736e29a", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -9186,7 +9146,7 @@ ] }, { - "uuid": "ac0883c3-3b91-489b-8aac-1e8fd9734c79", + "uuid": "e23cbf44-f59d-493f-bf18-3cdc060c8af2", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -9203,7 +9163,7 @@ ] }, { - "uuid": "1794053c-c32e-4176-b749-b54412f10b31", + "uuid": "e99c831c-b595-4dc7-afcf-b1a42082005c", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -9220,7 +9180,7 @@ ] }, { - "uuid": "2d01b258-6db7-434e-b62f-08beebd4b6c5", + "uuid": "ef22d12f-f469-41f4-9296-933fca785b80", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -9237,7 +9197,7 @@ ] }, { - "uuid": "4b343785-90f9-4992-9f99-71fa762ff92e", + "uuid": "ebee0cba-9f51-4002-92ee-b35fa32878ed", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -9254,7 +9214,7 @@ ] }, { - "uuid": "7620a750-2726-4155-8d27-2e45c6b3bc0b", + "uuid": "ff256aab-a5f9-422b-8d1e-789148e6c263", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -9271,7 +9231,7 @@ ] }, { - "uuid": "dc313cbb-87dd-457c-9ad1-4bc621f0fde5", + "uuid": "a52e3ae2-c4d5-43eb-8f1f-a71f145744a7", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -9288,7 +9248,7 @@ ] }, { - "uuid": "bde130dd-89e7-405a-881b-8ac8ded9c23b", + "uuid": "557f4a97-7b34-4291-b2ae-ff780ee7f532", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -9305,7 +9265,7 @@ ] }, { - "uuid": "ff60fb3f-c37a-4869-9413-9b07c280d91d", + "uuid": "f11261cc-5527-4c3f-bb69-6b32abaf5142", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -9322,7 +9282,7 @@ ] }, { - "uuid": "88b97659-b4d1-413f-b4c2-03a807677fa4", + "uuid": "5d299712-e7c3-44b6-b72d-584400b8c204", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -9339,7 +9299,7 @@ ] }, { - "uuid": "af682449-0ff9-44bb-ba21-86c47993a878", + "uuid": "7b61c8cb-3742-4d5f-acb9-4d5ba741a546", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -9356,7 +9316,7 @@ ] }, { - "uuid": "c22a34a3-3173-4bb0-ae0b-91a5aadd1de4", + "uuid": "9d4d6140-a415-4e1d-9fac-b9c94bd92679", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -9373,7 +9333,7 @@ ] }, { - "uuid": "54b9ee06-7c19-4223-ae22-4cca5ffcda4c", + "uuid": "205e146b-4377-4d31-8d15-2bcb3b7e9a7a", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -9390,7 +9350,7 @@ ] }, { - "uuid": "2254286b-cac3-4008-81d2-cd450e836a97", + "uuid": "952f87fc-b603-46b0-a4ac-fbafade30884", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -9407,7 +9367,7 @@ ] }, { - "uuid": "bf03fe3a-22ad-46e7-8669-e8fae2c7bf1f", + "uuid": "9a579381-9e17-47a9-9447-ef4d5281c008", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -9434,7 +9394,7 @@ ] }, { - "uuid": "0e06a505-4bb5-4ed4-9d26-71ba18b9934e", + "uuid": "65b64c82-849a-48ea-81b3-c9f7beb3ebb8", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -9461,7 +9421,7 @@ ] }, { - "uuid": "4e103579-446f-42b0-9539-dab4458e7bd8", + "uuid": "962c4927-45c9-477d-b94e-c14e91044148", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -9488,7 +9448,7 @@ ] }, { - "uuid": "da62bb38-127b-4c11-aef2-58a6725b4965", + "uuid": "636f1aab-521d-4cc5-b33e-cde899a47f50", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -9510,7 +9470,7 @@ ] }, { - "uuid": "b738c606-3de0-4bcb-9924-24de1fb507a5", + "uuid": "b68ed1aa-54a3-4f91-bf67-d5a879c0bf17", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -9527,7 +9487,7 @@ ] }, { - "uuid": "226ba9ac-9f2f-4043-a2dd-9c4e4e9cf172", + "uuid": "f3bad06b-2906-4114-be18-704b60dce371", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -9559,7 +9519,7 @@ ] }, { - "uuid": "3ef2bceb-6d13-4467-a42a-c698e7408b3e", + "uuid": "86ee765e-e6c8-4af0-ae66-5d79448217fd", "control-id": "cis_rhel10_1-8.4", "description": "No notes for control-id 1.8.4.", "props": [ @@ -9581,7 +9541,7 @@ ] }, { - "uuid": "b4a409f0-bf7b-45ca-881f-cf4e7c856670", + "uuid": "e5daffbe-f919-4dfd-8c8b-9cb0bf16476f", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -9598,7 +9558,7 @@ ] }, { - "uuid": "07e754d9-497b-4d7c-9e28-f47774b473ef", + "uuid": "0d9207ed-c76f-42cf-9ad7-d446c51b459e", "control-id": "cis_rhel10_2-1.1", "description": "No notes for control-id 2.1.1.", "props": [ @@ -9615,7 +9575,7 @@ ] }, { - "uuid": "62153bcd-093d-49a2-883e-02a4a8cf7f5a", + "uuid": "3171e137-6f4a-405f-ac5b-1007d8d9c305", "control-id": "cis_rhel10_2-1.2", "description": "No notes for control-id 2.1.2.", "props": [ @@ -9632,7 +9592,7 @@ ] }, { - "uuid": "46c920d2-13a7-4c90-b0ed-f38227ab5aea", + "uuid": "d5bd709e-0e69-417a-a137-41ddf75b2bc4", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -9649,7 +9609,7 @@ ] }, { - "uuid": "87429fea-7844-4f27-abc3-83f52bd49ef9", + "uuid": "4a9eff2e-75dd-4ae0-b458-2f7bb2891309", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -9666,7 +9626,7 @@ ] }, { - "uuid": "56e09e25-c16b-4326-80ed-7cb1e3e280fd", + "uuid": "b6862c7e-1abd-4e92-85dd-a9825402c23f", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -9683,7 +9643,7 @@ ] }, { - "uuid": "6ac286d6-ef97-40be-bce8-48e69e55ddc4", + "uuid": "f4592fbf-a4cf-4872-9bba-ac8ed6f0b16e", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -9700,7 +9660,7 @@ ] }, { - "uuid": "20df4dad-677a-4303-a84a-376762623419", + "uuid": "6b315176-3e68-421d-895a-687a4ff23910", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -9722,7 +9682,7 @@ ] }, { - "uuid": "c6a4775b-378e-4c17-98b7-9a7a4fa21bcf", + "uuid": "4b24a50b-f125-46e5-a4ae-e675c0d8c96c", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -9739,7 +9699,7 @@ ] }, { - "uuid": "9827336d-57d0-4c6a-821d-28ba92194817", + "uuid": "e77dfaa7-a2df-4702-800c-b1a261e04630", "control-id": "cis_rhel10_2-1.10", "description": "No notes for control-id 2.1.10.", "props": [ @@ -9756,7 +9716,7 @@ ] }, { - "uuid": "52c5f026-5562-4ec2-a00c-99cad69395a2", + "uuid": "54c6954b-1fda-4237-8532-2af1d4f3c164", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -9773,7 +9733,7 @@ ] }, { - "uuid": "d6a46cac-38e6-4ee8-96ca-8634ad7fe0c4", + "uuid": "1e731b75-cff2-4a43-af86-cb43ea232ce6", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -9790,7 +9750,7 @@ ] }, { - "uuid": "65ec810d-cffe-473f-a51b-2503cacc8db7", + "uuid": "a1a9482e-42c2-41ca-9325-dfd26dd42bf4", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -9807,7 +9767,7 @@ ] }, { - "uuid": "d24bc1dd-0b0c-4ec9-ae2d-173097d0d8db", + "uuid": "e3858076-8043-4698-9754-2a1f3f36e7d9", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -9824,7 +9784,7 @@ ] }, { - "uuid": "d5b82e92-91fa-4a7d-b85a-5f964b6683b5", + "uuid": "eb4d28a3-db17-4ad2-9789-2d22f1117d53", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -9841,7 +9801,7 @@ ] }, { - "uuid": "b9ece650-4b62-470d-8a76-43eee90ba1ec", + "uuid": "22a7d95d-aa0b-42b2-a9ad-1f48929dffd4", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -9858,7 +9818,7 @@ ] }, { - "uuid": "86da9e8a-c547-4249-86cb-e52810d45479", + "uuid": "f62f9837-7bb1-411e-b058-2075e567c4a9", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -9875,7 +9835,7 @@ ] }, { - "uuid": "68b69deb-c500-49a9-a158-1caf99cb0562", + "uuid": "25bdd6ce-7c01-46b7-ae7d-6e7c0583253d", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -9897,7 +9857,7 @@ ] }, { - "uuid": "3ae93e2a-c1cd-4972-9e5c-eba767aeef63", + "uuid": "d1f8deea-cc7d-4334-abdf-cfd89e38133c", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -9919,7 +9879,7 @@ ] }, { - "uuid": "7584abfd-835e-491d-aeba-c9ee0db83c68", + "uuid": "70229f4a-bdea-4db7-b95e-58ceedfb4169", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -9932,7 +9892,7 @@ ] }, { - "uuid": "2a6a98bd-f657-41e8-b458-94633324d6af", + "uuid": "fb378a36-d3ce-43c8-814e-4cff8e72efe2", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -9949,7 +9909,7 @@ ] }, { - "uuid": "4bc3124f-4b2b-4bf3-9225-5d38b954faa1", + "uuid": "7a07f5eb-0a09-4e47-b7fb-970d702e4d5f", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -9966,7 +9926,7 @@ ] }, { - "uuid": "c9f25d33-d339-4c3f-818b-7428d894ee69", + "uuid": "6d9ecfe3-1c21-4e30-a3df-86d21fb44180", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -9983,7 +9943,7 @@ ] }, { - "uuid": "9be93da7-2a87-40f6-a5a0-3c794f203401", + "uuid": "8d2a3ca9-c152-40f9-be4f-f6459eb4ca4f", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -9995,7 +9955,7 @@ ] }, { - "uuid": "e537e44f-b674-4df4-a6d0-e65bf0ae6178", + "uuid": "b3db28ed-d42c-40ca-aa92-bd5574fa3c34", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -10012,7 +9972,7 @@ ] }, { - "uuid": "6936ef89-dffe-417b-b284-672b03f9a3dd", + "uuid": "b2c2aa2e-c664-43c8-82ea-e15cf71ef003", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -10029,7 +9989,7 @@ ] }, { - "uuid": "a540f6e0-1a4c-415f-a975-18455371e9ef", + "uuid": "7a28e3da-b354-4b05-b01f-c0a7d1452a9f", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -10051,7 +10011,7 @@ ] }, { - "uuid": "bb4d5819-d51d-4155-97ac-f99ac2d8b5e9", + "uuid": "4354728b-689f-4620-b117-e4e87b5f2383", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -10078,7 +10038,7 @@ ] }, { - "uuid": "d4fbc031-4c2f-436a-a7cc-f089e9814930", + "uuid": "4cae070c-1dce-4a37-826f-772630109e33", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -10105,7 +10065,7 @@ ] }, { - "uuid": "72f91144-6fc9-485f-83a4-a5a569e7431b", + "uuid": "2d8a8eb0-2143-4bdf-8e51-9907c11a25f5", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -10132,7 +10092,7 @@ ] }, { - "uuid": "16506c82-9f3c-4a3c-a5e5-134d24faebe8", + "uuid": "ced4188f-b3c7-43d7-9c23-6c506c53f05f", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -10159,7 +10119,7 @@ ] }, { - "uuid": "5d885ddb-0d34-4e74-ad8f-745142e7f313", + "uuid": "db0eda7b-bd9d-426d-89cd-f278ead81c42", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -10186,7 +10146,7 @@ ] }, { - "uuid": "d6f598fe-fb69-44a2-883c-5439706dedff", + "uuid": "b2ffbdbf-8593-459d-aaca-c747d506a922", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -10213,7 +10173,7 @@ ] }, { - "uuid": "d5e01d48-e495-478d-8edf-6c6062639db2", + "uuid": "0aef7cb6-c9c8-494d-8d77-88deffda7c6c", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -10240,7 +10200,7 @@ ] }, { - "uuid": "c2494650-d069-489c-9986-88e519a32c80", + "uuid": "37ecc0b5-028b-4101-b2be-c97cc2c63e8b", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -10277,7 +10237,7 @@ ] }, { - "uuid": "d5ac6599-67ef-4641-a347-21264b31b1a9", + "uuid": "8066fe37-ddb8-4ba6-bf5a-96e381f830dd", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -10314,7 +10274,7 @@ ] }, { - "uuid": "b26a21a3-40d5-4dea-8fc5-b8e24a2c4df4", + "uuid": "36d9e2ee-70a8-429f-bbb8-1025a24a3780", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -10327,7 +10287,7 @@ ] }, { - "uuid": "ffbdf9bd-1010-4d19-91d7-6ac87dd6fd05", + "uuid": "11eab2ce-de13-49c7-9df7-996129585ecb", "control-id": "cis_rhel10_3-1.2", "description": "No notes for control-id 3.1.2.", "props": [ @@ -10344,7 +10304,7 @@ ] }, { - "uuid": "40203210-9db1-473d-bcd0-f9904506ce59", + "uuid": "b3ef4ac3-4bc2-4600-b2a3-b4f97890ab52", "control-id": "cis_rhel10_3-1.3", "description": "No notes for control-id 3.1.3.", "props": [ @@ -10361,7 +10321,7 @@ ] }, { - "uuid": "f68731ca-1a8e-45ad-810e-b2db92f79eb4", + "uuid": "774e5d77-07c6-498d-9d34-44c3f90d8de8", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -10378,7 +10338,7 @@ ] }, { - "uuid": "30b4a479-afd6-4330-afe3-86d935c9ebd5", + "uuid": "85a7d91a-5ec3-4a39-b9cb-4a8780e46a32", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -10395,7 +10355,7 @@ ] }, { - "uuid": "26af96a0-6d77-4688-97c7-488b5976e509", + "uuid": "553c97eb-7fb1-44c0-bc14-4a20de691e4f", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -10412,7 +10372,7 @@ ] }, { - "uuid": "87c31c96-212a-4073-be1a-0edba39f098e", + "uuid": "082326e8-1ac6-4374-8145-91feccfca44d", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -10429,7 +10389,7 @@ ] }, { - "uuid": "52c5554d-7c86-4031-9924-69deb5005567", + "uuid": "33bd072c-5c0b-4c4f-9e96-0a2205fa8c1b", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -10446,7 +10406,7 @@ ] }, { - "uuid": "9058fdef-2394-4f62-8645-4472523f919d", + "uuid": "60c024d0-c564-4c3e-8661-cf682725da9b", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -10463,7 +10423,7 @@ ] }, { - "uuid": "ae391a91-10fb-48e2-bc85-36129a33546a", + "uuid": "21ad0b3c-5019-455e-85ef-a13e302991a7", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -10480,7 +10440,7 @@ ] }, { - "uuid": "4f69c2fe-c28d-454a-a904-43cf2d71a30c", + "uuid": "b6d3a503-0ed1-4516-a0c0-c8019ccf61f9", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -10497,7 +10457,7 @@ ] }, { - "uuid": "66d62f4f-4257-4505-95c7-6864dabaa714", + "uuid": "62f79fb8-9105-40b9-b775-b2d8f9622dfc", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -10514,7 +10474,7 @@ ] }, { - "uuid": "dbbca925-48f8-4d9b-bb19-8587e665e387", + "uuid": "1d8af20b-829a-4ec1-b55b-fe8e0caed24e", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -10531,7 +10491,7 @@ ] }, { - "uuid": "948565b2-1fd5-43cd-8c7e-b2468cceed8b", + "uuid": "d57885c0-024c-4a95-844a-1f1f6bc398f0", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -10548,7 +10508,7 @@ ] }, { - "uuid": "a02a2772-6313-4320-9a46-6cc1882e7e1b", + "uuid": "37830fa1-53ba-49fb-ac1f-4c711be3da4a", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -10565,7 +10525,7 @@ ] }, { - "uuid": "f4651789-ec28-4b37-b4f9-9c211490aa5a", + "uuid": "6f3068ce-0248-4a6a-91fe-149b5a627443", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -10582,7 +10542,7 @@ ] }, { - "uuid": "cb4d7420-6319-48c8-aedb-9ba4d20dbd23", + "uuid": "734831dd-24ba-4baf-92c7-26d1aba49adb", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -10599,7 +10559,7 @@ ] }, { - "uuid": "62c29a51-180c-4bd2-a12b-a34f7b66c86d", + "uuid": "46a92779-d0d4-417a-8302-4c06d788c94c", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -10616,7 +10576,7 @@ ] }, { - "uuid": "16598b2a-9b67-44fc-95e3-bff5cd9df52f", + "uuid": "87ac5ef8-b235-4c1d-82b7-ea5111596cf9", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -10633,7 +10593,7 @@ ] }, { - "uuid": "95e58991-ee55-4f02-8c5d-dc0c7b2f1ed0", + "uuid": "80c71f4c-c546-49e6-88b5-344bdf572f44", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -10650,7 +10610,7 @@ ] }, { - "uuid": "0100ec9f-5964-48bb-89fb-758774792d40", + "uuid": "4f7ca359-5c5f-44f5-9231-5b4c7dab67cb", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -10667,7 +10627,7 @@ ] }, { - "uuid": "c23aa5e7-bbf1-44f9-829a-c77c74b8609c", + "uuid": "964e050c-d206-4db5-b84e-d7c1b7b8b1f1", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -10684,7 +10644,7 @@ ] }, { - "uuid": "5fcb0150-f3e3-45ec-b477-4fce5e0a5543", + "uuid": "228f5581-975a-4b83-94c5-d2f43dac28ba", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -10701,7 +10661,7 @@ ] }, { - "uuid": "100875ab-64f8-4dbd-be36-9035a44134b9", + "uuid": "f0046850-605e-45df-b218-48bce52f77b3", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -10718,7 +10678,7 @@ ] }, { - "uuid": "ee0caffd-2fa5-4bd2-89b2-6d14e03d4892", + "uuid": "d7743d36-2fc0-422c-a495-209d47564f47", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -10735,7 +10695,7 @@ ] }, { - "uuid": "ab63b42b-e581-44fc-89c4-fa4c1b8e5716", + "uuid": "59a4f775-3d08-440e-9f5a-638756aaf41c", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -10752,7 +10712,7 @@ ] }, { - "uuid": "f71d4412-7a20-4ffc-9692-83eeae672dbc", + "uuid": "b5629edb-0f99-4678-b3db-09c16f177903", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -10769,7 +10729,7 @@ ] }, { - "uuid": "90e8329e-71b7-42c6-82dc-173432a13e54", + "uuid": "5cc661f7-16ad-4740-a2d7-5f7480cc99cd", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -10786,7 +10746,7 @@ ] }, { - "uuid": "4f076c6b-428b-4e72-9dc1-99212dcdf8c3", + "uuid": "dd54379b-23e9-4d73-9bd5-993d498b72bd", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -10803,7 +10763,7 @@ ] }, { - "uuid": "1b2f6c09-9adb-4ce2-8c31-e29883ffe957", + "uuid": "5b271fa9-46f5-45c0-b812-fbb0bbea77f5", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -10820,7 +10780,7 @@ ] }, { - "uuid": "8c963cb8-c1b1-421b-81c2-25683e8551c6", + "uuid": "7a8d4ed3-4991-4256-b1bc-a33344e264c0", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -10837,7 +10797,7 @@ ] }, { - "uuid": "b8c92e1b-337e-4eb1-87d1-8d778d35bf03", + "uuid": "d3b2ff64-931d-46f8-a607-6869fb4cdbad", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -10854,7 +10814,7 @@ ] }, { - "uuid": "6077233f-9582-440a-b089-4ea2c99309d9", + "uuid": "1143bd4d-c231-4994-a4b1-6d32c2ca0958", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -10871,7 +10831,7 @@ ] }, { - "uuid": "9d250700-2099-41bf-801e-21c568dd2fb0", + "uuid": "bd00f6c6-cc9d-4c71-91c5-a116ec4ec0d9", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -10888,7 +10848,7 @@ ] }, { - "uuid": "66645de4-45d4-43f3-8cdd-4bae6c32f680", + "uuid": "463c1323-2c67-474e-b355-531f0939bcca", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -10905,7 +10865,7 @@ ] }, { - "uuid": "38c1ff4e-9e58-4a05-ac37-b84a750db36f", + "uuid": "2797e7fa-8dc9-46b4-ad9c-f4a604458c56", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -10922,7 +10882,7 @@ ] }, { - "uuid": "f53928c9-00ce-4215-ba33-ced6f6a6743a", + "uuid": "d81d8052-2608-4678-a713-7bdbdc2f234c", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -10939,7 +10899,7 @@ ] }, { - "uuid": "ff3e8b15-6fe7-44a1-860d-ba0af8cdf352", + "uuid": "9b2c298e-e0e9-4bc8-b27c-fdc733f3f08f", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -10947,12 +10907,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "2262d209-ae6f-464e-9e49-350202bbed38", + "uuid": "c9d5b8f5-c15f-43e4-8293-f1eb30161df8", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -10969,7 +10929,7 @@ ] }, { - "uuid": "d9868571-71a6-4e4e-a094-faf876ecba8d", + "uuid": "ec5241ad-369e-4ded-8453-dcbc5f66ff11", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -10982,7 +10942,7 @@ ] }, { - "uuid": "25adfd45-d4d0-4b5a-8622-1359882caafa", + "uuid": "e941439d-18c5-4e9d-8ae7-79924fb59f9e", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -10995,7 +10955,7 @@ ] }, { - "uuid": "3643f3d0-b51e-4e9f-8ce7-eb91d2cd38e4", + "uuid": "595b06d8-67a9-4a47-8e33-0b9093bdce41", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -11052,7 +11012,7 @@ ] }, { - "uuid": "2c261f33-b9f2-4af6-ae84-7e3469c407bf", + "uuid": "80660582-e817-47ba-aee4-e14eac96dfa8", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -11079,7 +11039,7 @@ ] }, { - "uuid": "4c2d4e2c-817e-46d2-9c6b-67df561a8b1a", + "uuid": "f0093bbb-8f27-4c01-9110-083d0aeb7f79", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -11106,7 +11066,7 @@ ] }, { - "uuid": "06472d15-7c11-490a-9c83-3691e7c90e82", + "uuid": "00ec1471-d041-4644-9c1c-ea4232ea57db", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -11123,7 +11083,7 @@ ] }, { - "uuid": "9d2a8c0a-6573-4bdc-b0c6-350fb56a1474", + "uuid": "e2ba7898-d9f9-4d3d-bec7-d506436ba18c", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -11140,7 +11100,7 @@ ] }, { - "uuid": "9c32e1e5-944b-4c44-a5de-5591f4683c52", + "uuid": "a71f38e0-88d1-4926-b291-397017c4105e", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -11157,7 +11117,7 @@ ] }, { - "uuid": "f2641cfd-f246-45c0-b081-731f4e767472", + "uuid": "eede75ae-e4d8-42c5-ad29-8ee1cb245a62", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -11179,7 +11139,7 @@ ] }, { - "uuid": "42471d30-59a5-4bbe-b130-60719a619ed5", + "uuid": "9f22b654-5d0f-43b1-87bc-84acea380252", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -11196,7 +11156,7 @@ ] }, { - "uuid": "1c8dd8a9-f8af-4704-98df-411eb39d8baa", + "uuid": "e670d5bd-33a7-443b-9b27-5749d47460fc", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -11213,7 +11173,7 @@ ] }, { - "uuid": "a0b8f841-91c1-40e8-9524-9cc332b1ae96", + "uuid": "09fb8b77-2254-47a8-b8b3-734bc7b0f9b0", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -11231,7 +11191,7 @@ ] }, { - "uuid": "19d4f47f-8ffb-40db-b83f-a7d12084ffa0", + "uuid": "5feb8dae-a478-404b-bb96-c773e1a826ae", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -11248,7 +11208,7 @@ ] }, { - "uuid": "eac49577-991f-42bf-ad5c-bf52df8903af", + "uuid": "f6e934a8-1767-4631-b86b-a59e480ae06c", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -11265,7 +11225,7 @@ ] }, { - "uuid": "b4602c53-6b6a-492f-a443-875e1d7968f6", + "uuid": "30fd1229-1663-4a54-81a1-ef399182b55d", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -11282,7 +11242,7 @@ ] }, { - "uuid": "6806503b-062e-407d-b301-3cc1c489154f", + "uuid": "c6fc3c56-64f6-4fc3-8ee3-98085350c645", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -11299,7 +11259,7 @@ ] }, { - "uuid": "713b92b6-deaf-4960-b355-02f41dc3ea3a", + "uuid": "c0e12709-5436-4084-aa15-6747b8dc9e3e", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -11316,7 +11276,7 @@ ] }, { - "uuid": "3c84e40c-03e3-4ddb-9185-220676a71ada", + "uuid": "4ada20c0-98fa-4384-839a-92667a0cfcd3", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -11333,7 +11293,7 @@ ] }, { - "uuid": "b68ee52f-5822-4a1c-8977-78b6854a1850", + "uuid": "ccc83bce-d830-4e99-9203-b7e602d9394b", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -11350,7 +11310,7 @@ ] }, { - "uuid": "982eec55-2075-45a3-b593-93fbc276e386", + "uuid": "9b308bc7-d1a6-490c-ac03-9e3e1b39325c", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -11367,7 +11327,7 @@ ] }, { - "uuid": "3cbce45d-d14b-4c88-81f3-f6da859ecbcc", + "uuid": "cc57d633-5506-4176-9162-354817463228", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -11384,7 +11344,7 @@ ] }, { - "uuid": "3899caa9-e2d2-4759-888e-147b9aca893b", + "uuid": "b6f87104-5f39-4ecc-9450-801ba3a9942c", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -11401,7 +11361,7 @@ ] }, { - "uuid": "89c9332d-849f-4205-8c8d-44ebc209daa7", + "uuid": "73ede37a-208f-484f-bd6c-cc190aff92b2", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -11418,7 +11378,7 @@ ] }, { - "uuid": "517f60d4-9ba6-44fa-964d-ad426aaa8c5b", + "uuid": "bed337f3-4b16-47e1-a225-f5adf299b1a5", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -11435,7 +11395,7 @@ ] }, { - "uuid": "19bb61a1-377a-4a4f-bbfb-c1df3506fea1", + "uuid": "5388197c-ae51-4015-b649-ce46a9d81d8e", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -11452,7 +11412,7 @@ ] }, { - "uuid": "8dd7fb70-cbc4-4bad-b026-2b71f30a301c", + "uuid": "66953dca-212d-4f91-b528-d82cef22d9b3", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -11469,7 +11429,7 @@ ] }, { - "uuid": "bb69d3ea-311b-4038-9414-ba510769157b", + "uuid": "1b7f465d-394f-4d24-98ec-ea481d1ff637", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -11486,7 +11446,7 @@ ] }, { - "uuid": "2c6dcbcf-a8f4-4b08-8dbb-a40797506f1f", + "uuid": "8df35742-7ebc-4af6-a86f-6d6c394e291f", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -11508,7 +11468,7 @@ ] }, { - "uuid": "8bcb2ed2-217a-4f40-9a38-aa042908efd1", + "uuid": "fe281125-aeae-438e-8efe-11efc88f464b", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -11520,7 +11480,7 @@ ] }, { - "uuid": "fde3ebdb-e9bb-48e8-a043-3d22fb5e8b0c", + "uuid": "3e4ffca2-cce0-4a0c-b80d-bb235f38a813", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -11542,7 +11502,7 @@ ] }, { - "uuid": "b37c07aa-fffd-48d4-99cf-4d4a8ad48864", + "uuid": "93a23b9e-e6ea-4a1b-bdcc-b5136ec8f66c", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -11569,7 +11529,7 @@ ] }, { - "uuid": "4bf2f61e-0309-4355-9fa2-93abd4873e9f", + "uuid": "088761c7-7a1d-4e79-87d8-fe502bef00e3", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -11581,7 +11541,7 @@ ] }, { - "uuid": "d410f7f6-52e4-4cea-b29a-15bdd75196ed", + "uuid": "ffa67854-934f-4a25-8722-09c0a99ecd44", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -11598,7 +11558,7 @@ ] }, { - "uuid": "14cbb457-24e1-4680-b7cb-0bcdf6ead047", + "uuid": "3fa31149-22dc-433a-9c0a-3aef62f1cb12", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -11615,7 +11575,7 @@ ] }, { - "uuid": "1dc5adad-1488-43e1-8b32-d996c4f3547f", + "uuid": "e549c0a3-e4ec-4e88-a695-c626bcd99afb", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -11632,7 +11592,7 @@ ] }, { - "uuid": "9d86dfef-8ed5-457e-969d-2074cf071d0d", + "uuid": "6e97de6f-2a24-4f2a-aead-d6ed3019905d", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -11649,7 +11609,7 @@ ] }, { - "uuid": "bbc1ad8a-ef0a-4de2-8e19-fee245488cab", + "uuid": "af905c1a-932b-430c-b4ba-8c9be98d5571", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -11666,7 +11626,7 @@ ] }, { - "uuid": "6e2f5526-d29d-4b77-9296-296ee5930305", + "uuid": "2aba8719-bfcd-42d0-a4ae-0013f2083d08", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -11683,7 +11643,7 @@ ] }, { - "uuid": "8a8c44ce-1708-4730-8674-0d688714c7bf", + "uuid": "e8022e29-b215-46c0-aa2d-003caa0398a9", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -11700,7 +11660,7 @@ ] }, { - "uuid": "24f38608-0fb7-4654-a1aa-3da110b5e476", + "uuid": "a5785077-a1a3-46ea-b4fe-329a16177bc4", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -11717,7 +11677,7 @@ ] }, { - "uuid": "ec4986db-3035-44e3-bf41-044d5784bf60", + "uuid": "25a22d57-8abe-4ae7-bdb4-c482a383f196", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -11734,7 +11694,7 @@ ] }, { - "uuid": "d7a714f2-ba79-41ad-8661-67816da0795d", + "uuid": "4815590f-7b79-4cfd-8cf1-1a318f8db44f", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -11751,7 +11711,7 @@ ] }, { - "uuid": "ab0a4ed5-188b-4270-8dfb-c87c9b666f24", + "uuid": "d4c4776b-6638-4275-b2c4-3f934f095b34", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -11773,7 +11733,7 @@ ] }, { - "uuid": "0bf9a4af-0489-4ea6-966c-141d1584a08d", + "uuid": "d6b61c82-28d6-4f97-9d42-d66e4d32bfc7", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -11790,7 +11750,7 @@ ] }, { - "uuid": "25e2a95b-acd9-4165-b1ca-622a994c2c3f", + "uuid": "dc8750d6-72a6-4272-a6d8-68aef574cc50", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -11807,7 +11767,7 @@ ] }, { - "uuid": "a992b3c7-783c-483b-a07c-67fe0327dd07", + "uuid": "2e769f33-113d-477b-b3a4-663e1f2d95e7", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -11824,7 +11784,7 @@ ] }, { - "uuid": "5abd317d-b8c6-43d5-b9a4-478fad651aff", + "uuid": "8e3c7628-595c-4fc5-a3fe-83f8d61d5c9a", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -11841,7 +11801,7 @@ ] }, { - "uuid": "8fe072a6-3dc6-43d7-b185-1ddf60f3bf23", + "uuid": "a08945f4-3518-4ba1-85cd-7de255dc3ec7", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -11863,7 +11823,7 @@ ] }, { - "uuid": "4afad90b-511f-4d75-9119-e68043f2b439", + "uuid": "261c02c7-3d61-46e8-9749-d1acb5c5afe4", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -11880,7 +11840,7 @@ ] }, { - "uuid": "307ae57a-e91b-4f7e-8b78-fa2d4567be1d", + "uuid": "73f61564-bd7e-48c5-aa12-b338489a708c", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -11902,7 +11862,7 @@ ] }, { - "uuid": "44c63d72-729e-4610-bd7e-da5582168c06", + "uuid": "eb90cd36-3870-4384-949f-23dbb8418d12", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -11924,20 +11884,15 @@ ] }, { - "uuid": "c42d67ea-465c-4c5e-a205-25bbcaabf4e3", + "uuid": "5b31fabe-64d6-4c4f-90dd-142feb24d39e", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -11946,7 +11901,7 @@ ] }, { - "uuid": "65bc839f-5dff-4505-9f63-c3d92279f02b", + "uuid": "974a5ed4-e5dc-471c-95a8-ef1c8978b195", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -11968,7 +11923,7 @@ ] }, { - "uuid": "ab0fa185-1668-4221-97f3-f47f3ed204e5", + "uuid": "b827f2ed-6cf7-43e4-8e36-e84d86c3b6a0", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -11985,7 +11940,7 @@ ] }, { - "uuid": "60ca7650-80f7-479c-83a7-7584e0f718f9", + "uuid": "7920d0e9-1e7d-4e60-90d9-ad08f8f5e37e", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -12002,7 +11957,7 @@ ] }, { - "uuid": "1f77df8e-ca38-4bd9-ad66-e4775c5e1d35", + "uuid": "11f5718e-7bec-491d-ac6f-76e966cdb7e0", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -12019,7 +11974,7 @@ ] }, { - "uuid": "777881f5-26ae-4f0e-9d69-a9125e7ad45d", + "uuid": "d33a3af7-bc37-4bdb-b727-b243927dfeb2", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -12036,7 +11991,7 @@ ] }, { - "uuid": "25bcf619-583c-4f8d-9514-b199a80726d5", + "uuid": "f0a185a5-4c97-43b7-8577-d946d0d7de8b", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -12053,7 +12008,7 @@ ] }, { - "uuid": "7fcd8e9d-a719-4c25-b9e6-9bb82b81551e", + "uuid": "e3c0fb36-97e0-4c4a-86a0-7475bb3c774c", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -12075,7 +12030,7 @@ ] }, { - "uuid": "72b5e61c-c697-419b-84a4-b238e3737285", + "uuid": "a0a4eb20-5659-41eb-beac-22ae44b29200", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -12092,7 +12047,7 @@ ] }, { - "uuid": "19fe9b2f-5476-4d4c-9ae2-a8e709b2704d", + "uuid": "65053a07-a48d-4e7d-aaf4-b9d234f08b9d", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -12114,19 +12069,24 @@ ] }, { - "uuid": "e9fa1278-9940-4056-be9b-af96575a7486", + "uuid": "9cb23672-6090-4b00-836d-ee7a2bf4918d", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "54427256-39c0-4298-9c6e-5ffcb6b8c8dc", + "uuid": "d18c1237-c37b-41f0-bc86-9740b922611a", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -12143,7 +12103,7 @@ ] }, { - "uuid": "ed8fb88d-4ed8-4b6a-981e-a353d46c82dd", + "uuid": "7ead4e89-6299-443e-93ca-6553735ae1a7", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -12170,7 +12130,7 @@ ] }, { - "uuid": "07fe1ea4-a76f-4ea4-be85-061968f42051", + "uuid": "61928651-9b89-408d-a88a-6db39e50ab3e", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -12192,7 +12152,7 @@ ] }, { - "uuid": "1e2fb1a8-5faf-40c6-890d-907482632820", + "uuid": "c1309766-35e9-4a43-9567-9762729f3c35", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -12209,7 +12169,7 @@ ] }, { - "uuid": "8768bf93-8388-485d-a433-dedba2ba7517", + "uuid": "a445d657-95a8-44a8-8aec-aa6749af2faa", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -12226,7 +12186,7 @@ ] }, { - "uuid": "df84cbe6-cd17-464f-80f7-41181eec22cc", + "uuid": "1efb8c33-399d-4f08-8edc-326617487e35", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -12243,7 +12203,7 @@ ] }, { - "uuid": "445bad0a-0662-4d91-a87f-85a18f0ed5b5", + "uuid": "3615e6a8-9475-440e-941c-481ecd7b8586", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -12256,7 +12216,7 @@ ] }, { - "uuid": "c77e168c-3d38-4a0e-9c70-65e512c54a05", + "uuid": "86f43ca0-e587-45a5-872d-7b81534b4bf2", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -12269,20 +12229,24 @@ ] }, { - "uuid": "a93c923e-4df0-486a-b5c9-50a70a075c04", + "uuid": "1c0184b0-a655-4c7f-9ad6-58f46ff7aa72", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "9cc1436e-b4a1-48af-b01a-29714908efa7", + "uuid": "98f2ce1c-bf51-4618-b7e5-b1a278fd30d7", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -12299,7 +12263,7 @@ ] }, { - "uuid": "71b30580-d463-43a2-a7c5-487122b9cd12", + "uuid": "5ec1dda2-96b6-4d6d-b2e4-2ba27d8ff97b", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -12312,7 +12276,7 @@ ] }, { - "uuid": "9ace68a9-03be-4c3a-afc0-fef2c8e76cea", + "uuid": "428de4e5-1f38-49c5-8806-8ff828c104d0", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -12329,7 +12293,7 @@ ] }, { - "uuid": "0bec7dbb-30b0-4f72-9bc6-693d8873daad", + "uuid": "22313a48-1114-44d2-bcaf-7eaccc2e5177", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -12346,7 +12310,7 @@ ] }, { - "uuid": "9bf42666-1bc3-44f2-9330-5b16c21284d9", + "uuid": "386cb86d-aa4c-4477-a175-21f08b2f5c4f", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -12363,7 +12327,7 @@ ] }, { - "uuid": "849b78ac-4fc1-4a46-ae13-35d80be865b1", + "uuid": "362e8a54-36dc-4d0d-88d2-506fcc30cd69", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -12380,7 +12344,7 @@ ] }, { - "uuid": "9dd20509-a5b4-4ebc-83b5-ec85cbb1d6ae", + "uuid": "0879f68f-652f-46c5-a333-dd4517801cb2", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -12397,7 +12361,7 @@ ] }, { - "uuid": "2cf324fc-2982-44f3-a0db-461c78bde907", + "uuid": "a55dc5a6-c61c-433e-af32-2a563ae67947", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -12409,7 +12373,7 @@ ] }, { - "uuid": "01205518-5e64-4ae0-943b-9081a8b1b374", + "uuid": "9f637e44-14ad-40ac-aff2-5ac68aa02577", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -12421,7 +12385,7 @@ ] }, { - "uuid": "5c01ba64-4115-4a03-9340-4630d2c3516c", + "uuid": "9acbfb4e-067d-4173-b55f-ceb620052906", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -12433,7 +12397,7 @@ ] }, { - "uuid": "3e45221a-b470-48df-bb27-48ec555e88bf", + "uuid": "1a77bce8-5ed3-4063-95fb-0f9f025c1b0d", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -12445,7 +12409,7 @@ ] }, { - "uuid": "94aebf68-1d29-48c5-af6c-ebc7e17878f5", + "uuid": "12891ee1-a1d7-498e-bbb5-8976b20a3378", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -12458,7 +12422,7 @@ ] }, { - "uuid": "dd4fc54b-ae6a-4887-b383-84c58b188433", + "uuid": "6ad00b48-9e39-4500-83db-c10c38065e8b", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -12471,7 +12435,7 @@ ] }, { - "uuid": "e2b57679-d485-4758-b8f1-f07256ef7e10", + "uuid": "2c087472-5922-42f1-9f9d-0eacf29f42c7", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -12483,7 +12447,7 @@ ] }, { - "uuid": "2d77df30-c796-4d61-b655-15f2849a9cb9", + "uuid": "db5be369-064b-4f23-a98e-ddd7db630f43", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -12496,7 +12460,7 @@ ] }, { - "uuid": "99d838f3-166f-4a5a-bcb4-362374d6b03f", + "uuid": "9d599125-bd83-49aa-9fab-f0d465abf5d8", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -12523,7 +12487,7 @@ ] }, { - "uuid": "89d5c1c2-7119-47ef-98bc-5156a90a2da4", + "uuid": "1d7b7bdb-c928-4724-8b19-2ecaacbd7fca", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -12550,7 +12514,7 @@ ] }, { - "uuid": "2e4d40c8-3d61-48d9-97cf-c451e07308b1", + "uuid": "d978f9e0-56b7-48b6-821e-cceac546de4c", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -12577,7 +12541,7 @@ ] }, { - "uuid": "e163cbe1-75eb-411a-adfe-74341251b26c", + "uuid": "2cfd03da-83a1-406a-a7bb-050b697df439", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -12604,7 +12568,7 @@ ] }, { - "uuid": "3f645730-45ff-49dd-973d-31a708a86943", + "uuid": "fe0e1ae0-a1a6-49cf-b75d-b47b0451b84f", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -12631,7 +12595,7 @@ ] }, { - "uuid": "a6983ffe-6f9f-4da5-93a7-38aff083be31", + "uuid": "01320a47-18b5-4eb4-8868-1512ba58a006", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -12658,7 +12622,7 @@ ] }, { - "uuid": "42e607d6-c8c6-4091-bf56-cdc25c95fe9e", + "uuid": "16a8a345-35cd-42b7-bf0d-6dbdfc36dc69", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -12685,7 +12649,7 @@ ] }, { - "uuid": "8c888dbc-e395-4eb3-9739-a0c457b747bf", + "uuid": "8b55569c-4fa1-412a-afd4-e2247cea26c0", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -12712,7 +12676,7 @@ ] }, { - "uuid": "e8b2bcf8-d2cd-4410-afce-8d6d6b44ad6a", + "uuid": "726360e6-2da7-4028-8fa2-d4f73f10494b", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -12739,7 +12703,7 @@ ] }, { - "uuid": "6ca6e7ea-0e10-461c-a708-37c22743a54e", + "uuid": "4def5b71-138c-4348-98ab-294b4a353bbd", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -12766,7 +12730,7 @@ ] }, { - "uuid": "e452d1f8-9fa4-4217-a0ee-ff7948f250b6", + "uuid": "72f6590e-1dfd-452a-8158-37627728beeb", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -12808,7 +12772,7 @@ ] }, { - "uuid": "de1003a3-f2fe-4fbc-b2b9-da6ed86477f2", + "uuid": "b35153fa-4fe6-4e53-8ffe-f9767da8f3da", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -12830,7 +12794,7 @@ ] }, { - "uuid": "3ea76713-bc8c-49ef-915d-9a652f88baa6", + "uuid": "2073a701-0d18-432d-9622-6cf8e910956c", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -12852,7 +12816,7 @@ ] }, { - "uuid": "f8beb1a7-a803-46df-b343-17d35f9abf41", + "uuid": "fe49782a-d7e0-4f0b-889f-6fd6e558c759", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -12865,7 +12829,7 @@ ] }, { - "uuid": "0451958f-48a7-4e6a-b161-5dbbeee5b4db", + "uuid": "a08fe880-707f-4564-b567-a4a1f5d4ebb3", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -12882,7 +12846,7 @@ ] }, { - "uuid": "9f0094e2-e200-4265-8173-1901d4407b9d", + "uuid": "f893d374-438e-4236-9a5c-bd93f18e1823", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -12899,7 +12863,7 @@ ] }, { - "uuid": "1eab7d24-c1f5-40ba-a4ed-da84d62de9e2", + "uuid": "56ab7f4c-4c45-47f3-92b8-00be105a587d", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -12916,7 +12880,7 @@ ] }, { - "uuid": "041c58e0-4f2e-4d61-8849-05f0e26b3f09", + "uuid": "5e95b492-4165-4001-9347-9fabf0b73fba", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -12933,7 +12897,7 @@ ] }, { - "uuid": "4469529e-f737-4341-9a7e-339d6ed1215f", + "uuid": "cfab5b4c-a95c-4ec4-b39f-38c8a8713818", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -12950,7 +12914,7 @@ ] }, { - "uuid": "eefa37b0-0889-4e3a-ac2b-06ca4caabca7", + "uuid": "36ae5710-3e62-428b-bf49-fa75dc188318", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -12967,7 +12931,7 @@ ] }, { - "uuid": "8634ea62-b655-4170-93a9-2899c73a74a5", + "uuid": "c70e39c8-f4e4-4964-995e-f76f30ffaf9d", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -12984,7 +12948,7 @@ ] }, { - "uuid": "28607342-7df6-4b86-bae0-c53cda398c06", + "uuid": "a47dda31-e0af-4cb3-8a24-3dd8077fec22", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -13011,7 +12975,7 @@ ] }, { - "uuid": "4d82aa11-5d9f-48dc-a2b0-9ddbecd8f8e3", + "uuid": "25cf10bc-d6d7-4cc3-ba69-34010a137b2f", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ @@ -13957,7 +13921,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -13975,7 +13939,7 @@ { "name": "Parameter_Value_Alternatives_48", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -15169,9607 +15133,9559 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_automount", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automounting", "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_automount", "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automounting", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_gnome_disable_automount_open", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Disable GNOME3 Automount Opening", "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_gnome_disable_automount_open", "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Disable GNOME3 Automount Opening", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount", + "value": "service_autofs_disabled", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automounting", + "value": "Disable the Automounter", "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount", + "value": "service_autofs_disabled", "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automounting", + "value": "Disable the Automounter", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount_open", + "value": "service_avahi-daemon_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount Opening", + "value": "Disable Avahi Server Software", "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount_open", + "value": "service_avahi-daemon_disabled", "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount Opening", + "value": "Disable Avahi Server Software", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_kea_removed", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall kea Package", "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_kea_removed", "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall kea Package", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_autofs_disabled", + "value": "package_bind_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the Automounter", + "value": "Uninstall bind Package", "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_autofs_disabled", + "value": "package_bind_removed", "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the Automounter", + "value": "Uninstall bind Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_avahi-daemon_disabled", + "value": "package_dnsmasq_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Avahi Server Software", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_avahi-daemon_disabled", + "value": "package_dnsmasq_removed", "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Avahi Server Software", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_cups_disabled", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable the CUPS Service", "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_cups_disabled", "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable the CUPS Service", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_rsync_removed", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall rsync Package", "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_rsync_removed", "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall rsync Package", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cups_disabled", + "value": "package_samba_removed", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the CUPS Service", + "value": "Uninstall Samba Package", "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cups_disabled", + "value": "package_samba_removed", "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the CUPS Service", + "value": "Uninstall Samba Package", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "wireless_disable_interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "wireless_disable_interfaces", "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "service_bluetooth_disabled", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable Bluetooth Service", "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "service_bluetooth_disabled", "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable Bluetooth Service", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "kernel_module_can_disabled", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Disable CAN Support", "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "kernel_module_can_disabled", "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Disable CAN Support", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_bluetooth_disabled", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Bluetooth Service", + "value": "Disable DCCP Support", "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_bluetooth_disabled", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Bluetooth Service", + "value": "Disable DCCP Support", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "disable_host_auth", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_187" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "disable_host_auth", "remarks": "rule_set_187" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_rhosts", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_rhosts", "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_use_strong_kex", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_use_strong_kex", "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_227" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_227" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_228" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_228" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_229" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_229" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_230" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_230" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_231" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_231" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_232" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_232" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_233" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_233" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_234" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_234" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_235" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_235" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_236" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_236" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_237" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_237" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_238" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_238" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_239" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_239" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_240" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_240" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_241" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_241" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_242" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_242" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_243" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_243" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_244" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_244" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_245" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_245" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_246" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_246" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_247" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_247" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_248" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_248" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_249" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_249" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_250" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_250" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_251" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_251" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_252" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_252" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_253" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_253" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_254" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_254" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_255" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_255" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_256" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_256" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_257" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_257" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_257" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_258" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_258" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_258" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_258" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_259" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_259" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_259" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_259" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_overlayfs_disabled", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure overlayfs kernel module is not available", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_overlayfs_disabled", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure overlayfs kernel module is not available", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_squashfs_disabled", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of squashfs", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_squashfs_disabled", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of squashfs", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_udf_disabled", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of udf", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_udf_disabled", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of udf", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_weak_deps", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Installation of Weak Dependencies in DNF", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_weak_deps", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Installation of Weak Dependencies in DNF", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "xwayland_disabled", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable XWayland", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "xwayland_disabled", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable XWayland", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_cockpit_disabled", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Cockpit Management Server", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_cockpit_disabled", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Cockpit Management Server", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_gdm_removed", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove the GDM Package Group", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_gdm_removed", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove the GDM Package Group", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_xorg-x11-server-Xwayland_removed", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove the X Windows Xwayland Package", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_xorg-x11-server-Xwayland_removed", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Remove the X Windows Xwayland Package", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_openldap-clients_removed", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure LDAP client is not installed", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_openldap-clients_removed", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure LDAP client is not installed", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_ipv4_ip_forward", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_forwarding", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Forwarding", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_forwarding", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Forwarding", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_set_min_life_existing", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Existing Passwords Minimum Age", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_set_min_life_existing", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Existing Passwords Minimum Age", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_nologin_in_shells", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure nologin Shell is Not Listed in /etc/shells", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_nologin_in_shells", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure nologin Shell is Not Listed in /etc/shells", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit-libs_installed", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit-libs_installed", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_argument", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_argument", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_backlog_limit_argument", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Extend Audit Backlog Limit for the Audit Daemon", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_backlog_limit_argument", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Extend Audit Backlog Limit for the Audit Daemon", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Max Log File Size", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Max Log File Size", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file_action", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file_action", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_error_action", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Error Action on Disk Error", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_error_action", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Error Action on Disk Error", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_full_action", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Full Action when Disk Space Is Full", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_full_action", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Full Action when Disk Space Is Full", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_admin_space_left_action", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd admin_space_left Action on Low Disk Space", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_admin_space_left_action", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd admin_space_left Action on Low Disk Space", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left_action", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left Action on Low Disk Space", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left_action", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left Action on Low Disk Space", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_suid_auid_privilege_function", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events When Executables Are Run As Another User", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_suid_auid_privilege_function", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events When Executables Are Run As Another User", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_setdomainname", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - setdomainname", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_setdomainname", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - setdomainname", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_sethostname", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - sethostname", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_sethostname", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - sethostname", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue_net", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue_net", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_hosts", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hosts", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_hosts", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hosts", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_hostname_file", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hostname", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_hostname_file", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hostname", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_networkmanager", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_networkmanager", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_nsswitch_conf", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_nsswitch_conf", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pam_conf", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.conf", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pam_conf", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.conf", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pamd", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.d/", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pamd", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.d/", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_usr_share", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_usr_share", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfacl", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfacl", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfacl", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfacl", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chacl", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chacl", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chacl", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chacl", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_usermod", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_usermod", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_query", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_query", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_continue_loading", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_continue_loading", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_var_log_audit", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_var_log_audit", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_var_log_audit", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_var_log_audit", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_var_log_audit_stig", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_var_log_audit_stig", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_configuration", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Permissions are 640 or More Restrictive", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_configuration", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Permissions are 640 or More Restrictive", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_configuration", - "remarks": "rule_set_432" + "remarks": "rule_set_430" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Root", - "remarks": "rule_set_432" + "remarks": "rule_set_430" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_configuration", - "remarks": "rule_set_432" + "remarks": "rule_set_430" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Root", - "remarks": "rule_set_432" + "remarks": "rule_set_430" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_configuration", - "remarks": "rule_set_433" + "remarks": "rule_set_431" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Group root", - "remarks": "rule_set_433" + "remarks": "rule_set_431" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_configuration", - "remarks": "rule_set_433" + "remarks": "rule_set_431" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Group root", - "remarks": "rule_set_433" + "remarks": "rule_set_431" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_binaries", - "remarks": "rule_set_434" + "remarks": "rule_set_432" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools Have Mode 0755 or less", - "remarks": "rule_set_434" + "remarks": "rule_set_432" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_binaries", - "remarks": "rule_set_434" + "remarks": "rule_set_432" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools Have Mode 0755 or less", - "remarks": "rule_set_434" + "remarks": "rule_set_432" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_binaries", - "remarks": "rule_set_435" + "remarks": "rule_set_433" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by root", - "remarks": "rule_set_435" + "remarks": "rule_set_433" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_binaries", - "remarks": "rule_set_435" + "remarks": "rule_set_433" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by root", - "remarks": "rule_set_435" + "remarks": "rule_set_433" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_binaries", - "remarks": "rule_set_436" + "remarks": "rule_set_434" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by group root", - "remarks": "rule_set_436" + "remarks": "rule_set_434" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_binaries", - "remarks": "rule_set_436" + "remarks": "rule_set_434" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by group root", - "remarks": "rule_set_436" + "remarks": "rule_set_434" } ], "control-implementations": [ { - "uuid": "97051fd1-971d-4471-aedb-785dca3fec18", + "uuid": "c584f573-70a7-4aeb-bb65-693f8db3e394", "source": "trestle://profiles/rhel10-cis_rhel10-l2_server/profile.json", "description": "Control implementation for cis", "props": [ @@ -25065,13 +24981,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -25185,7 +25101,7 @@ ], "implemented-requirements": [ { - "uuid": "10aef46e-ae50-4f28-aa24-91dc13e883ba", + "uuid": "2ce39aef-6ddf-4dfb-bfab-063cdc66ab2f", "control-id": "cis_rhel10_1-1.1.6", "description": "No notes for control-id 1.1.1.6.", "props": [ @@ -25202,7 +25118,7 @@ ] }, { - "uuid": "54de2065-325c-46e0-90a3-f84d534a214d", + "uuid": "5907abca-1dd9-44ba-9297-de6f873f8cbb", "control-id": "cis_rhel10_1-1.1.7", "description": "No notes for control-id 1.1.1.7.", "props": [ @@ -25219,7 +25135,7 @@ ] }, { - "uuid": "5a492a7e-e566-4a48-920e-6996a193218c", + "uuid": "bca98cfa-abc8-4a0b-b6f7-9a213ae3eb04", "control-id": "cis_rhel10_1-1.1.8", "description": "No notes for control-id 1.1.1.8.", "props": [ @@ -25236,7 +25152,7 @@ ] }, { - "uuid": "fa045f47-6005-41b4-a5a7-3aa4695f0da7", + "uuid": "85cea36d-b303-49e6-8f1d-ba66cb8bdfec", "control-id": "cis_rhel10_1-1.2.3.1", "description": "No notes for control-id 1.1.2.3.1.", "props": [ @@ -25253,7 +25169,7 @@ ] }, { - "uuid": "8e62d389-dbbd-435d-8c63-0b138d583452", + "uuid": "3c2c96b2-ae79-4110-87e6-a3cd875aac13", "control-id": "cis_rhel10_1-1.2.4.1", "description": "No notes for control-id 1.1.2.4.1.", "props": [ @@ -25270,7 +25186,7 @@ ] }, { - "uuid": "1eff69e7-bf23-419f-8085-c388a77a66aa", + "uuid": "72457c52-f307-4074-ab03-ff51b86cf54b", "control-id": "cis_rhel10_1-1.2.5.1", "description": "No notes for control-id 1.1.2.5.1.", "props": [ @@ -25287,7 +25203,7 @@ ] }, { - "uuid": "ac7fd204-41f8-4aff-9968-ef93dbabd13c", + "uuid": "437d86bc-17bf-4f50-8fa7-4e41e2a02bfd", "control-id": "cis_rhel10_1-1.2.6.1", "description": "No notes for control-id 1.1.2.6.1.", "props": [ @@ -25304,7 +25220,7 @@ ] }, { - "uuid": "1f5099f6-62dc-45a4-a7cd-c4c6dd22e212", + "uuid": "0f03b5a3-7ed0-4230-a2fc-a1d322c69f66", "control-id": "cis_rhel10_1-1.2.7.1", "description": "No notes for control-id 1.1.2.7.1.", "props": [ @@ -25321,7 +25237,7 @@ ] }, { - "uuid": "59f8349c-6ccc-49fd-86a5-d9d3dbd9a01d", + "uuid": "c62ab2a3-9b0b-45e4-a9d3-bf6583307d4d", "control-id": "cis_rhel10_1-2.1.3", "description": "The description for control-id cis_rhel10_1-2.1.3.", "props": [ @@ -25334,7 +25250,7 @@ ] }, { - "uuid": "25eec27e-5ad3-41b2-97bb-8ad1375841ea", + "uuid": "2c472e0b-4202-4541-9331-6ec72f057185", "control-id": "cis_rhel10_1-2.1.5", "description": "No notes for control-id 1.2.1.5.", "props": [ @@ -25351,7 +25267,7 @@ ] }, { - "uuid": "a60748b9-a0f9-4f7a-a757-e3a529cca049", + "uuid": "ddb87feb-8006-4dff-b1f1-0e341aecc7a6", "control-id": "cis_rhel10_1-3.1.5", "description": "No notes for control-id 1.3.1.5.", "props": [ @@ -25368,7 +25284,7 @@ ] }, { - "uuid": "3bb8175d-e29e-4794-953b-6cb8b3061e7d", + "uuid": "ba0ba9ca-8934-4503-ada8-12775fa3a204", "control-id": "cis_rhel10_1-3.1.6", "description": "The description for control-id cis_rhel10_1-3.1.6.", "props": [ @@ -25381,7 +25297,7 @@ ] }, { - "uuid": "f9c66471-9524-48bc-9d97-81eee2c7b61f", + "uuid": "1c89be17-efb2-4167-8b06-ac5e76169509", "control-id": "cis_rhel10_1-5.3", "description": "No notes for control-id 1.5.3.", "props": [ @@ -25398,7 +25314,7 @@ ] }, { - "uuid": "f8b46712-78b3-4688-9554-343af9f03b9a", + "uuid": "c2a8ba2e-972d-4aff-9fbd-01b766642f16", "control-id": "cis_rhel10_1-8.6", "description": "No notes for control-id 1.8.6.", "props": [ @@ -25415,7 +25331,7 @@ ] }, { - "uuid": "4d500c23-d9c5-43d2-8c39-bbdf9076cdca", + "uuid": "21344b7c-a093-4ecd-ba08-0f819276acd8", "control-id": "cis_rhel10_2-1.3", "description": "No notes for control-id 2.1.3.", "props": [ @@ -25432,7 +25348,7 @@ ] }, { - "uuid": "efac2534-99b9-4361-9d01-e66c77ca8b71", + "uuid": "f54a697f-083d-4879-8e70-1551337ad0b9", "control-id": "cis_rhel10_2-1.19", "description": "No notes for control-id 2.1.19.", "props": [ @@ -25449,7 +25365,7 @@ ] }, { - "uuid": "5922287c-264c-4a28-bf84-cc8475fd3526", + "uuid": "b7c20960-e3f8-4d19-9a56-98e57e742e2a", "control-id": "cis_rhel10_2-1.20", "description": "No notes for control-id 2.1.20.", "props": [ @@ -25466,7 +25382,7 @@ ] }, { - "uuid": "b5575d9b-4cd0-4c69-8eaf-df0cdfd9b494", + "uuid": "fb47bbef-07d3-490c-a79a-bc9dae7e4b4e", "control-id": "cis_rhel10_2-2.2", "description": "No notes for control-id 2.2.2.", "props": [ @@ -25483,7 +25399,7 @@ ] }, { - "uuid": "93782e2a-0d72-412a-927c-5092d5781d9e", + "uuid": "63e15344-2825-4c5e-b0a9-777051693e85", "control-id": "cis_rhel10_3-3.1.1", "description": "No notes for control-id 3.3.1.1.", "props": [ @@ -25500,7 +25416,7 @@ ] }, { - "uuid": "c8bb4aa1-8d00-4c1d-b464-5f93471d2b87", + "uuid": "96f5100e-34bd-4554-bc32-74e79d8ac9f4", "control-id": "cis_rhel10_5-1.8", "description": "No notes for control-id 5.1.8.", "props": [ @@ -25517,7 +25433,7 @@ ] }, { - "uuid": "d8a4712c-4359-4545-93f9-436e4f63f7cb", + "uuid": "6b75985c-6c19-4bb3-93c4-6ae1fbe375eb", "control-id": "cis_rhel10_5-1.9", "description": "No notes for control-id 5.1.9.", "props": [ @@ -25534,7 +25450,7 @@ ] }, { - "uuid": "460f4ba3-24a0-4abd-860d-6590752bb22b", + "uuid": "5ea81ef4-0626-4635-a12f-cb4e3f44e096", "control-id": "cis_rhel10_5-2.4", "description": "No notes for control-id 5.2.4.", "props": [ @@ -25551,7 +25467,7 @@ ] }, { - "uuid": "d2802b44-36ad-468d-b91b-a603be386ef9", + "uuid": "b9ee3978-8742-45e4-9521-32ec40e0f335", "control-id": "cis_rhel10_5-3.2.1.3", "description": "No notes for control-id 5.3.2.1.3.", "props": [ @@ -25568,7 +25484,7 @@ ] }, { - "uuid": "a786ec18-54f1-490b-a19e-b3a42e89c379", + "uuid": "6efd6a60-7a1c-4b9e-9c0c-5f328ad71ca1", "control-id": "cis_rhel10_5-4.1.2", "description": "No notes for control-id 5.4.1.2.", "props": [ @@ -25590,7 +25506,7 @@ ] }, { - "uuid": "d32a3d59-a6d9-4e91-bf18-4617e2a4d53a", + "uuid": "5ab9bbf1-424d-4516-9150-d42d73166a65", "control-id": "cis_rhel10_5-4.3.1", "description": "No notes for control-id 5.4.3.1.", "props": [ @@ -25607,7 +25523,7 @@ ] }, { - "uuid": "6a79ff9d-6b49-4f7e-8b01-7ca3ed573166", + "uuid": "7fa90ac4-bb0d-4947-978a-905af449ff8c", "control-id": "cis_rhel10_6-3.1.1", "description": "No notes for control-id 6.3.1.1.", "props": [ @@ -25629,7 +25545,7 @@ ] }, { - "uuid": "48be2c9d-1ddc-4301-bb11-5cdccf856b5f", + "uuid": "3da00e76-7b69-49a6-9b82-bdd134d1d667", "control-id": "cis_rhel10_6-3.1.2", "description": "No notes for control-id 6.3.1.2.", "props": [ @@ -25646,7 +25562,7 @@ ] }, { - "uuid": "2764e2cc-6ab1-4c80-aaae-8f8b3edd2dea", + "uuid": "ecc77cec-57cb-4b6e-9af9-013f47155ee1", "control-id": "cis_rhel10_6-3.1.3", "description": "No notes for control-id 6.3.1.3.", "props": [ @@ -25663,7 +25579,7 @@ ] }, { - "uuid": "5bc3580b-34f3-40a4-bc90-0b6c7a2fc031", + "uuid": "16462f82-7b02-4bde-b41b-6702859b99fc", "control-id": "cis_rhel10_6-3.1.4", "description": "No notes for control-id 6.3.1.4.", "props": [ @@ -25680,7 +25596,7 @@ ] }, { - "uuid": "4dc6a099-93ff-4a56-97f9-26269d663a43", + "uuid": "efaa6839-19d6-43e6-93a4-54728b7849b2", "control-id": "cis_rhel10_6-3.2.1", "description": "No notes for control-id 6.3.2.1.", "props": [ @@ -25697,7 +25613,7 @@ ] }, { - "uuid": "9d96b7a8-120f-460d-957b-59e34c17911d", + "uuid": "f54f0513-9e44-45d6-afb1-ccf148994b98", "control-id": "cis_rhel10_6-3.2.2", "description": "No notes for control-id 6.3.2.2.", "props": [ @@ -25714,7 +25630,7 @@ ] }, { - "uuid": "f54b1e00-c1eb-425c-b03c-3edae9e78100", + "uuid": "5696f159-da49-44e7-a5ef-a0df8f60bf0d", "control-id": "cis_rhel10_6-3.2.3", "description": "No notes for control-id 6.3.2.3.", "props": [ @@ -25736,7 +25652,7 @@ ] }, { - "uuid": "130a3ccb-6480-41f7-a77d-d24916048c3f", + "uuid": "886b337e-0946-4106-ae1a-76ebdf19fe90", "control-id": "cis_rhel10_6-3.2.4", "description": "No notes for control-id 6.3.2.4.", "props": [ @@ -25758,7 +25674,7 @@ ] }, { - "uuid": "44d67536-7a89-4dbf-89b8-9edeb99e50e5", + "uuid": "618f5bef-8ce7-4b1a-b31d-51dd0c68819f", "control-id": "cis_rhel10_6-3.3.1", "description": "No notes for control-id 6.3.3.1.", "props": [ @@ -25775,7 +25691,7 @@ ] }, { - "uuid": "6d8e506e-a22a-47bd-86f1-049bae22a790", + "uuid": "65b5bb28-74e5-421f-8bb2-536bff6b4e26", "control-id": "cis_rhel10_6-3.3.2", "description": "No notes for control-id 6.3.3.2.", "props": [ @@ -25792,7 +25708,7 @@ ] }, { - "uuid": "b6f086bc-9d62-47c3-8106-b5afccc5a5f0", + "uuid": "7852d907-2eea-41c7-a75e-9a298b3cb377", "control-id": "cis_rhel10_6-3.3.3", "description": "No notes for control-id 6.3.3.3.", "props": [ @@ -25809,7 +25725,7 @@ ] }, { - "uuid": "32b2711b-de15-480d-8beb-b9c6ebb45daa", + "uuid": "be1f9cc9-392e-45f0-95c8-c785389bbba3", "control-id": "cis_rhel10_6-3.3.4", "description": "No notes for control-id 6.3.3.4.", "props": [ @@ -25841,7 +25757,7 @@ ] }, { - "uuid": "b3d079b3-5d19-4977-abeb-63bcded3fa4e", + "uuid": "bf78d436-5b7f-42c0-8c2c-4c73d2d29c9b", "control-id": "cis_rhel10_6-3.3.5", "description": "No notes for control-id 6.3.3.5.", "props": [ @@ -25863,7 +25779,7 @@ ] }, { - "uuid": "39ae3826-0c62-4a4f-8b10-0c68fd5a8549", + "uuid": "20f1c963-52a8-44f3-859d-1af9e3e70cc7", "control-id": "cis_rhel10_6-3.3.6", "description": "No notes for control-id 6.3.3.6.", "props": [ @@ -25885,7 +25801,7 @@ ] }, { - "uuid": "13c84c3d-4715-43aa-90bc-9bd681fae1f8", + "uuid": "bf4ad540-a0ba-4aa7-8beb-9151ea66d7e7", "control-id": "cis_rhel10_6-3.3.7", "description": "No notes for control-id 6.3.3.7.", "props": [ @@ -25907,7 +25823,7 @@ ] }, { - "uuid": "7024583d-1fac-4ccb-bd45-f4d092d9191c", + "uuid": "67e46584-f210-44c0-984c-5e8da279dc08", "control-id": "cis_rhel10_6-3.3.8", "description": "No notes for control-id 6.3.3.8.", "props": [ @@ -25929,7 +25845,7 @@ ] }, { - "uuid": "7d49de91-f65e-4999-947c-a6db1276ed38", + "uuid": "b07785ec-eaef-4d8d-8d27-959f7902ae78", "control-id": "cis_rhel10_6-3.3.9", "description": "No notes for control-id 6.3.3.9.", "props": [ @@ -25946,7 +25862,7 @@ ] }, { - "uuid": "ca2e0aad-a2aa-4434-9e41-4660e2103bcb", + "uuid": "c89e0ae8-f6c2-4879-8c79-3bd182fa351a", "control-id": "cis_rhel10_6-3.3.10", "description": "No notes for control-id 6.3.3.10.", "props": [ @@ -25963,7 +25879,7 @@ ] }, { - "uuid": "d5a2a893-951b-430e-82e6-7b1b62121420", + "uuid": "2179d160-b7d1-4c6a-82a9-31bbecc62e21", "control-id": "cis_rhel10_6-3.3.11", "description": "No notes for control-id 6.3.3.11.", "props": [ @@ -26000,7 +25916,7 @@ ] }, { - "uuid": "da9e79ba-d726-4e3f-859c-dd32e21980db", + "uuid": "8cb9348b-f87c-4f2e-932a-e65c9fd03861", "control-id": "cis_rhel10_6-3.3.12", "description": "No notes for control-id 6.3.3.12.", "props": [ @@ -26017,7 +25933,7 @@ ] }, { - "uuid": "a461a80a-64a8-4167-b9f6-3b7e5fa9beaa", + "uuid": "c188a2d8-0269-4022-b93a-a9e6aaa97c43", "control-id": "cis_rhel10_6-3.3.13", "description": "No notes for control-id 6.3.3.13.", "props": [ @@ -26034,7 +25950,7 @@ ] }, { - "uuid": "a3fa7e8a-2252-4691-9c8d-60f3102e4a96", + "uuid": "75f6c2d7-7474-4d33-9ca7-a1cb9757c3f5", "control-id": "cis_rhel10_6-3.3.14", "description": "No notes for control-id 6.3.3.14.", "props": [ @@ -26056,7 +25972,7 @@ ] }, { - "uuid": "8b13ba38-e152-4922-99d5-dd54d83408b7", + "uuid": "09994cd0-faea-4102-8dcd-9c3ab196db1d", "control-id": "cis_rhel10_6-3.3.15", "description": "No notes for control-id 6.3.3.15.", "props": [ @@ -26073,7 +25989,7 @@ ] }, { - "uuid": "02c060e9-ef0e-483b-803b-b6a39944e4ce", + "uuid": "9ab2c2d8-a10a-42e2-b3be-afbf64f899ae", "control-id": "cis_rhel10_6-3.3.16", "description": "No notes for control-id 6.3.3.16.", "props": [ @@ -26090,7 +26006,7 @@ ] }, { - "uuid": "a209fadf-d78d-4ad2-b040-210c06855731", + "uuid": "52452166-5462-4664-ab4c-b31b31942882", "control-id": "cis_rhel10_6-3.3.17", "description": "No notes for control-id 6.3.3.17.", "props": [ @@ -26112,7 +26028,7 @@ ] }, { - "uuid": "05a524b9-cc9a-4678-8cfa-3501ae465efd", + "uuid": "730e72af-4a5c-4404-a41b-5e59f7e78a91", "control-id": "cis_rhel10_6-3.3.18", "description": "No notes for control-id 6.3.3.18.", "props": [ @@ -26144,7 +26060,7 @@ ] }, { - "uuid": "622a9e64-24fd-4f64-8d63-ce900e1e9d9f", + "uuid": "b7aa9950-6a10-41ba-be05-4c5519191dd5", "control-id": "cis_rhel10_6-3.3.19", "description": "No notes for control-id 6.3.3.19.", "props": [ @@ -26176,7 +26092,7 @@ ] }, { - "uuid": "330a20dc-bc3d-41b6-9b6d-7f6189e5c7b8", + "uuid": "71fa256c-2683-43e7-adc7-75cd5020270a", "control-id": "cis_rhel10_6-3.3.20", "description": "No notes for control-id 6.3.3.20.", "props": [ @@ -26218,7 +26134,7 @@ ] }, { - "uuid": "d256d1ea-0de6-4a94-b537-39ff8989177a", + "uuid": "d879fd89-7f61-46ad-82e9-7fc5e22eaab9", "control-id": "cis_rhel10_6-3.3.21", "description": "No notes for control-id 6.3.3.21.", "props": [ @@ -26235,7 +26151,7 @@ ] }, { - "uuid": "830b8a3e-eeb2-49a0-96b1-bd3b94dfd7ec", + "uuid": "c4fd6b0c-1b3f-49a6-9a82-e87415ca81ab", "control-id": "cis_rhel10_6-3.3.22", "description": "No notes for control-id 6.3.3.22.", "props": [ @@ -26262,7 +26178,7 @@ ] }, { - "uuid": "abccb135-bec0-4760-ba24-368c5b7fdfe5", + "uuid": "3535eda4-1e6a-4a17-b7fe-154b46e69e41", "control-id": "cis_rhel10_6-3.3.23", "description": "No notes for control-id 6.3.3.23.", "props": [ @@ -26284,7 +26200,7 @@ ] }, { - "uuid": "0ce26247-f3d2-45e6-8a48-19f7e4e6b2ab", + "uuid": "697df3d0-310c-43f4-b880-839283b1544d", "control-id": "cis_rhel10_6-3.3.24", "description": "No notes for control-id 6.3.3.24.", "props": [ @@ -26306,7 +26222,7 @@ ] }, { - "uuid": "3ec1e6db-d47c-4210-abb4-55e1b01c343b", + "uuid": "79f84214-8333-4683-ab95-45c5e0e24b94", "control-id": "cis_rhel10_6-3.3.25", "description": "No notes for control-id 6.3.3.25.", "props": [ @@ -26333,7 +26249,7 @@ ] }, { - "uuid": "a2b5ccf2-2d6e-4dca-a73c-53099d38ab2c", + "uuid": "defbdba0-31eb-4fa7-8dcc-32293764401d", "control-id": "cis_rhel10_6-3.3.26", "description": "No notes for control-id 6.3.3.26.", "props": [ @@ -26355,7 +26271,7 @@ ] }, { - "uuid": "efa4dcde-c11b-4197-9597-28d82e97c3d0", + "uuid": "da123c8e-9221-48f7-90e0-7b42a5f40771", "control-id": "cis_rhel10_6-3.3.27", "description": "No notes for control-id 6.3.3.27.", "props": [ @@ -26372,7 +26288,7 @@ ] }, { - "uuid": "784ad5e3-2b35-4ae1-a2a6-a7837c6998b0", + "uuid": "76726161-81c5-409e-9c67-283c8f7380ef", "control-id": "cis_rhel10_6-3.3.28", "description": "No notes for control-id 6.3.3.28.", "props": [ @@ -26389,7 +26305,7 @@ ] }, { - "uuid": "37e47a66-a850-436d-bd67-92c6b8d1eb13", + "uuid": "cba21b9d-368b-456c-8c4f-349fe604980d", "control-id": "cis_rhel10_6-3.3.29", "description": "No notes for control-id 6.3.3.29.", "props": [ @@ -26406,7 +26322,7 @@ ] }, { - "uuid": "f466c002-5ae9-47f7-ad2d-536847e04105", + "uuid": "187b4a70-70de-422d-a6d9-b5d7698e82a3", "control-id": "cis_rhel10_6-3.3.30", "description": "No notes for control-id 6.3.3.30.", "props": [ @@ -26423,7 +26339,7 @@ ] }, { - "uuid": "b88aa1ca-6611-4746-8042-d9f885263b0c", + "uuid": "0df1e90a-6b4e-4ee9-ba16-b7ac47688123", "control-id": "cis_rhel10_6-3.3.31", "description": "No notes for control-id 6.3.3.31.", "props": [ @@ -26440,7 +26356,7 @@ ] }, { - "uuid": "c245df21-a432-4571-b8e9-369f31b328ba", + "uuid": "26e35736-1f74-413f-9ab6-33ace3ffadf8", "control-id": "cis_rhel10_6-3.3.32", "description": "No notes for control-id 6.3.3.32.", "props": [ @@ -26462,7 +26378,7 @@ ] }, { - "uuid": "2658c054-fc1f-42ba-a53c-8dbbab0f76be", + "uuid": "148ca1e0-5cda-41c3-87ec-35d3d6265a14", "control-id": "cis_rhel10_6-3.3.33", "description": "No notes for control-id 6.3.3.33.", "props": [ @@ -26479,7 +26395,7 @@ ] }, { - "uuid": "6e2f3618-3036-47a0-9464-5d5f027f3061", + "uuid": "b9fd120a-2fbb-42bb-aa91-b899905391a5", "control-id": "cis_rhel10_6-3.3.34", "description": "No notes for control-id 6.3.3.34.", "props": [ @@ -26496,7 +26412,7 @@ ] }, { - "uuid": "a495f63d-8302-4b64-8f2f-dd2088e5f99c", + "uuid": "508d8eba-620e-4cc5-a358-c4bea65e6dff", "control-id": "cis_rhel10_6-3.3.35", "description": "No notes for control-id 6.3.3.35.", "props": [ @@ -26513,7 +26429,7 @@ ] }, { - "uuid": "8c4d3a19-ba5f-49ac-926b-f665ab742e57", + "uuid": "33926e64-f1a1-42a0-b9be-0db62b96aa36", "control-id": "cis_rhel10_6-3.3.36", "description": "No notes for control-id 6.3.3.36.", "props": [ @@ -26530,7 +26446,7 @@ ] }, { - "uuid": "2ba9b75c-97ad-4eed-8873-c434a5e5246a", + "uuid": "2cfa48bc-c87f-4444-8547-ad47fbdd4247", "control-id": "cis_rhel10_6-3.3.37", "description": "The description for control-id cis_rhel10_6-3.3.37.", "props": [ @@ -26543,7 +26459,7 @@ ] }, { - "uuid": "43c9a3db-b746-4203-8812-3acd51fc09a0", + "uuid": "ff1a5c62-c034-4314-b887-0b1989e26412", "control-id": "cis_rhel10_6-3.4.1", "description": "No notes for control-id 6.3.4.1.", "props": [ @@ -26560,7 +26476,7 @@ ] }, { - "uuid": "4d65010a-6011-4d6d-8699-d049fdff8f18", + "uuid": "b1df0d85-b73d-4cff-918b-f6c95dead7c3", "control-id": "cis_rhel10_6-3.4.2", "description": "No notes for control-id 6.3.4.2.", "props": [ @@ -26577,7 +26493,7 @@ ] }, { - "uuid": "466b591e-5e32-4a22-ab5c-7ab7af08bd0f", + "uuid": "628a4cb9-f468-4e3f-b277-a2120cef15bc", "control-id": "cis_rhel10_6-3.4.3", "description": "No notes for control-id 6.3.4.3.", "props": [ @@ -26594,7 +26510,7 @@ ] }, { - "uuid": "928cf784-f39f-48c6-a0da-4cab1e24e564", + "uuid": "f320cf0a-57db-4833-a4da-7db345a6ceba", "control-id": "cis_rhel10_6-3.4.4", "description": "No notes for control-id 6.3.4.4.", "props": [ @@ -26611,7 +26527,7 @@ ] }, { - "uuid": "6ba96701-ce68-4ef7-95e0-7d6c0f3a24d1", + "uuid": "f08bd37e-5624-4024-9f43-cc1424105db5", "control-id": "cis_rhel10_6-3.4.5", "description": "No notes for control-id 6.3.4.5.", "props": [ @@ -26628,7 +26544,7 @@ ] }, { - "uuid": "53a80263-fe28-4cc3-8788-100b08b6a6d7", + "uuid": "6b43b781-49b3-4300-ae26-777f7ee4fe4c", "control-id": "cis_rhel10_6-3.4.6", "description": "No notes for control-id 6.3.4.6.", "props": [ @@ -26645,7 +26561,7 @@ ] }, { - "uuid": "5ea4a14d-771d-46bc-8aef-88527af131fb", + "uuid": "ce07981f-422a-4a85-a814-7d2f9c33be7e", "control-id": "cis_rhel10_6-3.4.7", "description": "No notes for control-id 6.3.4.7.", "props": [ @@ -26662,7 +26578,7 @@ ] }, { - "uuid": "0436792a-0bb4-4d43-abb3-394ed03ad030", + "uuid": "a397c696-b056-4fff-ab3c-6e4e6a3c3341", "control-id": "cis_rhel10_6-3.4.8", "description": "No notes for control-id 6.3.4.8.", "props": [ @@ -26679,7 +26595,7 @@ ] }, { - "uuid": "49ad1cdc-7c9e-48ea-847b-4920f67aeb9a", + "uuid": "6c336f83-a11c-4f72-a7f4-81feb97d04fa", "control-id": "cis_rhel10_6-3.4.9", "description": "No notes for control-id 6.3.4.9.", "props": [ @@ -26696,7 +26612,7 @@ ] }, { - "uuid": "531d0511-3bf9-4561-830d-5cf465111df1", + "uuid": "a96378fb-d543-42fb-9a62-92ac5345a7ef", "control-id": "cis_rhel10_6-3.4.10", "description": "No notes for control-id 6.3.4.10.", "props": [ @@ -26713,7 +26629,7 @@ ] }, { - "uuid": "14ce16f0-3b12-4cdf-9513-202ed281bdd3", + "uuid": "86c3daac-35d9-463f-ab3e-d126cea4ef4e", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -26730,7 +26646,7 @@ ] }, { - "uuid": "a7ca7e1e-3451-40b9-817e-fcc223fb3d70", + "uuid": "fd1d548d-3eb9-48d1-a4c7-86de0f299a7d", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -26747,7 +26663,7 @@ ] }, { - "uuid": "c00b0b91-4cab-4eea-ba11-8ecd232002a9", + "uuid": "bbac35b9-71db-4641-b542-f38f4528ff6f", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -26764,7 +26680,7 @@ ] }, { - "uuid": "b813acd8-6c60-41b7-9ff2-4fe85babed93", + "uuid": "4d0942f0-32e8-4601-bb60-97c3a6cb5290", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -26781,7 +26697,7 @@ ] }, { - "uuid": "c2daad06-52e4-485e-aff7-e127636c21cd", + "uuid": "e40ac9ad-00d2-4b80-a2a6-b648556c9a51", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -26798,7 +26714,7 @@ ] }, { - "uuid": "2c675e38-ebc4-4354-811b-5cb7b1863639", + "uuid": "3367dd1e-bea5-4d62-9cc9-cda9eaf3a6b5", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -26815,7 +26731,7 @@ ] }, { - "uuid": "f2a326bd-b171-4a91-97e9-0a9703292e79", + "uuid": "9dd1b16b-be71-42ef-b00e-5eed7f12d1e5", "control-id": "cis_rhel10_1-1.1.9", "description": "No notes for control-id 1.1.1.9.", "props": [ @@ -26832,7 +26748,7 @@ ] }, { - "uuid": "3db3be49-b6bd-4a5e-9027-d860c8493bdb", + "uuid": "161cd5dc-b422-4fa2-9b93-bbac1ec8198a", "control-id": "cis_rhel10_1-1.1.10", "description": "No notes for control-id 1.1.1.10.", "props": [ @@ -26849,7 +26765,7 @@ ] }, { - "uuid": "d0358ec0-3e7c-48bb-81db-57ae33b2c5f2", + "uuid": "7c5d974d-7af2-4aaf-9f3f-d9ef861e253f", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -26862,7 +26778,7 @@ ] }, { - "uuid": "2edb4fef-50a3-4a98-9a65-42a98f7a3ec4", + "uuid": "f50721eb-3b3a-4cdf-9196-a0214a394edb", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -26879,7 +26795,7 @@ ] }, { - "uuid": "2159fdd8-4b5b-4f57-9c62-6009b9446ccd", + "uuid": "5156122f-e8d3-436c-b59f-7cfdd36de8a3", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -26896,7 +26812,7 @@ ] }, { - "uuid": "df8b65be-48ec-4afd-a743-659dd6bf2f12", + "uuid": "47e5f478-765a-4f36-9fee-a936be845cd6", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -26913,7 +26829,7 @@ ] }, { - "uuid": "a8db656d-ae6f-432d-81fe-22aacadf3d6f", + "uuid": "cb4a756e-673f-4287-9e35-a0cea8a1464c", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -26930,7 +26846,7 @@ ] }, { - "uuid": "82ac80f7-4542-437d-badc-8e54c2b3508d", + "uuid": "fc3dd7c3-dad9-497c-b168-bb10a941b0e1", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -26947,7 +26863,7 @@ ] }, { - "uuid": "fb14635d-b090-4c74-9104-151e9f210239", + "uuid": "dc58543c-ce4f-47bf-a17c-d922f602a4eb", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -26964,7 +26880,7 @@ ] }, { - "uuid": "d9bedc4e-294e-4a10-9a20-9dd6d464abfc", + "uuid": "084ec0ab-dbf3-461c-b9be-36b6b4e76339", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -26981,7 +26897,7 @@ ] }, { - "uuid": "995af2d0-6eb1-4d4f-ae4a-62a9a9202f1f", + "uuid": "611fc06e-92ae-4d1d-90a2-30ed320df708", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -26998,7 +26914,7 @@ ] }, { - "uuid": "43544b43-2468-492b-baac-a24df4b7d981", + "uuid": "608bd064-dc63-4ad9-bd73-63db87537bb8", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -27015,7 +26931,7 @@ ] }, { - "uuid": "10829dab-d31a-441c-8ac7-3ae56a7ff4d8", + "uuid": "389e93ae-a127-454b-aa36-c0925087fa13", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -27032,7 +26948,7 @@ ] }, { - "uuid": "10d09029-937c-475c-92b9-1ae8c752ed59", + "uuid": "263a6897-5550-427e-bf34-3d47b34b8b48", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -27049,7 +26965,7 @@ ] }, { - "uuid": "35b6d692-5ce7-481a-a4d0-77a9182de96d", + "uuid": "f9bd1eb6-1560-4bc9-87a0-f4b9f7e37264", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -27066,7 +26982,7 @@ ] }, { - "uuid": "5c4c5b09-62d2-4ac9-8bf4-937d240ddf59", + "uuid": "a29c6814-a86f-46b4-9e51-4c6295475760", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -27083,7 +26999,7 @@ ] }, { - "uuid": "63bc7b04-b735-4b92-9eaa-5c23987c39ed", + "uuid": "12741dce-1493-4aa6-9e2d-b35fb348b928", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -27100,7 +27016,7 @@ ] }, { - "uuid": "2756b3ed-e5e5-4868-878e-d10433f2a32a", + "uuid": "dbe0d823-b0e4-413c-9c16-05a935d43938", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -27117,7 +27033,7 @@ ] }, { - "uuid": "6e05dc28-dfe9-4e7f-a60a-2c73a46ccfd8", + "uuid": "ce61752b-3624-41fd-9e9d-4ed03eac3cd3", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -27134,7 +27050,7 @@ ] }, { - "uuid": "fe99fbc6-3d1c-4307-8d8a-49c36b45280e", + "uuid": "41b4a59b-8de8-46b9-bf6d-995c170fd7b4", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -27151,7 +27067,7 @@ ] }, { - "uuid": "410f68ce-20d1-471c-b04f-a1c4bb3ff6f3", + "uuid": "cae29167-a9ff-41d1-bcc0-766af0428da0", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -27168,7 +27084,7 @@ ] }, { - "uuid": "31123dd8-9d19-4102-b202-9a55ecb2998d", + "uuid": "30639f70-2643-4cce-ad2d-b9671f6a8399", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -27185,7 +27101,7 @@ ] }, { - "uuid": "4746b771-8edf-485e-a90a-48a63d11ad09", + "uuid": "53c1b655-6853-44b6-a22a-727bb4603d2e", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -27202,7 +27118,7 @@ ] }, { - "uuid": "d6ebdc76-952f-4f6c-82c2-15bf8336734d", + "uuid": "90fa630d-30b7-4b30-af17-2d1ace6797c1", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -27219,7 +27135,7 @@ ] }, { - "uuid": "e38e087f-412d-4b3b-b13f-f784c4f4edd5", + "uuid": "580453dd-037d-4449-a623-04e271a304ec", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -27232,7 +27148,7 @@ ] }, { - "uuid": "6819b764-f17c-4162-9616-4064a8ca8ae4", + "uuid": "1811f64f-537b-4909-b0eb-88848e449257", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -27249,7 +27165,7 @@ ] }, { - "uuid": "7460c3d2-9d9f-4634-bd01-296ae05aea96", + "uuid": "2affa82f-ab84-4a2b-b6c3-017daf6a70d3", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -27262,7 +27178,7 @@ ] }, { - "uuid": "36ba4bca-cd42-410a-8724-da6f450857f9", + "uuid": "9b3900ad-c571-44f9-af30-b4741c1f9a65", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -27275,7 +27191,7 @@ ] }, { - "uuid": "dad48d59-f26c-48de-a791-65e48ce8db38", + "uuid": "15be6663-df92-4e33-992e-439ab33c741f", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -27292,7 +27208,7 @@ ] }, { - "uuid": "06d18c76-5a42-401a-a98a-a99539772065", + "uuid": "630a1400-a7ef-4976-af02-a9ab67e4ca7b", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -27309,7 +27225,7 @@ ] }, { - "uuid": "f5ac151c-3e61-4934-b038-072826d53141", + "uuid": "caecad05-001c-403f-a7fc-f9283faae62e", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -27326,7 +27242,7 @@ ] }, { - "uuid": "fb1f6a1a-995a-4081-98a2-3a5bf860f34f", + "uuid": "12a8ce52-37ca-4b89-a727-da91a8faa6c1", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -27343,7 +27259,7 @@ ] }, { - "uuid": "d92ccb21-1d1b-45e7-8cec-4daca67c3e01", + "uuid": "37e24599-cd0c-46f1-8574-09516804b728", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -27360,7 +27276,7 @@ ] }, { - "uuid": "31f6bf3a-88b4-40af-ba8f-94851643d559", + "uuid": "6608e37b-9815-4779-a188-ba95862a079b", "control-id": "cis_rhel10_1-3.1.8", "description": "No notes for control-id 1.3.1.8.", "props": [ @@ -27377,7 +27293,7 @@ ] }, { - "uuid": "8200bf45-341c-45d1-ba90-30fa7996cdb4", + "uuid": "bbc15c45-734e-4476-804a-03b43b215860", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -27394,50 +27310,34 @@ ] }, { - "uuid": "10d55948-1c84-44de-a63e-75942179b8f1", + "uuid": "1c9b7a63-9be9-4081-b912-3e37a1603146", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "6f5f58b3-979b-4a19-98a7-761d3cadc66b", + "uuid": "3fb24b2c-eeac-450c-b30f-24b362158b43", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -27454,7 +27354,7 @@ ] }, { - "uuid": "cf21b2dd-870f-4177-9301-b81ad5cf4f56", + "uuid": "37c6a25c-f154-4539-b818-97f35c32a706", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -27471,7 +27371,7 @@ ] }, { - "uuid": "9ddd6ded-10fa-4ab4-bc45-ed1fdc91f4bc", + "uuid": "6b9ebdc8-3ce4-4710-90ff-09b3aad53502", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -27488,7 +27388,7 @@ ] }, { - "uuid": "f44bb8c4-555f-4b30-b9d6-9fd1b69a55f7", + "uuid": "cdc03d68-0a3d-442d-920c-6353a695a3d9", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -27505,7 +27405,7 @@ ] }, { - "uuid": "9ea8fada-1c64-45a0-bc5b-3d48cb76ba7a", + "uuid": "c2bc67b4-a383-4dcb-b3a2-a9d7b3240ac1", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -27522,7 +27422,7 @@ ] }, { - "uuid": "211ee73c-ce39-4535-a74a-4e8b40b88182", + "uuid": "db427447-fbb8-43db-b00e-53c4283113eb", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -27539,7 +27439,7 @@ ] }, { - "uuid": "8ef99294-9d04-45ae-bbff-98881373f251", + "uuid": "16394734-6d32-451e-b6e2-4577cd1a6f51", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -27556,7 +27456,7 @@ ] }, { - "uuid": "21ff0df7-5272-4d58-be3f-17535f33e727", + "uuid": "30e9f00a-2580-4343-8575-9f5a92394c3c", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -27573,7 +27473,7 @@ ] }, { - "uuid": "9b174271-fe46-41e6-bbd6-a29a3679c4fc", + "uuid": "e32018d9-d616-409c-ba72-d538578a36fc", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -27590,7 +27490,7 @@ ] }, { - "uuid": "a99865c6-066a-4d10-8322-1ce8df2c2992", + "uuid": "2ef6907a-90e7-4189-9664-95df65a01b78", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -27607,7 +27507,7 @@ ] }, { - "uuid": "e9b931ab-edf8-48d4-9334-a11c8e2f679a", + "uuid": "45c64bf8-8514-4b6e-ad13-8e284efe43e1", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -27624,7 +27524,7 @@ ] }, { - "uuid": "d247f35a-346d-4324-8c98-1168fb9bf4a6", + "uuid": "5b6b6340-8f51-4908-8306-72ed9c414305", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -27641,7 +27541,7 @@ ] }, { - "uuid": "22f9226e-63b7-46c8-bfa4-ded2525a95ae", + "uuid": "41c13ebb-2c7d-4138-bc37-0483c989cc73", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -27658,7 +27558,7 @@ ] }, { - "uuid": "104657c8-23bb-46ed-a813-5c5e2a2e70fe", + "uuid": "8de1f153-abff-4938-84f8-8847450e50c9", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -27675,7 +27575,7 @@ ] }, { - "uuid": "28ade757-4779-4190-bb3f-a618c669ac4f", + "uuid": "6c81a77f-ba12-4f2d-904d-beef721d93fc", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -27692,7 +27592,7 @@ ] }, { - "uuid": "d8f81c9e-23ff-4c19-bf04-1d37699709c6", + "uuid": "5babe739-126a-417b-b2c6-d41ce4e25979", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -27709,7 +27609,7 @@ ] }, { - "uuid": "6738da32-f2dc-4215-be88-e7a88b2cf89d", + "uuid": "6815ba13-9500-4175-8219-90041f1a2a00", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -27736,7 +27636,7 @@ ] }, { - "uuid": "0683c5e5-7e1f-447e-b8ff-e5357f3a4a60", + "uuid": "ed4c8744-64a0-4e02-92e7-e7d826fb53c9", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -27763,7 +27663,7 @@ ] }, { - "uuid": "9a037463-eeb4-4f94-a861-0ec205435fe8", + "uuid": "eb8a02ee-54e1-423c-bc55-20a24ff69b1f", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -27790,7 +27690,7 @@ ] }, { - "uuid": "2f148b9e-0bab-4893-92b5-13201bb9053e", + "uuid": "79b82388-532d-4300-a8e9-c421334988ee", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -27812,7 +27712,7 @@ ] }, { - "uuid": "8e8f7a25-abb3-44d8-b2c0-85a2813a99dd", + "uuid": "d71f7345-59ce-4989-b284-1edea2e5e245", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -27829,7 +27729,7 @@ ] }, { - "uuid": "6cf14e6f-3959-49fc-9353-3b779f37b0d6", + "uuid": "73268ea4-5521-42a7-8e00-5c1403bf711d", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -27861,7 +27761,7 @@ ] }, { - "uuid": "2eac318a-0116-42ed-a0d5-062aa1276fdf", + "uuid": "3c374dae-a647-4d74-b129-9797cb0fcec3", "control-id": "cis_rhel10_1-8.4", "description": "No notes for control-id 1.8.4.", "props": [ @@ -27883,7 +27783,7 @@ ] }, { - "uuid": "df0580bd-86c0-4d64-926a-54247b8034a2", + "uuid": "ade0305e-f701-44c8-8a13-7ae26cb7f000", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -27900,7 +27800,7 @@ ] }, { - "uuid": "52ef88b3-7dc3-44ae-99a1-583c6cbe28ea", + "uuid": "c58f57da-4c68-41c3-ae88-5fcc26d9590a", "control-id": "cis_rhel10_2-1.1", "description": "No notes for control-id 2.1.1.", "props": [ @@ -27917,7 +27817,7 @@ ] }, { - "uuid": "d68ed86f-de11-452b-a35f-1c5bbfa9f0ae", + "uuid": "6942c23d-beae-4b6a-9f54-2b6ba81de034", "control-id": "cis_rhel10_2-1.2", "description": "No notes for control-id 2.1.2.", "props": [ @@ -27934,7 +27834,7 @@ ] }, { - "uuid": "b37d2c62-2020-4eee-bc43-7097ca895d27", + "uuid": "86da00e3-d0b2-46e5-8a4c-db719f89ff2d", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -27951,7 +27851,7 @@ ] }, { - "uuid": "80458ec7-d236-4461-9457-9d40104bafd3", + "uuid": "31e933de-e1b9-424d-b0c8-cdc94ac4605d", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -27968,7 +27868,7 @@ ] }, { - "uuid": "acd79aa3-aea6-4ec7-9c0a-9f0555b31c46", + "uuid": "82bd02d7-85af-418e-923b-760f1c2a7b54", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -27985,7 +27885,7 @@ ] }, { - "uuid": "1e105da0-8f43-42fc-8de3-b2a005eeb11b", + "uuid": "7a4dceae-1b6a-42b0-9ae5-b1812d9b13cc", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -28002,7 +27902,7 @@ ] }, { - "uuid": "96e92e92-c298-4b2c-9a6a-68e337c791de", + "uuid": "401ce675-16cb-4014-bfdf-07c026a8eb50", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -28024,7 +27924,7 @@ ] }, { - "uuid": "462c59ef-b4df-4cbd-b452-bea3ea60d859", + "uuid": "05a55fd1-850b-49a1-aba4-11fbf96db877", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -28041,7 +27941,7 @@ ] }, { - "uuid": "6f8a627d-be99-459e-8d58-3bcf739db82b", + "uuid": "2c284ee9-f8ad-4602-8701-50eba51fdac7", "control-id": "cis_rhel10_2-1.10", "description": "No notes for control-id 2.1.10.", "props": [ @@ -28058,7 +27958,7 @@ ] }, { - "uuid": "bbab8bd4-1cf0-4f30-94c0-38a2ee7800c5", + "uuid": "ac577832-65bf-4760-a262-b8a17bd4b0af", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -28075,7 +27975,7 @@ ] }, { - "uuid": "2ae95b5e-7d56-4833-b43a-ca582050935e", + "uuid": "ec1023cd-d71f-4cd9-856d-606caf1c689a", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -28092,7 +27992,7 @@ ] }, { - "uuid": "33d7fb0c-15a7-4a2c-8271-409271abbf99", + "uuid": "8b9affb8-080d-4c24-aab9-86b0cf84660d", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -28109,7 +28009,7 @@ ] }, { - "uuid": "43b91c21-9950-4884-820f-0ee74da54cd5", + "uuid": "d60342a7-5af6-4dda-b2cf-439c29bc40ea", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -28126,7 +28026,7 @@ ] }, { - "uuid": "48ccf0d0-883b-4eb3-91af-e3266d3ee778", + "uuid": "fcd01ea4-4d04-4599-bbde-80df86943262", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -28143,7 +28043,7 @@ ] }, { - "uuid": "6bc53204-cbf6-4f37-ac9b-7e4d251b1d2c", + "uuid": "f996966c-547d-47eb-86f9-142ffa8d6ce0", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -28160,7 +28060,7 @@ ] }, { - "uuid": "010de78c-4666-48a0-bdc3-20d7540c37e8", + "uuid": "ae3296b0-db7c-466f-9032-f09816edf247", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -28177,7 +28077,7 @@ ] }, { - "uuid": "9da439d3-8393-4dac-b25c-abe0dbf6b164", + "uuid": "4fab87e5-d223-48eb-b8c6-0f4103c87471", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -28199,7 +28099,7 @@ ] }, { - "uuid": "2071e540-686b-47d2-bcf9-9fa925c79f77", + "uuid": "5f791b47-afb1-47ae-b196-0d2d07c84c9b", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -28221,7 +28121,7 @@ ] }, { - "uuid": "135d154b-9225-479f-873e-358e8cdd8275", + "uuid": "f0265b0a-7ec2-43d7-a280-0f82d90002cc", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -28234,7 +28134,7 @@ ] }, { - "uuid": "7a39a166-38e2-4fcd-937d-3e2297b763dc", + "uuid": "33aa3e47-1218-43f2-b7e1-1258a53996db", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -28251,7 +28151,7 @@ ] }, { - "uuid": "36533a87-b984-406f-9450-80a772bc1287", + "uuid": "bfc0f40e-d073-451d-bac8-3f91dfd8dab5", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -28268,7 +28168,7 @@ ] }, { - "uuid": "500a13e4-7b13-43c8-bfb3-e55df9467326", + "uuid": "08b850dd-198d-452c-9f02-6850a55b99fc", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -28285,7 +28185,7 @@ ] }, { - "uuid": "2736178c-f466-4ea9-97ee-15f9d9b71956", + "uuid": "ad7fabd8-9294-48a0-b392-8dd969424225", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -28297,7 +28197,7 @@ ] }, { - "uuid": "d5c34448-5023-4619-8c9b-e833b6c2b7a0", + "uuid": "978b2b16-7ad2-4cd7-95cc-e3b9c7409d32", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -28314,7 +28214,7 @@ ] }, { - "uuid": "f171dca2-ac99-4239-94ad-e7a97d6f4cc6", + "uuid": "172b14b0-26ca-4b1f-a6a4-dbe4f9e84075", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -28331,7 +28231,7 @@ ] }, { - "uuid": "d0d567bf-0054-4ada-9f6a-cc2e9925bc23", + "uuid": "7b3acf13-1b65-41fc-a737-bb71415fc749", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -28353,7 +28253,7 @@ ] }, { - "uuid": "bbb0334d-b2fb-4cd1-9216-87ace981b641", + "uuid": "dcf32de0-021b-4b7f-836e-f879b57d64f8", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -28380,7 +28280,7 @@ ] }, { - "uuid": "50ede21d-9cb5-4394-bc66-5bf344216a1a", + "uuid": "a6a8f5e3-e98f-4267-ad9b-47036fc7eabc", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -28407,7 +28307,7 @@ ] }, { - "uuid": "dc754726-a64a-4b11-ac47-e2a11ea14d11", + "uuid": "d81bd918-666c-43ff-9cc4-1eee1f73b17b", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -28434,7 +28334,7 @@ ] }, { - "uuid": "f9dac5da-a664-44f0-9a42-93a43288a340", + "uuid": "be2a5425-caf7-4320-91a3-354ca06a9728", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -28461,7 +28361,7 @@ ] }, { - "uuid": "7d646790-857b-4304-92a5-8808800b5865", + "uuid": "70592f65-4d7e-4886-ae1f-563dff01f6ba", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -28488,7 +28388,7 @@ ] }, { - "uuid": "f04fef06-6b17-4910-a23e-2271937623f9", + "uuid": "9f778bbd-1320-4814-a6fd-d4c99b3ac239", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -28515,7 +28415,7 @@ ] }, { - "uuid": "ae99d271-e6c7-4e31-a799-0465125a461f", + "uuid": "74aeb77d-cc02-4d98-b1bd-7743c3e4de11", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -28542,7 +28442,7 @@ ] }, { - "uuid": "9d81408a-e2e6-44bb-9e8d-46a72eddc0b1", + "uuid": "4ac2674b-5fd1-45b7-80e6-557331c1c98e", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -28579,7 +28479,7 @@ ] }, { - "uuid": "704e79b4-1d45-42c2-a28f-51bba20ab2e5", + "uuid": "c7fb0dc9-9a5f-4914-af6f-b340e025047e", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -28616,7 +28516,7 @@ ] }, { - "uuid": "60d1b68e-51b3-49c4-b028-99f6a5dbed4a", + "uuid": "8fcac5e5-3913-438c-8a1b-03b43a75bac8", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -28629,7 +28529,7 @@ ] }, { - "uuid": "14bc72de-9cba-4ff4-aed5-ed0361a68c15", + "uuid": "0afc71ea-80ee-422b-bd6d-b369406ffa97", "control-id": "cis_rhel10_3-1.2", "description": "No notes for control-id 3.1.2.", "props": [ @@ -28646,7 +28546,7 @@ ] }, { - "uuid": "0ba08cf2-456a-4557-9d85-841d0105203c", + "uuid": "096a79b8-261d-49cf-9fb1-26917f48406f", "control-id": "cis_rhel10_3-1.3", "description": "No notes for control-id 3.1.3.", "props": [ @@ -28663,7 +28563,7 @@ ] }, { - "uuid": "4128ad8b-2761-47e1-bc67-cb02cb1a7083", + "uuid": "77e33935-c72b-4dbd-b5a5-c2070ea8aeb6", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -28680,7 +28580,7 @@ ] }, { - "uuid": "b9b64174-f629-4769-b2f4-6b95aca98359", + "uuid": "b452b38f-7ef3-4e84-8b8a-cdd70207b8c0", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -28697,7 +28597,7 @@ ] }, { - "uuid": "64d0a18b-fd04-485e-9fe9-020f32229bc5", + "uuid": "c91be890-4803-4924-ba9b-6434eb43aed1", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -28714,7 +28614,7 @@ ] }, { - "uuid": "5e3235e0-609f-405b-89e9-fdd04ea97a3d", + "uuid": "0f09d544-3809-42da-8ba8-ca34fc533088", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -28731,7 +28631,7 @@ ] }, { - "uuid": "da5d33f6-8f43-462a-89c1-dad069451e06", + "uuid": "5af36334-5ce7-4d2a-9de1-c799e354c015", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -28748,7 +28648,7 @@ ] }, { - "uuid": "6ef61ce9-2a2e-4955-8762-499b01d1251c", + "uuid": "32bdae54-78b5-48ad-8fc1-28da9e9fdbed", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -28765,7 +28665,7 @@ ] }, { - "uuid": "f2755a0f-d819-465c-bd08-8856dbf498af", + "uuid": "fd4f86fa-759c-418f-98e6-a00a75e15aa4", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -28782,7 +28682,7 @@ ] }, { - "uuid": "ad2c3928-4687-4d23-960f-a79d83ef6ae8", + "uuid": "ad1e14eb-83f5-4ce0-a451-95495121fe4e", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -28799,7 +28699,7 @@ ] }, { - "uuid": "016b32cb-e8d4-43c0-8a52-2162fee360bf", + "uuid": "44caae82-c93c-415f-b057-e318ddf2f840", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -28816,7 +28716,7 @@ ] }, { - "uuid": "3ece15c4-6ce0-4d63-ac4b-cf72990adfdd", + "uuid": "93f4688a-79d7-43e4-8a83-dcf5e643f185", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -28833,7 +28733,7 @@ ] }, { - "uuid": "a384733a-eb8d-4d25-b4cd-6d1a876cd01b", + "uuid": "9d0bca7f-c5af-4409-b006-219425898566", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -28850,7 +28750,7 @@ ] }, { - "uuid": "20291887-143c-4cb5-858f-9d1258047c0e", + "uuid": "01c62e13-b265-48ea-98d2-a47150d99d6f", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -28867,7 +28767,7 @@ ] }, { - "uuid": "cb8c84a2-02e3-43ba-9c37-a2c64cdb5cc4", + "uuid": "510af3ec-2d7c-419c-914f-e1286b7aecf6", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -28884,7 +28784,7 @@ ] }, { - "uuid": "cba89ffd-58df-4f5a-86a2-dac1988b73ab", + "uuid": "3a988e48-c873-495f-b9d5-2dad6139920f", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -28901,7 +28801,7 @@ ] }, { - "uuid": "92a1e6ba-3646-4d97-b704-e34e62da22ad", + "uuid": "8c4f0bb7-fe94-4cf7-b443-12e836c2db48", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -28918,7 +28818,7 @@ ] }, { - "uuid": "8cb3bd36-cdd4-422a-aa88-40eb8261b999", + "uuid": "ca4f2d28-3066-490e-8d64-a467a38c37c6", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -28935,7 +28835,7 @@ ] }, { - "uuid": "00ff322b-f94a-4a3a-9986-b8a3bab8d934", + "uuid": "4b1b6073-8647-4f67-9cd5-6031e5eaf6f4", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -28952,7 +28852,7 @@ ] }, { - "uuid": "33a08ee6-349e-4f68-b837-5cbb931116d7", + "uuid": "56b3c27a-a0b1-4f13-9d7a-915ee5af0eae", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -28969,7 +28869,7 @@ ] }, { - "uuid": "08195d7a-3e51-4cca-9d2b-09d28d7efdf0", + "uuid": "e244edaf-4c23-4da9-a20b-51f6d52ce746", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -28986,7 +28886,7 @@ ] }, { - "uuid": "96372339-91f3-43ae-9990-ee0462b52781", + "uuid": "f29c77cb-0fdb-405e-9838-44a29cf7c231", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -29003,7 +28903,7 @@ ] }, { - "uuid": "a7a1ca42-a990-499a-86ff-835ebea2649b", + "uuid": "8f449f70-2245-47f7-866f-0da935f5fa24", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -29020,7 +28920,7 @@ ] }, { - "uuid": "38c10a0e-88ea-456e-abb3-949cc8eafc57", + "uuid": "26e1b471-535b-464e-a4ec-80e1d6ed443e", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -29037,7 +28937,7 @@ ] }, { - "uuid": "4268c86e-00b7-4849-9481-aa162a36e19b", + "uuid": "85368497-d124-478f-b6fb-28fea7beb852", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -29054,7 +28954,7 @@ ] }, { - "uuid": "1d3da3da-9d41-4bd9-b288-cf118212aa49", + "uuid": "b970bc72-da67-4d79-9c35-03a527437946", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -29071,7 +28971,7 @@ ] }, { - "uuid": "ee0b9bbe-e416-453c-99fa-58d396fbee17", + "uuid": "974fd83d-6c45-4156-a336-f2317f956b87", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -29088,7 +28988,7 @@ ] }, { - "uuid": "d9a863d8-c21f-49ff-a3f8-a0146d22ee7f", + "uuid": "d573210b-13a3-4e5c-9a4b-06d29d93e3bc", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -29105,7 +29005,7 @@ ] }, { - "uuid": "9c10b306-64f4-4b6d-bb4e-f97cafff29ca", + "uuid": "2dbcc48f-9585-4fcf-aa87-9cf94b3ff184", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -29122,7 +29022,7 @@ ] }, { - "uuid": "6806079c-f1ef-497e-a934-973354de86d9", + "uuid": "c93706d5-4462-453d-bcec-7466aa9afcbb", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -29139,7 +29039,7 @@ ] }, { - "uuid": "a56345d2-e26e-4585-9eca-3f116e2d906a", + "uuid": "f501f0d1-fdfb-41e4-a24c-ebc2d945baaf", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -29156,7 +29056,7 @@ ] }, { - "uuid": "3f714526-c99d-45c9-9a26-7b6610f397b7", + "uuid": "44a93edf-e457-4740-9313-a91e1aef2d27", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -29173,7 +29073,7 @@ ] }, { - "uuid": "0055c561-e6a5-4c81-8764-9f92b5dd1b70", + "uuid": "f805e423-a5c8-4d97-89bb-a1d3525d18da", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -29190,7 +29090,7 @@ ] }, { - "uuid": "965f9bcf-96c4-4f7b-bf1e-e63f799a9c31", + "uuid": "cf9f3121-478a-484f-a961-e5055c6ec798", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -29207,7 +29107,7 @@ ] }, { - "uuid": "6fb99015-1c05-4a13-bd66-e981b7bb1b73", + "uuid": "b7c9544e-15fb-4f32-93f8-6446f6015ad4", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -29224,7 +29124,7 @@ ] }, { - "uuid": "1f6f2e84-8e79-419b-b4de-084bb3a4359a", + "uuid": "647bf0be-9580-4996-9caf-21acb337b7e1", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -29241,7 +29141,7 @@ ] }, { - "uuid": "9d3baf9d-2982-4c48-9a79-7e085169b21d", + "uuid": "ff220aaf-b682-4eec-b9f7-85e8b9bb1cc5", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -29249,12 +29149,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "d988df1b-83d7-46bd-9583-d4d38979c2ec", + "uuid": "f9fd897f-b874-45b6-8f7b-5380e849afd0", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -29271,7 +29171,7 @@ ] }, { - "uuid": "7cfb4da0-84c1-44f6-a070-58908eb5568b", + "uuid": "fdb27db3-e2c5-4fa0-b510-cb28ae3260ff", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -29284,7 +29184,7 @@ ] }, { - "uuid": "b5c2970c-34b4-4a9c-a89f-56cef11fd652", + "uuid": "2ae576d8-6bfc-4393-9d2d-27bf75c0719c", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -29297,7 +29197,7 @@ ] }, { - "uuid": "4f1c98d6-89d8-49b9-8903-9906b9443328", + "uuid": "6a06e4ae-48f0-4357-b525-ee43675c1b70", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -29354,7 +29254,7 @@ ] }, { - "uuid": "295c9ddd-7de7-4535-8abd-9a411dad08c5", + "uuid": "834bf7f9-b832-47f1-96cb-dde391edd568", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -29381,7 +29281,7 @@ ] }, { - "uuid": "d8581c1a-56f3-4ad8-8dea-39022febf84a", + "uuid": "8ba1ca58-3861-443f-bd7e-ae595bc88228", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -29408,7 +29308,7 @@ ] }, { - "uuid": "ad1688d3-d687-4239-a521-4ba3ea28a1db", + "uuid": "f76b7e07-7d63-4bb1-877e-cc4996accbb6", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -29425,7 +29325,7 @@ ] }, { - "uuid": "97c2b490-3929-4225-92e2-960bf15bfdff", + "uuid": "6e43b312-5eb2-4746-a5ce-3657e2207678", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -29442,7 +29342,7 @@ ] }, { - "uuid": "4c1ea0c7-edda-48ae-bdbe-61dffe24de48", + "uuid": "32c4907b-b008-4cad-997e-a51173af6384", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -29459,7 +29359,7 @@ ] }, { - "uuid": "dc623b16-cd7e-4685-81aa-d7c688c15607", + "uuid": "e81474a6-8896-457c-9220-e86c5579752e", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -29481,7 +29381,7 @@ ] }, { - "uuid": "aa638a9c-9411-45e5-903c-034044346179", + "uuid": "77e31d33-efa3-4b4e-9420-e06231e749d6", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -29498,7 +29398,7 @@ ] }, { - "uuid": "eb3be091-6aa6-4993-95a4-70e44d822bac", + "uuid": "a82f1363-7386-4a62-a83f-3f8673560c97", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -29515,7 +29415,7 @@ ] }, { - "uuid": "8ab89840-ba42-4c56-bf41-f8681f9d69ca", + "uuid": "4cdd6958-7d82-449c-91ce-671c90888b66", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -29533,7 +29433,7 @@ ] }, { - "uuid": "d8f76811-83e7-4b2a-877a-007db4ec82df", + "uuid": "b9a80fac-6b9c-4e50-bf53-79b815ba6713", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -29550,7 +29450,7 @@ ] }, { - "uuid": "3c01bb18-a7de-4f4b-ae7b-0dfb55c59430", + "uuid": "68ec7a39-ddc0-429e-800a-fc036e761ff9", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -29567,7 +29467,7 @@ ] }, { - "uuid": "493cabaa-ea87-4a3a-bfdc-62587a9b142e", + "uuid": "928f9c3b-7bb1-46c3-8523-b544bdf491d0", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -29584,7 +29484,7 @@ ] }, { - "uuid": "e7dc442f-a167-4033-ada7-c4408a0c5437", + "uuid": "300263c8-0d7a-4f66-ab9d-e4c16ee2d807", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -29601,7 +29501,7 @@ ] }, { - "uuid": "340dc963-a592-408d-9cb4-a918d160a846", + "uuid": "82cb9a0b-591f-41ea-8364-a01ad062f1e5", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -29618,7 +29518,7 @@ ] }, { - "uuid": "a403ceba-b849-4960-9dfa-17f813e0934e", + "uuid": "56988daa-3a0a-4e7c-bcf4-c0333eeb21fc", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -29635,7 +29535,7 @@ ] }, { - "uuid": "97d089b7-ab1f-4a9f-bb39-2c79dec521c9", + "uuid": "8378edc0-0f02-4b04-994d-8999158c443c", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -29652,7 +29552,7 @@ ] }, { - "uuid": "f6aa29d7-d9d4-4882-a278-2e9702fee65e", + "uuid": "6d26662d-10af-4aba-9389-b0be28dd474c", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -29669,7 +29569,7 @@ ] }, { - "uuid": "831fa02b-ba62-40f8-b774-27b35831eb47", + "uuid": "b256a28a-1c7f-47c3-917c-4427aa9b7d76", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -29686,7 +29586,7 @@ ] }, { - "uuid": "82016305-674f-499a-8db4-38782fd45db4", + "uuid": "ef936850-4931-43f5-8159-beb54d96653a", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -29703,7 +29603,7 @@ ] }, { - "uuid": "5f6904c0-aefd-438c-a347-d2aa912ee29b", + "uuid": "8f66d6de-e7a5-4fd2-b7b2-ed98221d0819", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -29720,7 +29620,7 @@ ] }, { - "uuid": "168c7024-58f0-495a-bc5c-2403a905d232", + "uuid": "e4bce5ed-aa75-44d4-bd1a-a9e82bdc9c70", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -29737,7 +29637,7 @@ ] }, { - "uuid": "21afe0ab-bc07-4d49-9728-e4e40f4d7c26", + "uuid": "9728b36a-044a-4a0d-a554-8deb08fa77ae", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -29754,7 +29654,7 @@ ] }, { - "uuid": "e1d4b996-bbae-4736-8cd0-c05cfdc3f168", + "uuid": "1b5e4aa4-8167-4589-ad0f-a7618f489bc9", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -29771,7 +29671,7 @@ ] }, { - "uuid": "77bd3d84-c6f3-4c17-acb6-e3f6c59ad4df", + "uuid": "6cd8495f-04e0-418c-b266-a4734d92727a", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -29788,7 +29688,7 @@ ] }, { - "uuid": "77cae2e5-e348-4103-b61c-fa484601e9f2", + "uuid": "2829ef8a-df8c-4ac7-9a79-b76950ffd3b9", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -29810,7 +29710,7 @@ ] }, { - "uuid": "d0a5695c-fb8e-4794-b25b-33272dedb232", + "uuid": "8f6295dd-2fdf-4342-8e4b-6b57251841fc", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -29822,7 +29722,7 @@ ] }, { - "uuid": "0eb61000-2ee3-4307-a3ce-7af5b0485aae", + "uuid": "e22d973a-a966-4b51-8f44-c905de8abf57", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -29844,7 +29744,7 @@ ] }, { - "uuid": "517b3445-18d5-4973-81b9-607747e68979", + "uuid": "6c5c4447-5317-442e-8af5-a11655ee8b2e", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -29871,7 +29771,7 @@ ] }, { - "uuid": "d4db87f3-ca1e-4fbf-952e-d9716e2c3497", + "uuid": "007596eb-e8eb-4876-8ea7-4666efde56bd", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -29883,7 +29783,7 @@ ] }, { - "uuid": "bc478cae-56d8-4038-8ecf-91570d7bd331", + "uuid": "c97b26a4-0169-470f-96fd-514221641b28", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -29900,7 +29800,7 @@ ] }, { - "uuid": "93bd4178-add7-4f1f-8960-d99bf41667dd", + "uuid": "556dc5fa-31da-447e-9684-750c2479f479", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -29917,7 +29817,7 @@ ] }, { - "uuid": "a6b5636c-d1a0-4ca9-83ef-bfc49a6e59e3", + "uuid": "8b86e8c3-dfb4-4ee1-af21-a4abe815972f", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -29934,7 +29834,7 @@ ] }, { - "uuid": "7555693e-c66c-4cd5-8164-24a2b3f1e224", + "uuid": "3d58760a-bb78-4b96-b7cd-592eab108782", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -29951,7 +29851,7 @@ ] }, { - "uuid": "a59c9b55-f069-4939-a37a-462100c8e647", + "uuid": "7a554e39-e767-45aa-9efb-b36497456393", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -29968,7 +29868,7 @@ ] }, { - "uuid": "9aa760b3-eab7-43e7-b4fe-4f90ea70bac7", + "uuid": "de642430-0f09-47ca-8539-4b14d684d49b", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -29985,7 +29885,7 @@ ] }, { - "uuid": "8f348608-dbed-4181-94e7-38c115caab3f", + "uuid": "b0c5254b-dda2-4187-b2fb-bf5df1815e64", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -30002,7 +29902,7 @@ ] }, { - "uuid": "973ad207-ba7b-49a1-8fcb-5e5f7c9dbf72", + "uuid": "9024c0b0-7344-46ed-9d2b-e83192af6933", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -30019,7 +29919,7 @@ ] }, { - "uuid": "93089651-6a22-4889-b7a8-e45e5beda36f", + "uuid": "87ea3f86-eda1-4f7b-997d-f6b021abab68", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -30036,7 +29936,7 @@ ] }, { - "uuid": "e9245dea-9487-47af-b9ad-276c77cb0a3a", + "uuid": "9fde125c-ab2d-4feb-8e7d-0efbb9c7b70b", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -30053,7 +29953,7 @@ ] }, { - "uuid": "122b47ae-f6d5-48d3-9c17-74c48e51c89b", + "uuid": "e73a2cd8-eb62-4a9f-9e54-665c8639d6e7", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -30075,7 +29975,7 @@ ] }, { - "uuid": "c3d8b5b3-affc-4434-b705-2b9e5868897a", + "uuid": "2c6bb747-2783-4596-b092-0ad67e7a7718", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -30092,7 +29992,7 @@ ] }, { - "uuid": "80b82fcd-c8b5-4b39-bd02-805a8d516dd4", + "uuid": "257b1310-0f2a-4f65-9ddf-82059c3400e1", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -30109,7 +30009,7 @@ ] }, { - "uuid": "04ce474e-c37e-4391-884a-51077ade60e1", + "uuid": "7840562a-cec5-4214-aea2-533e7ccea494", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -30126,7 +30026,7 @@ ] }, { - "uuid": "3f30518f-8088-4ed3-95b4-1e6d26b544a6", + "uuid": "753d269c-112c-42d4-b3f8-9ae12eeeba5d", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -30143,7 +30043,7 @@ ] }, { - "uuid": "bc7c3c8a-5f3c-4531-bd07-ced45f86268d", + "uuid": "9aef7a90-2f04-448d-be3b-65b19224be57", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -30165,7 +30065,7 @@ ] }, { - "uuid": "0f1a44a6-be6a-4266-8100-1c5d44edf471", + "uuid": "abe92601-0ffb-4260-a251-2382179d414a", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -30182,7 +30082,7 @@ ] }, { - "uuid": "9a6c438d-1a8f-4ac7-99bb-802d32f71ebd", + "uuid": "65aff169-eb75-4c49-8201-68d536c0ba03", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -30204,7 +30104,7 @@ ] }, { - "uuid": "8dd14ecb-7361-4ee4-98ed-78bb5052d1bd", + "uuid": "5c5c4e08-253c-4780-92ad-5d3c7364562b", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -30226,20 +30126,15 @@ ] }, { - "uuid": "479bc838-00a6-4e7a-8ec7-e047b317228d", + "uuid": "905a4654-9889-4706-8d16-808c378d151f", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -30248,7 +30143,7 @@ ] }, { - "uuid": "3fc86471-f698-40ea-a1c4-08c157d917bc", + "uuid": "e0e63850-0af0-4fba-8408-c2cd87471342", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -30270,7 +30165,7 @@ ] }, { - "uuid": "0d45a161-f39b-4eb4-bb36-37823e5acd24", + "uuid": "803b2b37-d302-4ce0-bc7f-2bf7c1bee646", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -30287,7 +30182,7 @@ ] }, { - "uuid": "62429839-28c0-4ce9-a382-d9839250d6a6", + "uuid": "1a244946-4b0b-4ccd-b0c0-4fa2de3e976f", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -30304,7 +30199,7 @@ ] }, { - "uuid": "5fb63d4a-e739-42a0-a353-d49bee0a4559", + "uuid": "6a69686b-430e-438c-905f-35534d63544a", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -30321,7 +30216,7 @@ ] }, { - "uuid": "95b89d04-835b-462a-8aff-fbefe5adf249", + "uuid": "bbb1f506-e749-4c8d-8958-07c7b7a474af", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -30338,7 +30233,7 @@ ] }, { - "uuid": "46accdb3-a0fc-4134-b7ca-8cb0f2f11e00", + "uuid": "30ca9974-b498-4665-a800-b11ebcfa76d9", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -30355,7 +30250,7 @@ ] }, { - "uuid": "1cc8944e-657c-43fd-9f98-7959347b7b4b", + "uuid": "7fe8fd35-18bc-4978-8987-7c2d18a89d5f", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -30377,7 +30272,7 @@ ] }, { - "uuid": "45a0e049-26c7-4f6a-9103-efda8b92ab84", + "uuid": "72fe5644-301f-4928-9030-b1becd31d247", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -30394,7 +30289,7 @@ ] }, { - "uuid": "1ec07de3-1371-4cd8-ad8e-9c727150029b", + "uuid": "45719379-7a19-41f6-9443-76f4a4865376", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -30416,19 +30311,24 @@ ] }, { - "uuid": "52eaa073-ff62-4f5b-a00f-8e1f81bcf282", + "uuid": "711499ea-85f2-40b7-8390-20f9aef369f5", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "76353950-c64f-4bda-899c-894c34e0921f", + "uuid": "b4ca104d-df25-4260-827c-54e8e20a5339", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -30445,7 +30345,7 @@ ] }, { - "uuid": "7a90ab90-dedc-4e49-8633-836550910ced", + "uuid": "e1321687-10ff-4ae8-bd90-089a795c7431", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -30472,7 +30372,7 @@ ] }, { - "uuid": "1ea04409-605c-4cfd-877a-67fba3e8435d", + "uuid": "cbe862b8-52a7-4a47-bf2b-97d299e20730", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -30494,7 +30394,7 @@ ] }, { - "uuid": "85f4031d-7a93-4b95-b5cd-b3ee227a3712", + "uuid": "ff1fb275-aa26-4be5-b881-1a3a30af080c", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -30511,7 +30411,7 @@ ] }, { - "uuid": "402bec13-ee86-47eb-a6a5-81b262c34e6b", + "uuid": "db4738e6-9ec6-40d0-935a-1386070b1b90", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -30528,7 +30428,7 @@ ] }, { - "uuid": "eb77692a-8025-44de-afd1-2a3a768d818c", + "uuid": "33085f70-9ac5-4b30-a69d-ecd6a7d0768f", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -30545,7 +30445,7 @@ ] }, { - "uuid": "786aeba6-1ece-4e24-b34d-a39e65c728b3", + "uuid": "a5f3899c-fec5-4429-9819-2f024b5fbd0f", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -30558,7 +30458,7 @@ ] }, { - "uuid": "f0289534-633e-402d-b603-75a30c5dc43c", + "uuid": "9696c728-6d4c-43fc-a4f3-51f7312104fd", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -30571,20 +30471,24 @@ ] }, { - "uuid": "7f081707-daad-422c-8bb5-80c7e9d199e6", + "uuid": "7310b424-9778-4f4b-8c24-7caaede884ae", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "4b562ebc-fe77-4f69-b832-4430f52b53b2", + "uuid": "9f1f7afc-8fac-41f7-a5f8-96e1b8c33011", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -30601,7 +30505,7 @@ ] }, { - "uuid": "c9ea5d6c-5960-42fd-84e9-51e4ead8bdfe", + "uuid": "48a807df-1ee6-4a26-9ad4-0ec319ad699e", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -30614,7 +30518,7 @@ ] }, { - "uuid": "e8fdba55-b933-4058-847e-6b93071b44df", + "uuid": "fe718250-ae2a-4e3d-9697-c456d8e7ed89", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -30631,7 +30535,7 @@ ] }, { - "uuid": "e9f66b54-6dde-42c3-9e64-ef16d9ec9eb5", + "uuid": "e5c05602-c75f-4889-b25b-1e3ccc138a7a", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -30648,7 +30552,7 @@ ] }, { - "uuid": "70b08482-f8d7-47ed-8972-5e8e0d3143f6", + "uuid": "d46f6e2a-9348-45f9-b372-3710216c5131", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -30665,7 +30569,7 @@ ] }, { - "uuid": "7e6dd914-cda3-4439-adda-c6a2f3b1f70b", + "uuid": "e79dd7ae-f1c3-422d-818d-9773bf68e101", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -30682,7 +30586,7 @@ ] }, { - "uuid": "e8e94e4b-90a5-45ac-a073-db9c7f330f8d", + "uuid": "3604ed71-4309-403c-ae47-51565075bc33", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -30699,7 +30603,7 @@ ] }, { - "uuid": "b70d037a-f02f-4e5b-ae85-2751741fd9ba", + "uuid": "df8619cd-5d78-4482-a700-da692656bd86", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -30711,7 +30615,7 @@ ] }, { - "uuid": "49e506c4-0788-4d5f-ad27-e276205890b5", + "uuid": "07d6ff1e-a16c-4406-b67c-779a1147e02c", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -30723,7 +30627,7 @@ ] }, { - "uuid": "69993a99-29ed-4927-8735-68bab1b165df", + "uuid": "d9959657-2095-448c-a17b-b5230cbace8d", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -30735,7 +30639,7 @@ ] }, { - "uuid": "6f5be2fa-8149-4d4a-a10d-53d3e5031290", + "uuid": "4c10299a-6e28-4ecf-a4fa-fa08293a49e7", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -30747,7 +30651,7 @@ ] }, { - "uuid": "84738ad5-c417-4d45-921d-16ff5948abec", + "uuid": "f1eed118-3224-4105-aeb3-3e9de2caa8bc", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -30760,7 +30664,7 @@ ] }, { - "uuid": "74b7147a-95ae-4411-8512-806d898396ca", + "uuid": "fa84f2e8-b15b-48a6-92d6-9e54ded1ff6d", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -30773,7 +30677,7 @@ ] }, { - "uuid": "99445702-d773-4f43-8bfc-9ea5342ed123", + "uuid": "01d23910-ea00-4b27-b8dd-c52fd17afd55", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -30785,7 +30689,7 @@ ] }, { - "uuid": "3a6a2d20-1919-418d-a3ce-825c166a4060", + "uuid": "0591e613-e493-4f2a-915b-f4d7b1acffeb", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -30798,7 +30702,7 @@ ] }, { - "uuid": "5e4d3e35-80d9-4389-8a2c-6747ba66e3d9", + "uuid": "fa97e35f-8ec8-4c30-a5a6-98ea7e8d8c98", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -30825,7 +30729,7 @@ ] }, { - "uuid": "a7b931ee-b709-4603-b5e6-47ac52a77283", + "uuid": "6044075f-a601-4b9d-ab47-7544ba92d2e8", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -30852,7 +30756,7 @@ ] }, { - "uuid": "1d1e8d70-7454-49ae-ae2f-6ae494312b30", + "uuid": "92bca0ae-b6ba-4fc4-bcfe-3b3335b453f0", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -30879,7 +30783,7 @@ ] }, { - "uuid": "2b02eced-91e0-463a-9566-af7df4e1a9c6", + "uuid": "b9d21bb2-3361-4583-bbf3-0ee74229c6bf", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -30906,7 +30810,7 @@ ] }, { - "uuid": "9aeb05cd-fd60-4a19-a192-ddafb38cdb6f", + "uuid": "c76d656d-9f66-4f5b-88ba-405ce73b7519", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -30933,7 +30837,7 @@ ] }, { - "uuid": "e9f22566-fa06-4b15-a7e9-df2770de3c17", + "uuid": "9bbfad3e-731c-45fc-b740-d852d7648a01", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -30960,7 +30864,7 @@ ] }, { - "uuid": "aef625c8-ed5f-415c-a09e-9065b59f5b05", + "uuid": "97796fdb-fbdd-4e96-a2ec-a00d481ece38", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -30987,7 +30891,7 @@ ] }, { - "uuid": "b257be93-91f9-43b1-9029-9fbd1eb83c86", + "uuid": "8c14f806-f90e-423d-bd71-84643c27dc3f", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -31014,7 +30918,7 @@ ] }, { - "uuid": "c14cc767-c754-4a58-a6e3-f210bee46d30", + "uuid": "43409dc1-ddf2-4354-9281-40fa24861f92", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -31041,7 +30945,7 @@ ] }, { - "uuid": "dcd19737-bd71-4495-a4a2-1a5ba786854f", + "uuid": "a49e4fac-1cb8-405c-ac00-642c74296d26", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -31068,7 +30972,7 @@ ] }, { - "uuid": "ab0998c9-f9fe-4d37-8420-038114b44d44", + "uuid": "3cf55aa3-723d-4e9a-add2-5a542789473f", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -31110,7 +31014,7 @@ ] }, { - "uuid": "a19c3232-d320-4c8e-a445-783251920684", + "uuid": "9317918f-400c-4438-b26c-e569244ba8f6", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -31132,7 +31036,7 @@ ] }, { - "uuid": "652efb64-0fbb-4a8f-85a0-d1dd8d18b59a", + "uuid": "881a985b-e9f1-4017-afcb-1ad2149f81ee", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -31154,7 +31058,7 @@ ] }, { - "uuid": "1f2aff2b-e1b1-44d4-b522-50978370a8cf", + "uuid": "d20a321d-0a53-476c-8c4c-96d5abd5d5b7", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -31167,7 +31071,7 @@ ] }, { - "uuid": "8cea2946-51d6-4f68-bdaf-b4a7e16f0095", + "uuid": "678e10c4-f0dc-4f6f-a382-690d5280c606", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -31184,7 +31088,7 @@ ] }, { - "uuid": "89f74498-8d19-4fe7-9a94-64e34410d19c", + "uuid": "7ad9737d-205d-44a8-9972-9cee7483f4ad", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -31201,7 +31105,7 @@ ] }, { - "uuid": "18a1b8c2-da21-4e57-a439-52d73d65da64", + "uuid": "e40a143f-dffb-4865-87e0-398cf003b475", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -31218,7 +31122,7 @@ ] }, { - "uuid": "b03cad7e-c5a5-4adc-9f8f-59e0f4a35239", + "uuid": "ee60a632-0643-4462-970f-2dd41e683fbd", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -31235,7 +31139,7 @@ ] }, { - "uuid": "fe160430-2bf3-43fc-be42-2e3f0cabfb5e", + "uuid": "041d3a3b-0a43-4d93-875c-0dae6c55c174", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -31252,7 +31156,7 @@ ] }, { - "uuid": "c3c6dd21-4c7f-468f-9fa8-a0f54660f2bd", + "uuid": "c1fa9e97-b917-4e5b-8744-afa34739ad98", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -31269,7 +31173,7 @@ ] }, { - "uuid": "db500e5c-e96f-4599-ac69-8c34cf999552", + "uuid": "b8a867ce-6cf6-4c5f-98fb-d974e26bac5a", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -31286,7 +31190,7 @@ ] }, { - "uuid": "e812c160-9c9c-43ef-9f58-4e667ef58e26", + "uuid": "58c90e64-3fd4-44bd-9929-4dbd232aa2d7", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -31313,7 +31217,7 @@ ] }, { - "uuid": "950ad4ab-2f32-4781-abc1-d9a2c4dddf5f", + "uuid": "910fab03-8b17-43fd-918f-ab0f79e2fcd5", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ diff --git a/component-definitions/rhel10/rhel10-cis_rhel10-l2_workstation/component-definition.json b/component-definitions/rhel10/rhel10-cis_rhel10-l2_workstation/component-definition.json index c312eafd8..8fcd351dd 100644 --- a/component-definitions/rhel10/rhel10-cis_rhel10-l2_workstation/component-definition.json +++ b/component-definitions/rhel10/rhel10-cis_rhel10-l2_workstation/component-definition.json @@ -3,8 +3,8 @@ "uuid": "9025707c-c78d-4c60-a2df-d0a822467a29", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:27:13.164275+00:00", - "version": "4.3", + "last-modified": "2025-12-17T10:48:51.447427+00:00", + "version": "4.7", "oscal-version": "1.1.3" }, "components": [ @@ -887,7 +887,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -905,7 +905,7 @@ { "name": "Parameter_Value_Alternatives_48", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -1631,4783 +1631,4759 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "package_kea_removed", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Uninstall kea Package", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "package_bind_removed", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Uninstall bind Package", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_dnsmasq_removed", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "package_rsync_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Uninstall rsync Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_samba_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall Samba Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "kernel_module_can_disabled", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable CAN Support", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable DCCP Support", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "sshd_disable_forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable SSH Forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "disable_host_auth", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_forwarding", + "value": "sshd_disable_rhosts", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Forwarding", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_use_strong_kex", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", + "value": "package_systemd-journal-remote_installed", "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", + "value": "Install systemd-journal-remote Package", "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", + "value": "service_systemd-journal-upload_enabled", "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", + "value": "Enable systemd-journal-upload Service", "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_systemd-journal-remote_installed", + "value": "socket_systemd-journal-remote_disabled", "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install systemd-journal-remote Package", + "value": "Disable systemd-journal-remote Socket", "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journal-upload_enabled", + "value": "journald_disable_forward_to_syslog", "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journal-upload Service", + "value": "Ensure journald ForwardToSyslog is disabled", "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "socket_systemd-journal-remote_disabled", + "value": "journald_compress", "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable systemd-journal-remote Socket", + "value": "Ensure journald is configured to compress large log files", "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_disable_forward_to_syslog", + "value": "journald_storage", "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald ForwardToSyslog is disabled", + "value": "Ensure journald is configured to write log files to persistent disk", "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_compress", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to compress large log files", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "journald_storage", + "value": "rsyslog_files_ownership", "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure journald is configured to write log files to persistent disk", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_files_permissions", "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "file_groupowner_etc_passwd", "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "Verify Group Who Owns passwd File", "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "file_owner_etc_passwd", "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "Verify User Who Owns passwd File", "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_passwd", + "value": "file_permissions_etc_passwd", "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns passwd File", + "value": "Verify Permissions on passwd File", "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_passwd", + "value": "file_groupowner_backup_etc_passwd", "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns passwd File", + "value": "Verify Group Who Owns Backup passwd File", "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_passwd", + "value": "file_owner_backup_etc_passwd", "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on passwd File", + "value": "Verify User Who Owns Backup passwd File", "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_passwd", + "value": "file_permissions_backup_etc_passwd", "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup passwd File", + "value": "Verify Permissions on Backup passwd File", "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_passwd", + "value": "file_groupowner_etc_group", "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup passwd File", + "value": "Verify Group Who Owns group File", "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_passwd", + "value": "file_owner_etc_group", "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup passwd File", + "value": "Verify User Who Owns group File", "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_group", + "value": "file_permissions_etc_group", "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns group File", + "value": "Verify Permissions on group File", "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_group", + "value": "file_groupowner_backup_etc_group", "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns group File", + "value": "Verify Group Who Owns Backup group File", "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_group", + "value": "file_owner_backup_etc_group", "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on group File", + "value": "Verify User Who Owns Backup group File", "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_group", + "value": "file_permissions_backup_etc_group", "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup group File", + "value": "Verify Permissions on Backup group File", "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_group", + "value": "file_owner_etc_shadow", "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup group File", + "value": "Verify User Who Owns shadow File", "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_group", + "value": "file_groupowner_etc_shadow", "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup group File", + "value": "Verify Group Who Owns shadow File", "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shadow", + "value": "file_permissions_etc_shadow", "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns shadow File", + "value": "Verify Permissions on shadow File", "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shadow", + "value": "file_groupowner_backup_etc_shadow", "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns shadow File", + "value": "Verify User Who Owns Backup shadow File", "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shadow", + "value": "file_owner_backup_etc_shadow", "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on shadow File", + "value": "Verify Group Who Owns Backup shadow File", "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_shadow", + "value": "file_permissions_backup_etc_shadow", "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup shadow File", + "value": "Verify Permissions on Backup shadow File", "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_shadow", + "value": "file_groupowner_etc_gshadow", "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup shadow File", + "value": "Verify Group Who Owns gshadow File", "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_shadow", + "value": "file_owner_etc_gshadow", "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup shadow File", + "value": "Verify User Who Owns gshadow File", "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_gshadow", + "value": "file_permissions_etc_gshadow", "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns gshadow File", + "value": "Verify Permissions on gshadow File", "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_gshadow", + "value": "file_groupowner_backup_etc_gshadow", "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns gshadow File", + "value": "Verify Group Who Owns Backup gshadow File", "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_gshadow", + "value": "file_owner_backup_etc_gshadow", "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on gshadow File", + "value": "Verify User Who Owns Backup gshadow File", "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_backup_etc_gshadow", + "value": "file_permissions_backup_etc_gshadow", "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Backup gshadow File", + "value": "Verify Permissions on Backup gshadow File", "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_backup_etc_gshadow", + "value": "file_groupowner_etc_shells", "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns Backup gshadow File", + "value": "Verify Group Who Owns /etc/shells File", "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_backup_etc_gshadow", + "value": "file_owner_etc_shells", "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on Backup gshadow File", + "value": "Verify Who Owns /etc/shells File", "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_shells", + "value": "file_permissions_etc_shells", "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/shells File", + "value": "Verify Permissions on /etc/shells File", "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_shells", + "value": "file_groupowner_etc_security_opasswd", "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Who Owns /etc/shells File", + "value": "Verify Group Who Owns /etc/security/opasswd File", "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_shells", + "value": "file_owner_etc_security_opasswd", "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/shells File", + "value": "Verify User Who Owns /etc/security/opasswd File", "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd", + "value": "file_permissions_etc_security_opasswd", "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd File", + "value": "Verify Permissions on /etc/security/opasswd File", "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd", + "value": "file_groupowner_etc_security_opasswd_old", "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd File", + "value": "Verify Group Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_security_opasswd", + "value": "file_owner_etc_security_opasswd_old", "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/security/opasswd File", + "value": "Verify User Who Owns /etc/security/opasswd.old File", "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_security_opasswd_old", + "value": "file_permissions_etc_security_opasswd_old", "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/security/opasswd.old File", + "value": "Verify Permissions on /etc/security/opasswd.old File", "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_security_opasswd_old", + "value": "file_permissions_unauthorized_world_writable", "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/security/opasswd.old File", + "value": "Ensure No World-Writable Files Exist", "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_security_opasswd_old", + "value": "dir_perms_world_writable_sticky_bits", "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/security/opasswd.old File", + "value": "Verify that All World-Writable Directories Have Sticky Bits Set", "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_world_writable", + "value": "no_files_or_dirs_unowned_by_user", "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure No World-Writable Files Exist", + "value": "Ensure All Files And Directories Are Owned by a User", "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_perms_world_writable_sticky_bits", + "value": "no_files_or_dirs_ungroupowned", "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that All World-Writable Directories Have Sticky Bits Set", + "value": "Ensure All Files And Directories Are Owned by a Group", "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_files_or_dirs_unowned_by_user", + "value": "accounts_password_all_shadowed", "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Files And Directories Are Owned by a User", + "value": "Verify All Account Password Hashes are Shadowed", "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_files_or_dirs_ungroupowned", + "value": "no_empty_passwords_etc_shadow", "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Files And Directories Are Owned by a Group", + "value": "Ensure There Are No Accounts With Blank or Null Passwords", "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_all_shadowed", + "value": "gid_passwd_group_same", "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify All Account Password Hashes are Shadowed", + "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords_etc_shadow", + "value": "account_unique_id", "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure There Are No Accounts With Blank or Null Passwords", + "value": "Ensure All Accounts on the System Have Unique User IDs", "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gid_passwd_group_same", + "value": "group_unique_id", "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", + "value": "Ensure All Groups on the System Have Unique Group ID", "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_id", + "value": "account_unique_name", "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique User IDs", + "value": "Ensure All Accounts on the System Have Unique Names", "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_id", + "value": "group_unique_name", "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group ID", + "value": "Ensure All Groups on the System Have Unique Group Names", "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_name", + "value": "accounts_user_interactive_home_directory_exists", "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique Names", + "value": "All Interactive Users Home Directories Must Exist", "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_name", + "value": "file_ownership_home_directories", "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group Names", + "value": "All Interactive User Home Directories Must Be Owned By The Primary User", "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_interactive_home_directory_exists", + "value": "file_permissions_home_directories", "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All Interactive Users Home Directories Must Exist", + "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_home_directories", + "value": "accounts_user_dot_group_ownership", "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All Interactive User Home Directories Must Be Owned By The Primary User", + "value": "User Initialization Files Must Be Group-Owned By The Primary Group", "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_home_directories", + "value": "accounts_user_dot_user_ownership", "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", + "value": "User Initialization Files Must Be Owned By the Primary User", "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_group_ownership", + "value": "accounts_user_dot_no_world_writable_programs", "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Group-Owned By The Primary Group", + "value": "User Initialization Files Must Not Run World-Writable Programs", "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_user_ownership", + "value": "file_permission_user_init_files", "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Be Owned By the Primary User", + "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_user_dot_no_world_writable_programs", + "value": "no_forward_files", "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "User Initialization Files Must Not Run World-Writable Programs", + "value": "Verify No .forward Files Exist", "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permission_user_init_files", + "value": "no_netrc_files", "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", + "value": "Verify No netrc Files Exist", "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_forward_files", + "value": "no_rhost_files", "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify No .forward Files Exist", + "value": "Verify No .rhost Files Exist", "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_netrc_files", + "value": "file_permission_user_bash_history", "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify No netrc Files Exist", + "value": "Ensure User Bash History File Has Correct Permissions", "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_rhost_files", + "value": "kernel_module_overlayfs_disabled", "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify No .rhost Files Exist", + "value": "Ensure overlayfs kernel module is not available", "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permission_user_bash_history", + "value": "kernel_module_squashfs_disabled", "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure User Bash History File Has Correct Permissions", + "value": "Disable Mounting of squashfs", "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_overlayfs_disabled", + "value": "kernel_module_udf_disabled", "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure overlayfs kernel module is not available", + "value": "Disable Mounting of udf", "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_squashfs_disabled", + "value": "kernel_module_firewire-core_disabled", "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Mounting of squashfs", + "value": "Disable IEEE 1394 (FireWire) Support", "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_udf_disabled", + "value": "kernel_module_usb-storage_disabled", "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Mounting of udf", + "value": "Disable Modprobe Loading of USB Storage Driver", "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_firewire-core_disabled", + "value": "partition_for_home", "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable IEEE 1394 (FireWire) Support", + "value": "Ensure /home Located On Separate Partition", "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_usb-storage_disabled", + "value": "partition_for_var", "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Modprobe Loading of USB Storage Driver", + "value": "Ensure /var Located On Separate Partition", "remarks": "rule_set_321" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_home", + "value": "partition_for_var_tmp", "remarks": "rule_set_322" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /home Located On Separate Partition", + "value": "Ensure /var/tmp Located On Separate Partition", "remarks": "rule_set_322" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var", + "value": "partition_for_var_log", "remarks": "rule_set_323" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var Located On Separate Partition", + "value": "Ensure /var/log Located On Separate Partition", "remarks": "rule_set_323" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_tmp", + "value": "partition_for_var_log_audit", "remarks": "rule_set_324" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/tmp Located On Separate Partition", + "value": "Ensure /var/log/audit Located On Separate Partition", "remarks": "rule_set_324" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_log", + "value": "disable_weak_deps", "remarks": "rule_set_325" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/log Located On Separate Partition", + "value": "Disable Installation of Weak Dependencies in DNF", "remarks": "rule_set_325" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "partition_for_var_log_audit", + "value": "selinux_state", "remarks": "rule_set_326" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure /var/log/audit Located On Separate Partition", + "value": "Ensure SELinux State is Enforcing", "remarks": "rule_set_326" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_weak_deps", + "value": "sysctl_fs_protected_symlinks", "remarks": "rule_set_327" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Installation of Weak Dependencies in DNF", + "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", "remarks": "rule_set_327" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_state", + "value": "dconf_gnome_disable_automount", "remarks": "rule_set_328" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SELinux State is Enforcing", + "value": "Disable GNOME3 Automounting", "remarks": "rule_set_328" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_symlinks", + "value": "dconf_gnome_disable_automount_open", "remarks": "rule_set_329" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", + "value": "Disable GNOME3 Automount Opening", "remarks": "rule_set_329" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount", + "value": "xwayland_disabled", "remarks": "rule_set_330" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automounting", + "value": "Disable XWayland", "remarks": "rule_set_330" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_automount_open", + "value": "service_autofs_disabled", "remarks": "rule_set_331" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount Opening", + "value": "Disable the Automounter", "remarks": "rule_set_331" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "xwayland_disabled", + "value": "service_avahi-daemon_disabled", "remarks": "rule_set_332" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable XWayland", + "value": "Disable Avahi Server Software", "remarks": "rule_set_332" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_autofs_disabled", + "value": "service_cockpit_disabled", "remarks": "rule_set_333" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the Automounter", + "value": "Disable Cockpit Management Server", "remarks": "rule_set_333" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_avahi-daemon_disabled", + "value": "package_openldap-clients_removed", "remarks": "rule_set_334" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Avahi Server Software", + "value": "Ensure LDAP client is not installed", "remarks": "rule_set_334" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_cockpit_disabled", + "value": "service_bluetooth_disabled", "remarks": "rule_set_335" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Cockpit Management Server", + "value": "Disable Bluetooth Service", "remarks": "rule_set_335" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_openldap-clients_removed", + "value": "sudo_remove_nopasswd", "remarks": "rule_set_336" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure LDAP client is not installed", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", "remarks": "rule_set_336" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_bluetooth_disabled", + "value": "accounts_passwords_pam_faillock_deny_root", "remarks": "rule_set_337" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Bluetooth Service", + "value": "Configure the root Account for Failed Password Attempts", "remarks": "rule_set_337" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_nopasswd", + "value": "accounts_minimum_age_login_defs", "remarks": "rule_set_338" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", + "value": "Set Password Minimum Age", "remarks": "rule_set_338" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny_root", + "value": "accounts_password_set_min_life_existing", "remarks": "rule_set_339" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the root Account for Failed Password Attempts", + "value": "Set Existing Passwords Minimum Age", "remarks": "rule_set_339" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_minimum_age_login_defs", + "value": "no_nologin_in_shells", "remarks": "rule_set_340" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Age", + "value": "Ensure nologin Shell is Not Listed in /etc/shells", "remarks": "rule_set_340" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_min_life_existing", + "value": "package_audit_installed", "remarks": "rule_set_341" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Minimum Age", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_341" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_nologin_in_shells", + "value": "package_audit-libs_installed", "remarks": "rule_set_342" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure nologin Shell is Not Listed in /etc/shells", + "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", "remarks": "rule_set_342" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "grub2_audit_argument", "remarks": "rule_set_343" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", "remarks": "rule_set_343" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit-libs_installed", + "value": "grub2_audit_backlog_limit_argument", "remarks": "rule_set_344" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", + "value": "Extend Audit Backlog Limit for the Audit Daemon", "remarks": "rule_set_344" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_audit_argument", + "value": "service_auditd_enabled", "remarks": "rule_set_345" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", + "value": "Enable auditd Service", "remarks": "rule_set_345" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_audit_backlog_limit_argument", + "value": "auditd_data_retention_max_log_file", "remarks": "rule_set_346" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Extend Audit Backlog Limit for the Audit Daemon", + "value": "Configure auditd Max Log File Size", "remarks": "rule_set_346" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "auditd_data_retention_max_log_file_action", "remarks": "rule_set_347" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", "remarks": "rule_set_347" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_max_log_file", + "value": "auditd_data_disk_error_action", "remarks": "rule_set_348" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd Max Log File Size", + "value": "Configure auditd Disk Error Action on Disk Error", "remarks": "rule_set_348" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_max_log_file_action", + "value": "auditd_data_disk_full_action", "remarks": "rule_set_349" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", + "value": "Configure auditd Disk Full Action when Disk Space Is Full", "remarks": "rule_set_349" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_disk_error_action", + "value": "auditd_data_retention_admin_space_left_action", "remarks": "rule_set_350" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd Disk Error Action on Disk Error", + "value": "Configure auditd admin_space_left Action on Low Disk Space", "remarks": "rule_set_350" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_disk_full_action", + "value": "auditd_data_retention_space_left_action", "remarks": "rule_set_351" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd Disk Full Action when Disk Space Is Full", + "value": "Configure auditd space_left Action on Low Disk Space", "remarks": "rule_set_351" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_admin_space_left_action", + "value": "audit_rules_sysadmin_actions", "remarks": "rule_set_352" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd admin_space_left Action on Low Disk Space", + "value": "Ensure auditd Collects System Administrator Actions", "remarks": "rule_set_352" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_space_left_action", + "value": "audit_rules_suid_auid_privilege_function", "remarks": "rule_set_353" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd space_left Action on Low Disk Space", + "value": "Record Events When Executables Are Run As Another User", "remarks": "rule_set_353" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_sysadmin_actions", + "value": "audit_sudo_log_events", "remarks": "rule_set_354" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects System Administrator Actions", + "value": "Record Attempts to perform maintenance activities", "remarks": "rule_set_354" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_suid_auid_privilege_function", + "value": "audit_rules_time_adjtimex", "remarks": "rule_set_355" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events When Executables Are Run As Another User", + "value": "Record attempts to alter time through adjtimex", "remarks": "rule_set_355" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_sudo_log_events", + "value": "audit_rules_time_settimeofday", "remarks": "rule_set_356" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to perform maintenance activities", + "value": "Record attempts to alter time through settimeofday", "remarks": "rule_set_356" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_adjtimex", + "value": "audit_rules_time_clock_settime", "remarks": "rule_set_357" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through adjtimex", + "value": "Record Attempts to Alter Time Through clock_settime", "remarks": "rule_set_357" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_settimeofday", + "value": "audit_rules_time_watch_localtime", "remarks": "rule_set_358" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through settimeofday", + "value": "Record Attempts to Alter the localtime File", "remarks": "rule_set_358" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_clock_settime", + "value": "audit_rules_networkconfig_modification_setdomainname", "remarks": "rule_set_359" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through clock_settime", + "value": "Record Events that Modify the System's Network Environment - setdomainname", "remarks": "rule_set_359" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_watch_localtime", + "value": "audit_rules_networkconfig_modification_sethostname", "remarks": "rule_set_360" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter the localtime File", + "value": "Record Events that Modify the System's Network Environment - sethostname", "remarks": "rule_set_360" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_setdomainname", + "value": "audit_rules_networkconfig_modification_etc_issue", "remarks": "rule_set_361" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - setdomainname", + "value": "Record Events that Modify the System's Network Environment - /etc/issue", "remarks": "rule_set_361" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_sethostname", + "value": "audit_rules_networkconfig_modification_etc_issue_net", "remarks": "rule_set_362" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - sethostname", + "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", "remarks": "rule_set_362" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_issue", + "value": "audit_rules_networkconfig_modification_etc_hosts", "remarks": "rule_set_363" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/issue", + "value": "Record Events that Modify the System's Network Environment - /etc/hosts", "remarks": "rule_set_363" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_issue_net", + "value": "audit_rules_networkconfig_modification_hostname_file", "remarks": "rule_set_364" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", + "value": "Record Events that Modify the System's Network Environment - /etc/hostname", "remarks": "rule_set_364" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_hosts", + "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", "remarks": "rule_set_365" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/hosts", + "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", "remarks": "rule_set_365" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_hostname_file", + "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", "remarks": "rule_set_366" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/hostname", + "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", "remarks": "rule_set_366" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", + "value": "audit_rules_networkconfig_modification_networkmanager", "remarks": "rule_set_367" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", + "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", "remarks": "rule_set_367" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", + "value": "audit_rules_privileged_commands", "remarks": "rule_set_368" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands", "remarks": "rule_set_368" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification_networkmanager", + "value": "audit_rules_unsuccessful_file_modification_creat", "remarks": "rule_set_369" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", + "value": "Record Unsuccessful Access Attempts to Files - creat", "remarks": "rule_set_369" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands", + "value": "audit_rules_unsuccessful_file_modification_ftruncate", "remarks": "rule_set_370" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands", + "value": "Record Unsuccessful Access Attempts to Files - ftruncate", "remarks": "rule_set_370" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_creat", + "value": "audit_rules_unsuccessful_file_modification_open", "remarks": "rule_set_371" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - creat", + "value": "Record Unsuccessful Access Attempts to Files - open", "remarks": "rule_set_371" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_ftruncate", + "value": "audit_rules_unsuccessful_file_modification_openat", "remarks": "rule_set_372" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - ftruncate", + "value": "Record Unsuccessful Access Attempts to Files - openat", "remarks": "rule_set_372" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open", + "value": "audit_rules_unsuccessful_file_modification_truncate", "remarks": "rule_set_373" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open", + "value": "Record Unsuccessful Access Attempts to Files - truncate", "remarks": "rule_set_373" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_openat", + "value": "audit_rules_usergroup_modification_group", "remarks": "rule_set_374" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - openat", + "value": "Record Events that Modify User/Group Information - /etc/group", "remarks": "rule_set_374" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_truncate", + "value": "audit_rules_usergroup_modification_passwd", "remarks": "rule_set_375" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - truncate", + "value": "Record Events that Modify User/Group Information - /etc/passwd", "remarks": "rule_set_375" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_group", + "value": "audit_rules_usergroup_modification_gshadow", "remarks": "rule_set_376" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/group", + "value": "Record Events that Modify User/Group Information - /etc/gshadow", "remarks": "rule_set_376" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_passwd", + "value": "audit_rules_usergroup_modification_shadow", "remarks": "rule_set_377" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/passwd", + "value": "Record Events that Modify User/Group Information - /etc/shadow", "remarks": "rule_set_377" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_gshadow", + "value": "audit_rules_usergroup_modification_opasswd", "remarks": "rule_set_378" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/gshadow", + "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", "remarks": "rule_set_378" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_shadow", + "value": "audit_rules_usergroup_modification_nsswitch_conf", "remarks": "rule_set_379" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/shadow", + "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", "remarks": "rule_set_379" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_opasswd", + "value": "audit_rules_usergroup_modification_pam_conf", "remarks": "rule_set_380" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", + "value": "Record Events that Modify User/Group Information - /etc/pam.conf", "remarks": "rule_set_380" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_nsswitch_conf", + "value": "audit_rules_usergroup_modification_pamd", "remarks": "rule_set_381" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", + "value": "Record Events that Modify User/Group Information - /etc/pam.d/", "remarks": "rule_set_381" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_pam_conf", + "value": "audit_rules_dac_modification_chmod", "remarks": "rule_set_382" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/pam.conf", + "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", "remarks": "rule_set_382" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_pamd", + "value": "audit_rules_dac_modification_fchmod", "remarks": "rule_set_383" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/pam.d/", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", "remarks": "rule_set_383" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chmod", + "value": "audit_rules_dac_modification_fchmodat", "remarks": "rule_set_384" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", "remarks": "rule_set_384" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmod", + "value": "audit_rules_dac_modification_fchmodat2", "remarks": "rule_set_385" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", "remarks": "rule_set_385" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmodat", + "value": "audit_rules_dac_modification_chown", "remarks": "rule_set_386" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", + "value": "Record Events that Modify the System's Discretionary Access Controls - chown", "remarks": "rule_set_386" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmodat2", + "value": "audit_rules_dac_modification_fchown", "remarks": "rule_set_387" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", "remarks": "rule_set_387" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chown", + "value": "audit_rules_dac_modification_fchownat", "remarks": "rule_set_388" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chown", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", "remarks": "rule_set_388" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchown", + "value": "audit_rules_dac_modification_lchown", "remarks": "rule_set_389" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", + "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", "remarks": "rule_set_389" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchownat", + "value": "audit_rules_dac_modification_fremovexattr", "remarks": "rule_set_390" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", + "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", "remarks": "rule_set_390" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lchown", + "value": "audit_rules_dac_modification_fsetxattr", "remarks": "rule_set_391" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", + "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", "remarks": "rule_set_391" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fremovexattr", + "value": "audit_rules_dac_modification_lremovexattr", "remarks": "rule_set_392" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", "remarks": "rule_set_392" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fsetxattr", + "value": "audit_rules_dac_modification_lsetxattr", "remarks": "rule_set_393" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", "remarks": "rule_set_393" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lremovexattr", + "value": "audit_rules_dac_modification_removexattr", "remarks": "rule_set_394" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", "remarks": "rule_set_394" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lsetxattr", + "value": "audit_rules_dac_modification_setxattr", "remarks": "rule_set_395" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", "remarks": "rule_set_395" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_removexattr", + "value": "audit_rules_media_export", "remarks": "rule_set_396" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", + "value": "Ensure auditd Collects Information on Exporting to Media (successful)", "remarks": "rule_set_396" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_setxattr", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_397" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_397" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_media_export", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_398" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Exporting to Media (successful)", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_398" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_session_events_wtmp", "remarks": "rule_set_399" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", "remarks": "rule_set_399" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_400" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_400" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_login_events_lastlog", "remarks": "rule_set_401" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Logon and Logout Events - lastlog", "remarks": "rule_set_401" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "audit_rules_file_deletion_events_unlink", "remarks": "rule_set_402" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Ensure auditd Collects File Deletion Events by User - unlink", "remarks": "rule_set_402" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_lastlog", + "value": "audit_rules_file_deletion_events_unlinkat", "remarks": "rule_set_403" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - lastlog", + "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", "remarks": "rule_set_403" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_unlink", + "value": "audit_rules_file_deletion_events_rename", "remarks": "rule_set_404" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - unlink", + "value": "Ensure auditd Collects File Deletion Events by User - rename", "remarks": "rule_set_404" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_unlinkat", + "value": "audit_rules_file_deletion_events_renameat", "remarks": "rule_set_405" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", + "value": "Ensure auditd Collects File Deletion Events by User - renameat", "remarks": "rule_set_405" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_rename", + "value": "audit_rules_file_deletion_events_renameat2", "remarks": "rule_set_406" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - rename", + "value": "Ensure auditd Collects File Deletion Events by User - renameat2", "remarks": "rule_set_406" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_renameat", + "value": "audit_rules_mac_modification_etc_selinux", "remarks": "rule_set_407" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - renameat", + "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", "remarks": "rule_set_407" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_renameat2", + "value": "audit_rules_mac_modification_usr_share", "remarks": "rule_set_408" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - renameat2", + "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", "remarks": "rule_set_408" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_mac_modification_etc_selinux", + "value": "audit_rules_execution_chcon", "remarks": "rule_set_409" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", + "value": "Record Any Attempts to Run chcon", "remarks": "rule_set_409" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_mac_modification_usr_share", + "value": "audit_rules_execution_setfacl", "remarks": "rule_set_410" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", + "value": "Record Any Attempts to Run setfacl", "remarks": "rule_set_410" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_chcon", + "value": "audit_rules_execution_chacl", "remarks": "rule_set_411" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run chcon", + "value": "Record Any Attempts to Run chacl", "remarks": "rule_set_411" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setfacl", + "value": "audit_rules_privileged_commands_usermod", "remarks": "rule_set_412" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setfacl", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", "remarks": "rule_set_412" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_chacl", + "value": "audit_rules_privileged_commands_kmod", "remarks": "rule_set_413" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run chacl", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", "remarks": "rule_set_413" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands_usermod", + "value": "audit_rules_kernel_module_loading_init", "remarks": "rule_set_414" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", + "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", "remarks": "rule_set_414" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands_kmod", + "value": "audit_rules_kernel_module_loading_finit", "remarks": "rule_set_415" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", + "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", "remarks": "rule_set_415" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_init", + "value": "audit_rules_kernel_module_loading_delete", "remarks": "rule_set_416" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", + "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", "remarks": "rule_set_416" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_finit", + "value": "audit_rules_kernel_module_loading_query", "remarks": "rule_set_417" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", + "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", "remarks": "rule_set_417" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_delete", + "value": "audit_rules_continue_loading", "remarks": "rule_set_418" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", + "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", "remarks": "rule_set_418" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading_query", + "value": "audit_rules_immutable", "remarks": "rule_set_419" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", + "value": "Make the auditd Configuration Immutable", "remarks": "rule_set_419" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_continue_loading", + "value": "directory_permissions_var_log_audit", "remarks": "rule_set_420" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", + "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", "remarks": "rule_set_420" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_immutable", + "value": "file_permissions_var_log_audit", "remarks": "rule_set_421" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Make the auditd Configuration Immutable", + "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", "remarks": "rule_set_421" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_var_log_audit", + "value": "file_ownership_var_log_audit_stig", "remarks": "rule_set_422" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", + "value": "System Audit Logs Must Be Owned By Root", "remarks": "rule_set_422" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_var_log_audit", + "value": "file_group_ownership_var_log_audit", "remarks": "rule_set_423" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", + "value": "System Audit Logs Must Be Group Owned By Root", "remarks": "rule_set_423" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_var_log_audit_stig", - "remarks": "rule_set_424" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_424" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_425" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_425" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_configuration", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Permissions are 640 or More Restrictive", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_configuration", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Root", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_configuration", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Group root", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_binaries", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools Have Mode 0755 or less", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_binaries", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by root", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_binaries", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by group root", - "remarks": "rule_set_431" + "remarks": "rule_set_429" } ], "control-implementations": [ { - "uuid": "60d511bf-6a00-4e7b-a527-f870316b1cd3", + "uuid": "430437d8-6b9a-4b28-b7c6-74c4ff9dae93", "source": "trestle://profiles/rhel10-cis_rhel10-l2_workstation/profile.json", "description": "Control implementation for cis_workstation_l2", "props": [ @@ -6703,13 +6679,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -6823,7 +6799,7 @@ ], "implemented-requirements": [ { - "uuid": "cf339821-9f52-4927-aaf6-629394e81c11", + "uuid": "fcf603d4-4fd5-478e-bbcb-d344b438cec5", "control-id": "cis_rhel10_1-1.1.6", "description": "No notes for control-id 1.1.1.6.", "props": [ @@ -6840,7 +6816,7 @@ ] }, { - "uuid": "78be2251-11dc-4faa-a666-03317f00d2be", + "uuid": "103562a5-bae0-41f2-99a3-6b04e62b2375", "control-id": "cis_rhel10_1-1.1.7", "description": "No notes for control-id 1.1.1.7.", "props": [ @@ -6857,7 +6833,7 @@ ] }, { - "uuid": "d0f33c35-eadd-4a1f-8ea4-fdcf5582cacc", + "uuid": "3c0e944d-ccab-4773-b032-22b029b22b40", "control-id": "cis_rhel10_1-1.1.8", "description": "No notes for control-id 1.1.1.8.", "props": [ @@ -6874,7 +6850,7 @@ ] }, { - "uuid": "505bea8f-75a9-4cf0-86cb-fca400d2eee1", + "uuid": "ac7e10b6-1df9-4b43-a061-f2310e13bedb", "control-id": "cis_rhel10_1-1.1.9", "description": "No notes for control-id 1.1.1.9.", "props": [ @@ -6891,7 +6867,7 @@ ] }, { - "uuid": "4dfb7670-dc8f-4837-aa57-7087cab43eb8", + "uuid": "3110af86-f1db-4fc1-94c9-25d812e0ee51", "control-id": "cis_rhel10_1-1.1.10", "description": "No notes for control-id 1.1.1.10.", "props": [ @@ -6908,7 +6884,7 @@ ] }, { - "uuid": "40888cd6-a0a4-4d24-ac92-9928d71cf9a1", + "uuid": "0fad5fa4-a928-453f-b444-6137e85c73a2", "control-id": "cis_rhel10_1-1.2.3.1", "description": "No notes for control-id 1.1.2.3.1.", "props": [ @@ -6925,7 +6901,7 @@ ] }, { - "uuid": "e1017742-50c6-4dac-8241-fb66d8ff97cf", + "uuid": "c52aeb71-50f7-4463-a087-d7e76e3c4279", "control-id": "cis_rhel10_1-1.2.4.1", "description": "No notes for control-id 1.1.2.4.1.", "props": [ @@ -6942,7 +6918,7 @@ ] }, { - "uuid": "5a944ce4-a07f-4d35-a96d-74c5b014d9b4", + "uuid": "defecb02-129f-465b-8966-917c89e03fef", "control-id": "cis_rhel10_1-1.2.5.1", "description": "No notes for control-id 1.1.2.5.1.", "props": [ @@ -6959,7 +6935,7 @@ ] }, { - "uuid": "ccd7ce35-57a4-4a09-80d2-628111a98499", + "uuid": "db7c6580-5622-452d-b4e6-bd48b8ad0b00", "control-id": "cis_rhel10_1-1.2.6.1", "description": "No notes for control-id 1.1.2.6.1.", "props": [ @@ -6976,7 +6952,7 @@ ] }, { - "uuid": "272fdeee-ae0b-4c11-91e7-695c4f0bdc9b", + "uuid": "f4173a12-4a11-42fb-a9cb-cd6348ff53f3", "control-id": "cis_rhel10_1-1.2.7.1", "description": "No notes for control-id 1.1.2.7.1.", "props": [ @@ -6993,7 +6969,7 @@ ] }, { - "uuid": "b23ad79d-2e11-4648-a57b-4c9ac572f39b", + "uuid": "11131096-8fb6-47c4-8323-569f25c217d8", "control-id": "cis_rhel10_1-2.1.3", "description": "The description for control-id cis_rhel10_1-2.1.3.", "props": [ @@ -7006,7 +6982,7 @@ ] }, { - "uuid": "f2956e5e-e60c-4c5c-bb3e-8731c803b6bc", + "uuid": "5e5eef66-6e34-42f6-ae7c-b4852105b152", "control-id": "cis_rhel10_1-2.1.5", "description": "No notes for control-id 1.2.1.5.", "props": [ @@ -7023,7 +6999,7 @@ ] }, { - "uuid": "129f5105-962a-4ded-a4bd-19b212e7c03a", + "uuid": "89e9a074-c801-4177-ace2-233dcd3126b8", "control-id": "cis_rhel10_1-3.1.5", "description": "No notes for control-id 1.3.1.5.", "props": [ @@ -7040,7 +7016,7 @@ ] }, { - "uuid": "67976ec1-7b9a-4df3-a957-fd4d7aaa5920", + "uuid": "6f3d152d-a408-4b29-a04b-9cd12938164a", "control-id": "cis_rhel10_1-3.1.6", "description": "The description for control-id cis_rhel10_1-3.1.6.", "props": [ @@ -7053,7 +7029,7 @@ ] }, { - "uuid": "40e40151-6e72-4e75-9fbf-edf3a9b3fa28", + "uuid": "be587d05-7866-422c-a6cc-5d1f3b2ec40c", "control-id": "cis_rhel10_1-5.3", "description": "No notes for control-id 1.5.3.", "props": [ @@ -7070,7 +7046,7 @@ ] }, { - "uuid": "1aa2de5c-57a2-4a3b-bad2-25e48af4e3fe", + "uuid": "29fe06e9-1718-4fe6-b6ca-5897494f9b14", "control-id": "cis_rhel10_1-8.4", "description": "No notes for control-id 1.8.4.", "props": [ @@ -7092,7 +7068,7 @@ ] }, { - "uuid": "c10a6f92-3261-4a7c-89b6-22c9732ade90", + "uuid": "76c40b71-28f1-4b65-b78e-6d1d342ce4c5", "control-id": "cis_rhel10_1-8.6", "description": "No notes for control-id 1.8.6.", "props": [ @@ -7109,7 +7085,7 @@ ] }, { - "uuid": "17e744fa-9fb0-4109-bf0c-ad57e21af649", + "uuid": "ff49c7f9-6e39-4cd5-8240-a016acbc1b2b", "control-id": "cis_rhel10_2-1.1", "description": "No notes for control-id 2.1.1.", "props": [ @@ -7126,7 +7102,7 @@ ] }, { - "uuid": "4b3a9c9e-4180-406e-89d2-8137d451c638", + "uuid": "658d3786-0447-4739-b6d5-b836bae9cf1f", "control-id": "cis_rhel10_2-1.2", "description": "No notes for control-id 2.1.2.", "props": [ @@ -7143,7 +7119,7 @@ ] }, { - "uuid": "e64dd92a-74a2-4754-9a4e-02576f84624c", + "uuid": "ed7d4d0d-ba6e-42f9-be26-8aab5b9a35de", "control-id": "cis_rhel10_2-1.3", "description": "No notes for control-id 2.1.3.", "props": [ @@ -7160,7 +7136,7 @@ ] }, { - "uuid": "d9875df1-d168-4b11-af22-cac4b56126b6", + "uuid": "4091f3d8-8c4e-4097-861a-8ca474d28ab5", "control-id": "cis_rhel10_2-2.2", "description": "No notes for control-id 2.2.2.", "props": [ @@ -7177,7 +7153,7 @@ ] }, { - "uuid": "61097340-5ace-43b1-9e66-c32f50793edf", + "uuid": "0410c117-4585-41c6-983d-6efd2b63b7a4", "control-id": "cis_rhel10_3-1.3", "description": "No notes for control-id 3.1.3.", "props": [ @@ -7194,7 +7170,7 @@ ] }, { - "uuid": "d101b068-b3b2-4ef1-af2d-95f5623e3b9d", + "uuid": "f9ff7f44-6bb9-499f-a319-b02b17addf39", "control-id": "cis_rhel10_5-2.4", "description": "No notes for control-id 5.2.4.", "props": [ @@ -7211,7 +7187,7 @@ ] }, { - "uuid": "cc90ba9d-e94e-47a5-981e-6934fa94d81c", + "uuid": "ca1b8369-5656-4ee4-affe-e6c5d2206112", "control-id": "cis_rhel10_5-3.2.1.3", "description": "No notes for control-id 5.3.2.1.3.", "props": [ @@ -7228,7 +7204,7 @@ ] }, { - "uuid": "b74be0cf-7991-4660-b696-bb6d97dd8601", + "uuid": "c1f918ec-c92f-428b-bc51-508030cac7c3", "control-id": "cis_rhel10_5-4.1.2", "description": "No notes for control-id 5.4.1.2.", "props": [ @@ -7250,7 +7226,7 @@ ] }, { - "uuid": "f4b20e8c-3dae-48ff-abe8-3c0c2b9a92a7", + "uuid": "71a68237-b9e8-4664-9315-05f653fd26ad", "control-id": "cis_rhel10_5-4.3.1", "description": "No notes for control-id 5.4.3.1.", "props": [ @@ -7267,7 +7243,7 @@ ] }, { - "uuid": "b53db268-26fa-4812-a468-1c11a78c1fb2", + "uuid": "2d17c1e8-d112-41a6-bcc3-6b2de275f8a7", "control-id": "cis_rhel10_6-3.1.1", "description": "No notes for control-id 6.3.1.1.", "props": [ @@ -7289,7 +7265,7 @@ ] }, { - "uuid": "eed322dd-4cbf-41fa-afd2-fe210548eb4c", + "uuid": "3d73486a-c695-4f10-9f16-c782edf7f19e", "control-id": "cis_rhel10_6-3.1.2", "description": "No notes for control-id 6.3.1.2.", "props": [ @@ -7306,7 +7282,7 @@ ] }, { - "uuid": "fd3198ac-b7da-48ff-bd3a-10cdab0a7e77", + "uuid": "7ca4dd38-72b0-4c88-8f1e-ad221a2cc8bc", "control-id": "cis_rhel10_6-3.1.3", "description": "No notes for control-id 6.3.1.3.", "props": [ @@ -7323,7 +7299,7 @@ ] }, { - "uuid": "7d6a5cb9-ef5b-4b9a-b187-43784988a5e3", + "uuid": "2291f0f5-e998-44b9-800d-0c12016a8df6", "control-id": "cis_rhel10_6-3.1.4", "description": "No notes for control-id 6.3.1.4.", "props": [ @@ -7340,7 +7316,7 @@ ] }, { - "uuid": "d094d210-8179-493d-b5cc-71bf9e1bc950", + "uuid": "d517eff8-6830-4a1e-be51-5e8041a1e453", "control-id": "cis_rhel10_6-3.2.1", "description": "No notes for control-id 6.3.2.1.", "props": [ @@ -7357,7 +7333,7 @@ ] }, { - "uuid": "c62eb240-0255-4ac1-916a-12896c66fbdf", + "uuid": "29b75eaa-c994-400c-9c3b-0b3671898d05", "control-id": "cis_rhel10_6-3.2.2", "description": "No notes for control-id 6.3.2.2.", "props": [ @@ -7374,7 +7350,7 @@ ] }, { - "uuid": "df5d7da8-cbce-4ffc-886e-480c20ff11c6", + "uuid": "ba7c2cc2-edf5-483c-a52c-968d1b24a3be", "control-id": "cis_rhel10_6-3.2.3", "description": "No notes for control-id 6.3.2.3.", "props": [ @@ -7396,7 +7372,7 @@ ] }, { - "uuid": "932012b2-ae17-4a47-9d49-ae199bd35911", + "uuid": "6ccc549f-5873-4686-ae7e-bc9060e5bedf", "control-id": "cis_rhel10_6-3.2.4", "description": "No notes for control-id 6.3.2.4.", "props": [ @@ -7418,7 +7394,7 @@ ] }, { - "uuid": "8e181452-0081-4cf7-b60f-eee05ed03e21", + "uuid": "20e486c1-0170-4f3f-ad22-1c9c8d11489e", "control-id": "cis_rhel10_6-3.3.1", "description": "No notes for control-id 6.3.3.1.", "props": [ @@ -7435,7 +7411,7 @@ ] }, { - "uuid": "14296927-e469-4ace-8ce4-430d55e1797b", + "uuid": "583d5919-029f-4f14-b83a-f3145b1a32ff", "control-id": "cis_rhel10_6-3.3.2", "description": "No notes for control-id 6.3.3.2.", "props": [ @@ -7452,7 +7428,7 @@ ] }, { - "uuid": "1b61b881-5784-45b9-b491-6fb8400e98d5", + "uuid": "8429c730-c6fb-4875-bb8b-4e375163af8d", "control-id": "cis_rhel10_6-3.3.3", "description": "No notes for control-id 6.3.3.3.", "props": [ @@ -7469,7 +7445,7 @@ ] }, { - "uuid": "a1c16c8e-27ad-4e73-a3cd-ba25593cbd64", + "uuid": "0d85b9a9-74a6-4622-9671-7848a7523991", "control-id": "cis_rhel10_6-3.3.4", "description": "No notes for control-id 6.3.3.4.", "props": [ @@ -7501,7 +7477,7 @@ ] }, { - "uuid": "70fa8869-875a-45c4-ae73-9f7af98a195a", + "uuid": "24b1798e-8f52-4208-b5f6-6ba69d0fa151", "control-id": "cis_rhel10_6-3.3.5", "description": "No notes for control-id 6.3.3.5.", "props": [ @@ -7523,7 +7499,7 @@ ] }, { - "uuid": "b596cc90-5a58-4990-a3a9-8fb77a480ed0", + "uuid": "388e35c4-af4c-4c50-9ebc-c085d8c9afad", "control-id": "cis_rhel10_6-3.3.6", "description": "No notes for control-id 6.3.3.6.", "props": [ @@ -7545,7 +7521,7 @@ ] }, { - "uuid": "fb9654e8-b77f-4a90-ab57-7112b654913b", + "uuid": "43f4fa8d-23ab-4f6b-af00-df1ea3dde34a", "control-id": "cis_rhel10_6-3.3.7", "description": "No notes for control-id 6.3.3.7.", "props": [ @@ -7567,7 +7543,7 @@ ] }, { - "uuid": "a2584e4f-ce06-4ae3-987f-ae72bfc4e038", + "uuid": "a70e8592-fb11-4d64-97ad-d2a46a2f5188", "control-id": "cis_rhel10_6-3.3.8", "description": "No notes for control-id 6.3.3.8.", "props": [ @@ -7589,7 +7565,7 @@ ] }, { - "uuid": "fc54118f-7c88-46f4-9367-dfd0e83487a4", + "uuid": "db4c54bc-6d7b-4dc1-8e50-3d271b788025", "control-id": "cis_rhel10_6-3.3.9", "description": "No notes for control-id 6.3.3.9.", "props": [ @@ -7606,7 +7582,7 @@ ] }, { - "uuid": "05997b60-7b68-403d-883c-cbb46563f32f", + "uuid": "a762634e-ca99-4d29-a9ef-90108023decc", "control-id": "cis_rhel10_6-3.3.10", "description": "No notes for control-id 6.3.3.10.", "props": [ @@ -7623,7 +7599,7 @@ ] }, { - "uuid": "0ce1b37e-1781-4a9f-8890-04c7727c62c8", + "uuid": "bf60b9e0-b8ff-4498-bb53-45e16f5c749c", "control-id": "cis_rhel10_6-3.3.11", "description": "No notes for control-id 6.3.3.11.", "props": [ @@ -7660,7 +7636,7 @@ ] }, { - "uuid": "300210da-479a-4d3b-8b25-3a72438392c1", + "uuid": "c9b30b87-e19c-463d-be5e-4369ebbf4412", "control-id": "cis_rhel10_6-3.3.12", "description": "No notes for control-id 6.3.3.12.", "props": [ @@ -7677,7 +7653,7 @@ ] }, { - "uuid": "a033454f-e16a-4549-97a1-00da50b842df", + "uuid": "72febbe9-8cc6-4b0b-96b2-d5068b4060ff", "control-id": "cis_rhel10_6-3.3.13", "description": "No notes for control-id 6.3.3.13.", "props": [ @@ -7694,7 +7670,7 @@ ] }, { - "uuid": "afc4fe09-83ed-4bd9-a415-da8979042f73", + "uuid": "aeee304f-aad6-45bf-88ea-6159db1df58d", "control-id": "cis_rhel10_6-3.3.14", "description": "No notes for control-id 6.3.3.14.", "props": [ @@ -7716,7 +7692,7 @@ ] }, { - "uuid": "68dfc189-b1fa-4f31-9bfd-2c0ff31bcf3a", + "uuid": "555c1967-cb0f-46ef-b47b-fb64451326ca", "control-id": "cis_rhel10_6-3.3.15", "description": "No notes for control-id 6.3.3.15.", "props": [ @@ -7733,7 +7709,7 @@ ] }, { - "uuid": "88f865f0-1d27-4932-86c2-593faa5f1463", + "uuid": "fccee59c-c39f-459f-81d5-5e6d48b5b5b9", "control-id": "cis_rhel10_6-3.3.16", "description": "No notes for control-id 6.3.3.16.", "props": [ @@ -7750,7 +7726,7 @@ ] }, { - "uuid": "af9cff86-c8eb-4637-b30d-f028b826221c", + "uuid": "2bcf8950-a234-4375-a307-052fe29a0794", "control-id": "cis_rhel10_6-3.3.17", "description": "No notes for control-id 6.3.3.17.", "props": [ @@ -7772,7 +7748,7 @@ ] }, { - "uuid": "6a9ecae1-c5e9-4aae-8b41-c64b0e05504d", + "uuid": "a393b64c-5f31-4a84-b5b2-f1ef290e5a52", "control-id": "cis_rhel10_6-3.3.18", "description": "No notes for control-id 6.3.3.18.", "props": [ @@ -7804,7 +7780,7 @@ ] }, { - "uuid": "8c3f4bb8-d5a4-4bfe-98f1-c493c4f95fd9", + "uuid": "2f0d45f9-c85e-42d9-8d0b-0d4822c5dbe5", "control-id": "cis_rhel10_6-3.3.19", "description": "No notes for control-id 6.3.3.19.", "props": [ @@ -7836,7 +7812,7 @@ ] }, { - "uuid": "65c8c751-7453-4b2b-b6a6-b94ef99453d4", + "uuid": "78f55dfe-4bb4-41d4-b9fe-b0528ea824ab", "control-id": "cis_rhel10_6-3.3.20", "description": "No notes for control-id 6.3.3.20.", "props": [ @@ -7878,7 +7854,7 @@ ] }, { - "uuid": "1e8c009f-7d55-4671-8f43-197da03ef059", + "uuid": "d01737f9-bf8a-4af6-9568-0ca7ce36b0fc", "control-id": "cis_rhel10_6-3.3.21", "description": "No notes for control-id 6.3.3.21.", "props": [ @@ -7895,7 +7871,7 @@ ] }, { - "uuid": "fa8813ec-7f16-4eda-ae1d-20e8417ada78", + "uuid": "7133286e-ef6e-4d39-8343-c27c4da393ad", "control-id": "cis_rhel10_6-3.3.22", "description": "No notes for control-id 6.3.3.22.", "props": [ @@ -7922,7 +7898,7 @@ ] }, { - "uuid": "249cf0b3-e0be-46c0-80a3-46961d86d731", + "uuid": "22d594bb-c21e-4d4c-a815-7ed38269e8fe", "control-id": "cis_rhel10_6-3.3.23", "description": "No notes for control-id 6.3.3.23.", "props": [ @@ -7944,7 +7920,7 @@ ] }, { - "uuid": "54c04cf0-3081-4ad1-9d03-3666405fcfd8", + "uuid": "6ff3673d-48bd-48c2-b9b2-65572a8ab102", "control-id": "cis_rhel10_6-3.3.24", "description": "No notes for control-id 6.3.3.24.", "props": [ @@ -7966,7 +7942,7 @@ ] }, { - "uuid": "4afc11c6-0ab0-4103-bca1-18c20c5d5076", + "uuid": "e9422903-7697-4efb-b78d-b8a846ffe628", "control-id": "cis_rhel10_6-3.3.25", "description": "No notes for control-id 6.3.3.25.", "props": [ @@ -7993,7 +7969,7 @@ ] }, { - "uuid": "00206bc7-1bb6-4c89-9687-199982c9fef5", + "uuid": "866914e6-7221-4001-b860-385d23714f13", "control-id": "cis_rhel10_6-3.3.26", "description": "No notes for control-id 6.3.3.26.", "props": [ @@ -8015,7 +7991,7 @@ ] }, { - "uuid": "21496cc4-f054-4d5e-ba7f-3d27303bbb63", + "uuid": "6287c788-dcbb-466e-974b-0b2772d4c1b2", "control-id": "cis_rhel10_6-3.3.27", "description": "No notes for control-id 6.3.3.27.", "props": [ @@ -8032,7 +8008,7 @@ ] }, { - "uuid": "af071812-2f62-4b21-9571-e0df93b280eb", + "uuid": "f8742c1a-f953-4081-bd1b-68ae74ba4396", "control-id": "cis_rhel10_6-3.3.28", "description": "No notes for control-id 6.3.3.28.", "props": [ @@ -8049,7 +8025,7 @@ ] }, { - "uuid": "58ef4f46-6942-49d0-a034-cddb9abb2580", + "uuid": "d450dab2-8377-4ef3-8771-a2125a5a8d88", "control-id": "cis_rhel10_6-3.3.29", "description": "No notes for control-id 6.3.3.29.", "props": [ @@ -8066,7 +8042,7 @@ ] }, { - "uuid": "6c2bd459-47a3-4bfd-a6f2-aeca26a6f277", + "uuid": "a718ab9a-4982-4fce-980c-e4770ae07075", "control-id": "cis_rhel10_6-3.3.30", "description": "No notes for control-id 6.3.3.30.", "props": [ @@ -8083,7 +8059,7 @@ ] }, { - "uuid": "ac2c4a8f-7b56-4a79-887a-21f7c23026fe", + "uuid": "0ef73786-9cfd-4422-967d-83719ecccf71", "control-id": "cis_rhel10_6-3.3.31", "description": "No notes for control-id 6.3.3.31.", "props": [ @@ -8100,7 +8076,7 @@ ] }, { - "uuid": "843b2796-3679-4122-bb0c-1ff501aac2d4", + "uuid": "5e50763f-333a-4dd6-aa47-f95c7c351df1", "control-id": "cis_rhel10_6-3.3.32", "description": "No notes for control-id 6.3.3.32.", "props": [ @@ -8122,7 +8098,7 @@ ] }, { - "uuid": "76528cc9-bd71-474a-bae2-c8612a84e832", + "uuid": "ad4aa8c2-3d38-4583-8d6a-678b816a2898", "control-id": "cis_rhel10_6-3.3.33", "description": "No notes for control-id 6.3.3.33.", "props": [ @@ -8139,7 +8115,7 @@ ] }, { - "uuid": "22c39215-edbe-48c8-9123-4f1cd0b910a2", + "uuid": "d63865f0-e6f5-4342-837a-040a9a182969", "control-id": "cis_rhel10_6-3.3.34", "description": "No notes for control-id 6.3.3.34.", "props": [ @@ -8156,7 +8132,7 @@ ] }, { - "uuid": "7da68387-2d04-47e9-b6a0-b19f9f6f9465", + "uuid": "582ef8e0-5b3e-4afe-bb7b-98b9dd085158", "control-id": "cis_rhel10_6-3.3.35", "description": "No notes for control-id 6.3.3.35.", "props": [ @@ -8173,7 +8149,7 @@ ] }, { - "uuid": "f1e25532-cf4f-4857-bf5f-faf415b8e600", + "uuid": "e39b2e08-423a-4361-aef0-ab0365c3053a", "control-id": "cis_rhel10_6-3.3.36", "description": "No notes for control-id 6.3.3.36.", "props": [ @@ -8190,7 +8166,7 @@ ] }, { - "uuid": "9db48288-1030-4997-9f6d-22516fb1445b", + "uuid": "50175de0-8c67-454f-b085-d2c4b45cb191", "control-id": "cis_rhel10_6-3.3.37", "description": "The description for control-id cis_rhel10_6-3.3.37.", "props": [ @@ -8203,7 +8179,7 @@ ] }, { - "uuid": "c3fc56a2-d1a9-48f7-9857-bb124b6f8294", + "uuid": "232403d9-99dc-4c78-afea-3439ca43ca2a", "control-id": "cis_rhel10_6-3.4.1", "description": "No notes for control-id 6.3.4.1.", "props": [ @@ -8220,7 +8196,7 @@ ] }, { - "uuid": "0b7b02bb-27d1-4481-a01a-64aae530f69a", + "uuid": "7062778f-db38-4210-a1f1-5d41c263b503", "control-id": "cis_rhel10_6-3.4.2", "description": "No notes for control-id 6.3.4.2.", "props": [ @@ -8237,7 +8213,7 @@ ] }, { - "uuid": "21e16f61-eef0-43fe-9bda-11051ead1bc5", + "uuid": "fbdc9588-f801-4e58-a9dc-12110a9a38ef", "control-id": "cis_rhel10_6-3.4.3", "description": "No notes for control-id 6.3.4.3.", "props": [ @@ -8254,7 +8230,7 @@ ] }, { - "uuid": "5b7e1510-566b-47b1-b92b-ca5d93a14f2a", + "uuid": "9c609b9d-ff8c-43d3-b394-0e8f285fbcda", "control-id": "cis_rhel10_6-3.4.4", "description": "No notes for control-id 6.3.4.4.", "props": [ @@ -8271,7 +8247,7 @@ ] }, { - "uuid": "1878cb15-0365-4198-b3ec-4e1682285e5c", + "uuid": "d2583c4a-9709-4df4-b0e1-3ab52b2dc83d", "control-id": "cis_rhel10_6-3.4.5", "description": "No notes for control-id 6.3.4.5.", "props": [ @@ -8288,7 +8264,7 @@ ] }, { - "uuid": "9b6d84f5-fbe8-4fbf-b002-2b4572552899", + "uuid": "7b396b35-199d-472a-89c8-d8c4e821e289", "control-id": "cis_rhel10_6-3.4.6", "description": "No notes for control-id 6.3.4.6.", "props": [ @@ -8305,7 +8281,7 @@ ] }, { - "uuid": "809ad483-83e4-4ed1-9305-3e464fed6127", + "uuid": "b1b8dec4-9d33-4b0f-a44f-f8beb502d3ac", "control-id": "cis_rhel10_6-3.4.7", "description": "No notes for control-id 6.3.4.7.", "props": [ @@ -8322,7 +8298,7 @@ ] }, { - "uuid": "4e9d7cbd-ad70-4200-9691-3e349cb36861", + "uuid": "0efc1945-b406-4638-9e40-86fe64faad77", "control-id": "cis_rhel10_6-3.4.8", "description": "No notes for control-id 6.3.4.8.", "props": [ @@ -8339,7 +8315,7 @@ ] }, { - "uuid": "2110efde-df84-4069-b2b3-430f0399c51b", + "uuid": "12af5a31-c377-4c98-ab0c-8d8e695f04ce", "control-id": "cis_rhel10_6-3.4.9", "description": "No notes for control-id 6.3.4.9.", "props": [ @@ -8356,7 +8332,7 @@ ] }, { - "uuid": "fd01bbee-3315-4941-9379-bfbe3820009f", + "uuid": "f323fc9a-fd92-4077-8334-8958b264bab3", "control-id": "cis_rhel10_6-3.4.10", "description": "No notes for control-id 6.3.4.10.", "props": [ @@ -8373,7 +8349,7 @@ ] }, { - "uuid": "0ca5117d-05c5-48e0-87b3-999b14389272", + "uuid": "f81cfdf8-35ba-4233-916c-c663915fc110", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -8390,7 +8366,7 @@ ] }, { - "uuid": "886bcdf3-9973-439c-95a3-6ed541e8b7b9", + "uuid": "fc93dd57-26d5-477d-8066-8b6e722e8cd4", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -8407,7 +8383,7 @@ ] }, { - "uuid": "2da95d79-d726-44cd-9cd5-c29bb2ff4304", + "uuid": "78baae12-98c6-4728-8299-846589b5b16b", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -8424,7 +8400,7 @@ ] }, { - "uuid": "58fab43d-799c-4bf1-b752-1ba404c83ad4", + "uuid": "1b03c78a-9596-455e-bb18-9655c2c48557", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -8441,7 +8417,7 @@ ] }, { - "uuid": "a645d0b8-4523-4790-8c44-28ed16f5e990", + "uuid": "132333f5-6313-43b0-aa04-562a022ddd65", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -8458,7 +8434,7 @@ ] }, { - "uuid": "8fa2fc17-f28a-4c1e-89cd-3eb404aab7f0", + "uuid": "1fe3470e-599a-4356-a22e-14641a8cd836", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -8475,7 +8451,7 @@ ] }, { - "uuid": "6546863a-bf79-47b1-a67a-16a3462b0863", + "uuid": "e836e676-ab74-4d3a-bf9c-83bbbfb4bbe4", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -8488,7 +8464,7 @@ ] }, { - "uuid": "1a8cfe80-90eb-4c18-8e45-1fbfb2ad1e40", + "uuid": "e560a5d6-dbb3-45e0-bb39-edd7b126c8f9", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -8505,7 +8481,7 @@ ] }, { - "uuid": "47454aed-d623-4361-91f0-1092d2c66011", + "uuid": "fe84b28a-cbcd-4f67-93bd-a0cfb0fdfcc7", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -8522,7 +8498,7 @@ ] }, { - "uuid": "7035d8de-d770-451a-ac98-f7689c38d127", + "uuid": "d6f8ce6a-fdd0-4747-860a-519f25e20ca4", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -8539,7 +8515,7 @@ ] }, { - "uuid": "48fbcaa3-5eb0-40d8-8a90-4b5bfbe638f3", + "uuid": "460252cc-2b30-4ac2-a5e4-0d8ecda66c7d", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -8556,7 +8532,7 @@ ] }, { - "uuid": "3858a098-d817-4dec-a2bb-dec6a15374b4", + "uuid": "664ebbf5-4d0c-42c5-b1d1-aa15187da1b4", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -8573,7 +8549,7 @@ ] }, { - "uuid": "92701be7-e993-4628-bb80-b10aaf7387fa", + "uuid": "fec6f81a-368c-4fa0-a9c8-60770986d372", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -8590,7 +8566,7 @@ ] }, { - "uuid": "7d83b373-4460-489f-8cd4-c9c7e251e6fc", + "uuid": "2ad5cece-a881-4d5c-9fd8-97d09d6c5fc6", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -8607,7 +8583,7 @@ ] }, { - "uuid": "8f86b0e3-eb86-430d-8379-8cd20e14a854", + "uuid": "bd6eb132-1a55-4e76-943c-35b7eced0762", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -8624,7 +8600,7 @@ ] }, { - "uuid": "87e6a761-2e55-4f27-8d98-d43ad8f777dd", + "uuid": "11d75670-63f2-4d10-adb8-5cb7362798b7", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -8641,7 +8617,7 @@ ] }, { - "uuid": "1d4545c8-2007-42ca-8b49-1a3ae1bd8dca", + "uuid": "d941dfbd-22a0-4edb-b7e3-3af2b9132028", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -8658,7 +8634,7 @@ ] }, { - "uuid": "e39dd72b-b6f3-4c34-9921-853e19e14bbb", + "uuid": "ad6440c9-a110-4a3e-8623-0251d4749cb4", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -8675,7 +8651,7 @@ ] }, { - "uuid": "9e1b6707-7b44-4654-a5a0-bb218e588b8d", + "uuid": "06152479-423d-4e7f-9656-ded19efc468a", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -8692,7 +8668,7 @@ ] }, { - "uuid": "55f73c5d-c7ec-4929-b65c-016e5031de47", + "uuid": "80428340-e6b3-4c58-9aec-8d252f22d0dc", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -8709,7 +8685,7 @@ ] }, { - "uuid": "08a60ece-3f53-42b9-9e28-885d83ec539a", + "uuid": "5ff4c29f-50eb-4977-b7dd-8a3a8988bded", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -8726,7 +8702,7 @@ ] }, { - "uuid": "7b84ba40-1b83-4695-a4f3-b350b3552cc6", + "uuid": "f4770551-ce06-4ac4-92bd-befdf95e8e50", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -8743,7 +8719,7 @@ ] }, { - "uuid": "1e31c8e1-4387-4ce2-8ae4-ba673a1f3199", + "uuid": "def25e36-3890-4a9b-94b8-3f0f34735080", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -8760,7 +8736,7 @@ ] }, { - "uuid": "54804716-55fa-466b-a0d5-3ca4245eb2a8", + "uuid": "136460ff-0c1e-49f9-bcce-43ce4f90b3cf", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -8777,7 +8753,7 @@ ] }, { - "uuid": "c7ae7a9f-9367-44fd-8475-ee563f70d040", + "uuid": "99250b50-3599-4b1b-b349-36b4b5c0fdc2", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -8794,7 +8770,7 @@ ] }, { - "uuid": "79c464da-24f2-400c-b184-9ee4fe0ef10a", + "uuid": "2c2cd1e8-bcc1-441b-be73-2b81c3d5d008", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -8811,7 +8787,7 @@ ] }, { - "uuid": "5f454521-d934-4893-9a5f-e0364e42a0ed", + "uuid": "83ba4f3d-707c-4866-80bc-72d3cbdf06b6", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -8828,7 +8804,7 @@ ] }, { - "uuid": "7048709e-18b1-4c1d-baaf-45d4cbb0b154", + "uuid": "1a31ceb3-80ac-4358-a956-f6722264abc0", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -8845,7 +8821,7 @@ ] }, { - "uuid": "e3059ab2-3639-472d-83bd-ea53e3f71dca", + "uuid": "be87d7de-b920-4cd0-b843-c9004aea90ec", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -8858,7 +8834,7 @@ ] }, { - "uuid": "12114ac0-8e6c-48f6-bca2-2fe55bc216d6", + "uuid": "5a592e89-7ee3-42b9-9843-8fe90157f5e0", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -8875,7 +8851,7 @@ ] }, { - "uuid": "108309c6-dc79-4f97-979f-65073cd748d9", + "uuid": "ab92a7ac-5c42-4104-948a-6482b912d6a9", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -8888,7 +8864,7 @@ ] }, { - "uuid": "f4d53f2c-6668-47dc-bcbb-069591eca5ff", + "uuid": "1e4b3535-a795-4cc2-9108-eee77ece2a31", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -8901,7 +8877,7 @@ ] }, { - "uuid": "95b89fff-1d0d-4f2b-8637-a7444c0f7d6c", + "uuid": "892613ea-6ffb-4435-8259-d6b13035dba4", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -8918,7 +8894,7 @@ ] }, { - "uuid": "c2210c87-e95a-40c4-991d-4d593f3acc55", + "uuid": "3bb0f934-1798-4b09-8a3d-f0252015f306", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -8935,7 +8911,7 @@ ] }, { - "uuid": "d43f1a38-e523-4230-aa77-d0b11c7b95a4", + "uuid": "28e2a24e-74e3-41b0-95d3-37f194c94242", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -8952,7 +8928,7 @@ ] }, { - "uuid": "e66b1687-a0e9-4b6d-830a-4c7f60f5d7ee", + "uuid": "1d5d4668-0361-4ef6-ac8d-94fb492fc3d0", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -8969,7 +8945,7 @@ ] }, { - "uuid": "b709d7d8-6da3-4ee7-b0d3-28dce195f18a", + "uuid": "b24e289f-227b-4f75-b06b-58127051fb61", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -8986,7 +8962,7 @@ ] }, { - "uuid": "f9aad468-92ad-4d35-9c59-11ce16ca3861", + "uuid": "17309c5a-a6d7-4bd0-adab-a66b3e62ca43", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -9003,50 +8979,34 @@ ] }, { - "uuid": "308a7cbf-d3c6-4538-ab44-267954b21d74", + "uuid": "3a82a405-d5fa-464b-abe7-e2f52f8592cb", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "1b7d2b84-a11b-4db4-b26b-e00329faaa52", + "uuid": "3158c8bb-938a-4052-ac0d-53f23e06938c", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -9063,7 +9023,7 @@ ] }, { - "uuid": "84d1948d-d375-4b20-9f13-4603a45bc53e", + "uuid": "b515f4b0-7c30-4b75-9e32-9cffaf52be13", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -9080,7 +9040,7 @@ ] }, { - "uuid": "c8aa3af2-84b9-4344-a415-3122cef83386", + "uuid": "ce204994-a9e5-4eb7-a944-07328eaf135f", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -9097,7 +9057,7 @@ ] }, { - "uuid": "efbe2879-4102-4b3b-ba53-c578e3004c3e", + "uuid": "701d4c8d-926a-4a93-b605-a27b42c85634", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -9114,7 +9074,7 @@ ] }, { - "uuid": "4d332ccc-d1a0-438a-b65c-8941ea746f3a", + "uuid": "cbdb0360-bbf5-4527-bc59-25f63a9db18e", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -9131,7 +9091,7 @@ ] }, { - "uuid": "b1af54f0-a2ff-4867-9217-d64861ced93a", + "uuid": "cc586618-0cda-4cdf-884d-8344770cba9a", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -9148,7 +9108,7 @@ ] }, { - "uuid": "64fa6c73-48f0-4b85-9010-fbf0d32e52a3", + "uuid": "e9ec9d46-1372-4949-89b8-62af98fa7695", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -9165,7 +9125,7 @@ ] }, { - "uuid": "63bde298-b452-4566-875a-0c485c907896", + "uuid": "57f96b6f-adb3-42e5-bb02-a52b8ce4376e", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -9182,7 +9142,7 @@ ] }, { - "uuid": "70c9661b-dcc0-4ecc-8d27-89f4583e3037", + "uuid": "94dde0b1-79ad-4672-92d9-77bf10f25768", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -9199,7 +9159,7 @@ ] }, { - "uuid": "3ef36ca6-eca2-48e7-a0b9-a975a7b1c9b0", + "uuid": "0b11035c-4850-4f7b-ae76-6e17104f4453", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -9216,7 +9176,7 @@ ] }, { - "uuid": "7bf2be69-8f7c-48d1-afae-487f785360db", + "uuid": "3a355e3d-e26f-4742-8c4d-cfe04beeb9de", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -9233,7 +9193,7 @@ ] }, { - "uuid": "fa8126d6-e534-4417-98b0-0d3ed032828b", + "uuid": "85590288-5fb0-40ee-abad-890b7d5fae5e", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -9250,7 +9210,7 @@ ] }, { - "uuid": "aad019aa-477b-4e66-a9a2-a69a82783f9c", + "uuid": "42d92b38-fcac-4efa-9a5c-999af44f1eae", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -9267,7 +9227,7 @@ ] }, { - "uuid": "697a30ca-ea46-40b6-b8f9-a952e209fe25", + "uuid": "30aadcf7-b5c0-48e2-b666-7c9c964f459f", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -9284,7 +9244,7 @@ ] }, { - "uuid": "4aed5a47-2926-4a9d-82a9-3f8caf376b22", + "uuid": "b1021239-dbc8-4d66-8c26-fbe5baad49b0", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -9301,7 +9261,7 @@ ] }, { - "uuid": "b5c1232c-8f4b-49c4-ac3f-f22eed2ed2c7", + "uuid": "9ee2badf-ccb0-4004-acb2-2d87ea23ff2d", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -9318,7 +9278,7 @@ ] }, { - "uuid": "d12c3260-66b2-46c0-b247-3ad73c0ae4a5", + "uuid": "4e05593d-45d8-4d05-bcb6-91ed0868a4c0", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -9345,7 +9305,7 @@ ] }, { - "uuid": "3420f41b-314d-4e93-9bbd-61e5b922bbcf", + "uuid": "dd23d643-2862-4ef1-ba0f-5265925b40bc", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -9372,7 +9332,7 @@ ] }, { - "uuid": "0e1e3ddc-dd47-4ecb-b21b-d1e57d1fefec", + "uuid": "b3ad0726-59c6-4233-86bd-e4c67db948d2", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -9399,7 +9359,7 @@ ] }, { - "uuid": "57942125-1821-4101-9d03-670504f66fae", + "uuid": "761aa95a-b9e0-4946-9302-ad833b534886", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -9421,7 +9381,7 @@ ] }, { - "uuid": "ef3b6d23-29d5-421f-9e44-2c78f4fac1c5", + "uuid": "9a6557c3-b6de-4967-9fbe-58fe8f01a972", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -9438,7 +9398,7 @@ ] }, { - "uuid": "108601b1-acf8-40bd-8594-9a163d14d720", + "uuid": "84e22083-3ddf-42c2-b5df-661a260450de", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -9470,7 +9430,7 @@ ] }, { - "uuid": "fc9263a0-256b-42ca-bc52-54bd2017a493", + "uuid": "c7e3dab0-6c44-42d3-956e-0c6576defbb3", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -9487,7 +9447,7 @@ ] }, { - "uuid": "31aebc3f-471b-4ce6-aea0-327e9362f988", + "uuid": "29b00cd8-dc66-4f62-a1d0-54a5f7a7b068", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -9504,7 +9464,7 @@ ] }, { - "uuid": "82308030-117b-4de4-b422-66854f07f0ee", + "uuid": "deb66cc8-15a6-4e3a-9551-74b85335dd2e", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -9521,7 +9481,7 @@ ] }, { - "uuid": "075ad1b5-3327-452f-9858-df618b741713", + "uuid": "a9e72dd3-c3a6-4dd7-927a-477bb3431332", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -9538,7 +9498,7 @@ ] }, { - "uuid": "d378d09b-f164-4f60-8f8d-40e9413b3c18", + "uuid": "1e581f8c-5b6e-4707-9198-969707db9db7", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -9555,7 +9515,7 @@ ] }, { - "uuid": "8bc2af46-8f87-4069-b825-83c6fafe8c17", + "uuid": "64bc5cd9-5005-441a-8d69-2de92034fd16", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -9577,7 +9537,7 @@ ] }, { - "uuid": "707f216f-aad3-4368-83ef-2c74026b91eb", + "uuid": "dfb65681-41c0-4b62-9e89-25aeaafc5876", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -9594,7 +9554,7 @@ ] }, { - "uuid": "c4c6722b-1e7f-4232-8402-4d2f61b98291", + "uuid": "208757a7-480f-45d0-a8f7-d4889786f08c", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -9611,7 +9571,7 @@ ] }, { - "uuid": "a0f262c7-7878-4e28-ba6a-0fdc84f036a4", + "uuid": "ed231620-8070-4d30-92b5-0c6901ae1e7c", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -9628,7 +9588,7 @@ ] }, { - "uuid": "285d4b5b-157c-440c-aa79-246a6809f992", + "uuid": "07d6eb2f-6792-43ae-8ee3-27cf91189b68", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -9645,7 +9605,7 @@ ] }, { - "uuid": "401a4911-d78b-43d1-857f-f73a4c2db19a", + "uuid": "03da5f70-51c2-4b59-a042-e673a384c380", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -9662,7 +9622,7 @@ ] }, { - "uuid": "16dd149c-ed36-464c-845f-1bbdbe4d7cda", + "uuid": "10ed0a96-c034-4ed9-a522-87c9f6d5d87e", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -9679,7 +9639,7 @@ ] }, { - "uuid": "eaed0844-7a2f-4a77-867e-23b7cdbadbc6", + "uuid": "c26ad8ef-1525-4d22-8de0-59218ef4d36e", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -9696,7 +9656,7 @@ ] }, { - "uuid": "b6652023-d079-46b3-a838-6f3ff384c468", + "uuid": "fe8d3dcb-8bb9-4e0e-af79-4fc1b257f8f5", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -9713,7 +9673,7 @@ ] }, { - "uuid": "a543c6ef-22a3-4fd2-89ec-ec75e322a4ef", + "uuid": "3afbd56d-8a13-44d1-95c8-1f2916ff3643", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -9735,7 +9695,7 @@ ] }, { - "uuid": "b41c81d3-d47d-4fb2-832c-a137b48cc2bc", + "uuid": "caef9f1e-72a1-4e3b-9692-1d5af948fd25", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -9757,7 +9717,7 @@ ] }, { - "uuid": "16ee730c-ceec-4a37-a080-08480be1c532", + "uuid": "7740fcbd-be26-417f-84f8-40540c5f9c3f", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -9770,7 +9730,7 @@ ] }, { - "uuid": "44a79a30-77e8-492e-9187-eaafb47c0646", + "uuid": "fe123e84-d115-4391-b523-fdbf50013ef8", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -9787,7 +9747,7 @@ ] }, { - "uuid": "d9cfa103-e47d-4404-9616-82d59c8314c4", + "uuid": "2c571e22-2625-4d03-9d88-443a70e5cd9b", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -9804,7 +9764,7 @@ ] }, { - "uuid": "ab4230c9-fe83-4917-b00c-ac24a03ee816", + "uuid": "f5463044-bd3c-4540-bdb6-03267f796a3d", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -9821,7 +9781,7 @@ ] }, { - "uuid": "adccb0fb-1da4-4246-a686-4e1b3b3911f1", + "uuid": "6ea12cad-0fe6-47ac-8815-aca4242c0282", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -9833,7 +9793,7 @@ ] }, { - "uuid": "b7a86627-a8ea-48a4-b885-5cdbda814f03", + "uuid": "4bdf4ce0-a607-4a21-b029-7a1dff74dc89", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -9850,7 +9810,7 @@ ] }, { - "uuid": "1050ceb5-878f-4255-b256-e9104ff6da06", + "uuid": "74495562-cf79-42be-8823-63c25afa5f5e", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -9867,7 +9827,7 @@ ] }, { - "uuid": "c169aa67-9c0a-4aec-895c-690d976b1c1b", + "uuid": "37b53457-69f6-400c-8431-40efd5ae73b6", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -9889,7 +9849,7 @@ ] }, { - "uuid": "fcf8bde9-1c50-46da-bc65-d680a2826efa", + "uuid": "d538ad37-fafc-4a43-bf72-becc38d32eed", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -9916,7 +9876,7 @@ ] }, { - "uuid": "9077cc6a-419d-4c40-90fb-eed267288370", + "uuid": "a8a32794-03ca-469b-8395-36f48f43b0f2", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -9943,7 +9903,7 @@ ] }, { - "uuid": "761ee774-478d-42db-b0e7-505796082e71", + "uuid": "f16795cd-7e1d-4129-a02e-4c7a5af12be3", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -9970,7 +9930,7 @@ ] }, { - "uuid": "5f409cc4-55ba-4c74-bd70-5f81fe9ff7af", + "uuid": "2aab8db7-ed2d-4510-a1f3-55f92491ff0b", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -9997,7 +9957,7 @@ ] }, { - "uuid": "747faf5a-1634-4f57-b290-7bd1d7fce861", + "uuid": "83877928-9093-49cf-9146-77a28028d501", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -10024,7 +9984,7 @@ ] }, { - "uuid": "e6ed8c95-2805-401b-b32f-b0fc4e895b33", + "uuid": "b0ded74f-1629-4562-8ed5-c95e10c6b3bb", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -10051,7 +10011,7 @@ ] }, { - "uuid": "9e00f998-fdaa-4c08-9a1f-d8a94e7ce0f2", + "uuid": "d61835ff-f412-45ae-a7a5-4f2a1d2a4d0d", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -10078,7 +10038,7 @@ ] }, { - "uuid": "bc0ee78c-e3ba-4430-8029-1857e6b89516", + "uuid": "a931acac-f292-4815-b90c-d0a618983c48", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -10115,7 +10075,7 @@ ] }, { - "uuid": "d5cfc9d5-337e-45ce-863d-71b1ceb9704f", + "uuid": "dd43d3ec-1f25-4912-8fa6-483f80a39be0", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -10152,7 +10112,7 @@ ] }, { - "uuid": "8671e08b-39bc-40e0-b10c-907b11113263", + "uuid": "e7d0a257-b6d8-464e-8ea5-04c34dd30974", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -10165,7 +10125,7 @@ ] }, { - "uuid": "bcacf0c5-59b8-4a09-aa59-c7665396210c", + "uuid": "e0e9ec00-bbd5-42ba-a802-6b9334bcb880", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -10182,7 +10142,7 @@ ] }, { - "uuid": "f0548128-c0fa-4ac8-b51a-22c6ad03bddf", + "uuid": "188f975b-b604-47ca-8325-a8e38893317c", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -10199,7 +10159,7 @@ ] }, { - "uuid": "d4cb662d-c676-4a92-a1d0-9280bf79c47e", + "uuid": "ef0af3c3-f49c-4348-a4a8-9f20d25f1fd7", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -10216,7 +10176,7 @@ ] }, { - "uuid": "40ca9560-5d41-4e5c-922e-2a077e613e62", + "uuid": "90ec0d03-b19d-47ef-bfa0-65a88d2cc2c8", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -10233,7 +10193,7 @@ ] }, { - "uuid": "adb60164-c127-4531-8754-0fdb28c1c012", + "uuid": "2a880cd2-a538-4a0a-925a-18b63cae1214", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -10250,7 +10210,7 @@ ] }, { - "uuid": "c281b290-b620-4cc4-b81e-d077309d1147", + "uuid": "48ac643c-36d2-4027-8ab9-822767e60681", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -10267,7 +10227,7 @@ ] }, { - "uuid": "ca9f8b2e-6381-45cf-87cb-01bafca7f094", + "uuid": "63aeb5e7-26ce-41b4-83c4-e44010939cef", "control-id": "cis_rhel10_3-3.1.1", "description": "No notes for control-id 3.3.1.1.", "props": [ @@ -10284,7 +10244,7 @@ ] }, { - "uuid": "2cba13d1-e435-4206-b2a3-8be183fc85ae", + "uuid": "1f805978-b381-4efa-b2a1-212c6e61add4", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -10301,7 +10261,7 @@ ] }, { - "uuid": "c9658fe2-be28-478b-a010-4592a223062f", + "uuid": "d4a0e98f-dfaa-4571-ac9e-d2b75aa3780c", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -10318,7 +10278,7 @@ ] }, { - "uuid": "bf1cf98e-0465-4ed7-9b35-c9f87e2e1f31", + "uuid": "f11963b7-b8a1-4194-9eed-eb6f2490aca2", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -10335,7 +10295,7 @@ ] }, { - "uuid": "57bd4bd1-de22-4af5-a79b-f564003f7f01", + "uuid": "6936f28e-9076-40ec-bc6f-e9aa3c7cc976", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -10352,7 +10312,7 @@ ] }, { - "uuid": "85cdd2ce-0df4-489c-b5b8-82bdfbae9ef6", + "uuid": "d537ef4c-439c-4338-9b9b-e039f277fcfc", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -10369,7 +10329,7 @@ ] }, { - "uuid": "5ebad471-0471-461f-817e-c869bb90314a", + "uuid": "b965608d-d36a-4c3f-8205-1e1e99d5565f", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -10386,7 +10346,7 @@ ] }, { - "uuid": "2276df0b-4a91-4715-bcfb-262362316e26", + "uuid": "0205eebe-5e7b-42ff-8966-ee407ff10c2f", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -10403,7 +10363,7 @@ ] }, { - "uuid": "2d35e034-0994-4b00-a7d5-4a1c8b5d3cd7", + "uuid": "b257d56a-7ccf-451f-8c77-037f7d4044b7", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -10420,7 +10380,7 @@ ] }, { - "uuid": "cab742ee-018b-4891-aa01-718c2d29e08b", + "uuid": "dcdcb003-5f0c-4305-92a6-462830969117", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -10437,7 +10397,7 @@ ] }, { - "uuid": "6fcb93ac-9b64-4f4f-bfbf-716cf59c4c28", + "uuid": "aca469cb-0903-405b-be81-7d929ba02a31", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -10454,7 +10414,7 @@ ] }, { - "uuid": "b41a1259-eb45-4d11-a5f4-5a35f58bacc8", + "uuid": "91ec7d19-20da-4fbf-9779-2f09c1f8d8ab", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -10471,7 +10431,7 @@ ] }, { - "uuid": "133b0a3c-d1f0-482f-a6ff-7a649269da23", + "uuid": "0287e0a7-32d1-4489-b34e-58fcd35a1ac9", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -10488,7 +10448,7 @@ ] }, { - "uuid": "dfe64292-e0a4-45cc-b8bc-baad7afd4843", + "uuid": "8ebe2fe5-38b9-4aab-8a58-3d755621d149", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -10505,7 +10465,7 @@ ] }, { - "uuid": "af9fd1c6-19cb-4881-b145-43bf3654852f", + "uuid": "1778800c-6de7-4756-ac9e-440db79336ac", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -10522,7 +10482,7 @@ ] }, { - "uuid": "515a3c51-b630-4458-9567-dd0d4baa61e8", + "uuid": "6f84ca6d-1461-49f5-bcb7-dce05897d91d", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -10539,7 +10499,7 @@ ] }, { - "uuid": "2453f1af-a278-464a-8457-c8b227aa2316", + "uuid": "bb73ef25-bbd3-4c1c-bc41-60fd1f7af4af", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -10556,7 +10516,7 @@ ] }, { - "uuid": "d3aff5fc-2dee-468e-9b01-af26503fc73f", + "uuid": "f4cc4978-bd98-4e5e-a244-67c043e208df", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -10573,7 +10533,7 @@ ] }, { - "uuid": "2d700697-a408-4c18-a7cc-b94528219ab5", + "uuid": "dbf64f98-925e-41dd-97e7-d871ac914ace", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -10590,7 +10550,7 @@ ] }, { - "uuid": "73c9c5f5-8b6a-4763-9ee9-f8909aef5ad3", + "uuid": "b75bcd81-d296-46c9-bef1-3843f5913287", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -10607,7 +10567,7 @@ ] }, { - "uuid": "eef4c8b3-53a0-429a-8ebf-e773aef07c2e", + "uuid": "3865ecb8-b019-46cc-addb-0af8c6b81181", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -10624,7 +10584,7 @@ ] }, { - "uuid": "d9c30c3b-f975-41d4-a784-d6b0145d4b72", + "uuid": "c9d66749-fb37-4000-b1de-dfc2771f318c", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -10641,7 +10601,7 @@ ] }, { - "uuid": "e1354663-8090-4ab4-8b8e-7e872ee09bed", + "uuid": "a838557f-13f5-4076-bb00-e02513ec9935", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -10658,7 +10618,7 @@ ] }, { - "uuid": "6dfdfb24-ca2c-42aa-8b1e-b5de358724f5", + "uuid": "6524d52b-ba80-4ab5-958c-72ae722ccce0", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -10675,7 +10635,7 @@ ] }, { - "uuid": "4db9e95c-60f6-4b5c-a917-f32d88a8e8e5", + "uuid": "bb5c76f0-06d4-4df1-becf-9cd3cfc484a6", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -10692,7 +10652,7 @@ ] }, { - "uuid": "f594abc3-6336-43c2-a62a-4b9df01f2920", + "uuid": "c250675f-517b-4673-b511-a04948d53f27", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -10709,7 +10669,7 @@ ] }, { - "uuid": "4f999a20-a066-4100-b37a-e41966777bce", + "uuid": "7ddcd73d-288f-4f44-a9f1-9d67513adba2", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -10726,7 +10686,7 @@ ] }, { - "uuid": "117d982a-c5ff-4a97-a7bf-c6a5ed2e5e85", + "uuid": "aa25cfd5-c394-4955-a1f6-fb22c0111b43", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -10743,7 +10703,7 @@ ] }, { - "uuid": "ae1c1dc9-d49d-4e8d-9dab-a58d24ab03a1", + "uuid": "3e00b1cf-7600-46d5-ba22-0abe97b63a2e", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -10760,7 +10720,7 @@ ] }, { - "uuid": "58cf32df-0546-4eee-a8ea-2c844117639d", + "uuid": "58eb1e37-d516-4c4e-ac68-f742318be435", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -10768,12 +10728,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "c88d6203-578f-41f3-bcf8-ff433508791a", + "uuid": "b97b44aa-d3a3-44f8-ac32-6a74036dddf2", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -10790,7 +10750,7 @@ ] }, { - "uuid": "3c7f7b86-baf8-460c-be9a-1a02981ea731", + "uuid": "6f486d01-2e43-4eb6-a21a-5ec8191662b4", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -10803,7 +10763,7 @@ ] }, { - "uuid": "2fab3c3b-df55-4537-8703-0e75d13f5cae", + "uuid": "7bc4ecfb-0072-45b9-b43d-187557bc07c5", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -10816,7 +10776,7 @@ ] }, { - "uuid": "bd2a5e34-526c-4920-af59-98a92bebd155", + "uuid": "5031d055-d5f9-4540-94ce-19672e26d16d", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -10873,7 +10833,7 @@ ] }, { - "uuid": "512e586b-6398-415f-9179-7efa3c92878e", + "uuid": "14b5ab85-a60d-4067-99d5-ccd0049feccc", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -10900,7 +10860,7 @@ ] }, { - "uuid": "71d95675-1736-4146-9592-74c91f7a4d2e", + "uuid": "190d6a17-8ee8-4937-8546-ff54f8e9c9c1", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -10927,7 +10887,7 @@ ] }, { - "uuid": "f8d64641-fcda-44b2-ad1d-6666e54ee8c9", + "uuid": "5eb29b01-44fa-4a04-8748-b333dfe232d7", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -10944,7 +10904,7 @@ ] }, { - "uuid": "7f1bc58f-9348-4779-b5eb-3a0e2694c669", + "uuid": "f87cc9dd-7cc3-4ff3-846d-834bd3a95f59", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -10961,7 +10921,7 @@ ] }, { - "uuid": "3d78e879-601b-4b2c-ba95-8b10c07d17b3", + "uuid": "67e55de1-7259-4c2c-8772-6d191beb8629", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -10978,7 +10938,7 @@ ] }, { - "uuid": "dc4c1e22-8287-4e27-ba07-084f7008ddbc", + "uuid": "aa149cb5-4e1d-4b45-b508-ccc85e9a3637", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -11000,7 +10960,7 @@ ] }, { - "uuid": "8ac7b569-e789-4053-af68-9604f0cf220c", + "uuid": "6a703b17-7d37-43ce-afd0-4f51e3b8eadb", "control-id": "cis_rhel10_5-1.8", "description": "No notes for control-id 5.1.8.", "props": [ @@ -11017,7 +10977,7 @@ ] }, { - "uuid": "2ac693b9-af2e-4ee7-83bd-37f00b0d2e12", + "uuid": "eb62e1a6-bd49-4994-b708-bebd222f4736", "control-id": "cis_rhel10_5-1.9", "description": "No notes for control-id 5.1.9.", "props": [ @@ -11034,7 +10994,7 @@ ] }, { - "uuid": "04cf2947-7628-4ec9-861a-a451fdf78713", + "uuid": "5c5aaf62-616a-49a5-ab4f-0a91c38239fe", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -11051,7 +11011,7 @@ ] }, { - "uuid": "cd0bdf0e-9160-4907-a136-b2c1c3993ac3", + "uuid": "92239df3-e232-4b34-b932-c8d513f11bc3", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -11068,7 +11028,7 @@ ] }, { - "uuid": "76b5c37c-b8c2-489c-a6b4-da96f0a99780", + "uuid": "30fd9c41-dbb1-4a0e-a556-8717618016d9", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -11086,7 +11046,7 @@ ] }, { - "uuid": "c221da82-f486-4c1d-a0e4-91813f23212b", + "uuid": "430e6984-d3ca-481f-b9c3-c63f63c35568", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -11103,7 +11063,7 @@ ] }, { - "uuid": "72dda7f3-84c2-4707-a085-c3c0e05e8d77", + "uuid": "e539f1a8-49ea-4746-b1c0-152e3e0ec398", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -11120,7 +11080,7 @@ ] }, { - "uuid": "6ee55494-9c7a-4a56-ba10-679f162f5f82", + "uuid": "a858f92b-239f-4aad-a3b0-9a7b090a30dd", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -11137,7 +11097,7 @@ ] }, { - "uuid": "9b68414f-2df4-4868-b135-04c94fb28d0e", + "uuid": "6da93360-87f8-46e6-ac4e-057649ed4ef5", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -11154,7 +11114,7 @@ ] }, { - "uuid": "5f157c24-9b1d-4921-82b2-0bbb135b591b", + "uuid": "01d7dcc0-3dc8-43ac-816f-eb91c42a59d0", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -11171,7 +11131,7 @@ ] }, { - "uuid": "15e68d7e-146a-4423-8820-85a731d49dbc", + "uuid": "45946716-fe61-4b0a-8f50-78d169bf2729", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -11188,7 +11148,7 @@ ] }, { - "uuid": "72c14300-b321-4540-9ceb-32b437002f62", + "uuid": "e2e22640-355b-4d2d-b60e-c115ef5d1b4e", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -11205,7 +11165,7 @@ ] }, { - "uuid": "42f63fbc-17b9-45e2-be17-e139f42c4944", + "uuid": "0c805b68-0b03-4540-98da-688663c736ea", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -11222,7 +11182,7 @@ ] }, { - "uuid": "7ee9ff15-e237-46b0-b555-04b64901fc74", + "uuid": "eb8a49f3-d262-4c8a-93e5-18a5eed902b3", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -11239,7 +11199,7 @@ ] }, { - "uuid": "107da5db-c481-4555-9426-6546222728c4", + "uuid": "67b15bb1-cf91-4a9b-95e6-7600a8e1af7c", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -11256,7 +11216,7 @@ ] }, { - "uuid": "6406b6c7-c010-4483-967d-f74f7c0afdb4", + "uuid": "ccd40a03-3447-4126-9414-98bd86c7fb97", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -11273,7 +11233,7 @@ ] }, { - "uuid": "bef6ec56-6af2-48af-8cb7-06e2adfb461f", + "uuid": "4bb5e704-202c-4854-813a-1607d28bfd3c", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -11290,7 +11250,7 @@ ] }, { - "uuid": "554c6de8-82d0-4434-b630-9f47e80e5019", + "uuid": "1419267c-0f11-44a0-90f8-50dcbda503af", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -11307,7 +11267,7 @@ ] }, { - "uuid": "4f17b7e1-a242-4b29-89e2-9fdab6ef02b3", + "uuid": "76a5de61-0663-4895-b068-e59b51f1eb58", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -11324,7 +11284,7 @@ ] }, { - "uuid": "db0805e4-0374-4264-a739-1850d98a9dab", + "uuid": "d05528ab-934d-4628-abc2-96a5ff00b0e0", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -11341,7 +11301,7 @@ ] }, { - "uuid": "9f74821a-e1d9-4f8a-8e47-1e2ff32fb320", + "uuid": "b2a13e51-1116-4b80-91e8-aa662b23a07b", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -11363,7 +11323,7 @@ ] }, { - "uuid": "ad5ff379-13b5-43c4-b57f-7203867faa74", + "uuid": "c767a4fa-b758-4b11-a735-dd3709b220a6", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -11375,7 +11335,7 @@ ] }, { - "uuid": "22d036d8-6854-48f7-9281-689f16f80743", + "uuid": "c69d5f4a-b470-4be3-b9dd-12602c764860", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -11397,7 +11357,7 @@ ] }, { - "uuid": "44c5d9d9-6b71-48f2-83c9-92cf98fd136d", + "uuid": "eafacfdb-fe34-467b-9a8f-1dddc843a0b5", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -11424,7 +11384,7 @@ ] }, { - "uuid": "40aa340d-cd74-47d2-b44e-20a71620a4cc", + "uuid": "6bff53a2-ac78-4179-8f24-b71645a9912c", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -11436,7 +11396,7 @@ ] }, { - "uuid": "c1cb7606-91cb-4f5e-b2ec-55054a1faa3a", + "uuid": "35df5fc1-2f5c-49e2-a02b-c63d725b0b5c", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -11453,7 +11413,7 @@ ] }, { - "uuid": "5f52a1fa-602e-471d-8f4e-053ca69f06f2", + "uuid": "676f3828-d38a-4193-a2bd-7d99b170c666", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -11470,7 +11430,7 @@ ] }, { - "uuid": "94a3cb65-75d5-4326-a714-0c1a54fc9d9d", + "uuid": "4db97b10-2144-4b8a-bd48-326cd58365a1", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -11487,7 +11447,7 @@ ] }, { - "uuid": "8cb568cd-a8c6-4d95-bda1-f72414040506", + "uuid": "3dba092f-b6f4-4b5b-a793-0e28b36038c5", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -11504,7 +11464,7 @@ ] }, { - "uuid": "7f17464b-4238-40c1-8c61-7ab258d345b4", + "uuid": "9e4553ec-d7ec-4096-9e6a-3459b636f511", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -11521,7 +11481,7 @@ ] }, { - "uuid": "90986c00-9b63-4f88-a8f7-5275a64b686e", + "uuid": "2cd16901-ca08-4ca7-abad-e2aebeb66f80", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -11538,7 +11498,7 @@ ] }, { - "uuid": "d3616723-3cd8-4169-9905-cefd57c6c067", + "uuid": "eae5bf74-8622-4d9b-b5c5-2307bf508325", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -11555,7 +11515,7 @@ ] }, { - "uuid": "2377d544-bcc8-488d-8d97-7b7af9e10310", + "uuid": "8360c8b5-e540-4a5d-9027-85f5aa8f7910", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -11572,7 +11532,7 @@ ] }, { - "uuid": "ce72e40c-b4c1-4981-a558-564c825084dd", + "uuid": "de75838e-5086-4e2f-a33b-828f215839ac", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -11589,7 +11549,7 @@ ] }, { - "uuid": "d39d20b1-9d57-460f-8053-a95eab110fe6", + "uuid": "bf985752-98b2-40ea-9c98-3e12645c76e6", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -11606,7 +11566,7 @@ ] }, { - "uuid": "c1908f0f-bbab-436b-927d-bceb7c19a19d", + "uuid": "671954f6-ae40-402c-987b-6e8101289724", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -11628,7 +11588,7 @@ ] }, { - "uuid": "88cea1fc-e606-49d2-af9a-355c73eaa783", + "uuid": "a0bd79c9-ba98-4ea4-8158-64bb427685b7", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -11645,7 +11605,7 @@ ] }, { - "uuid": "e62bd90c-eed7-4ea9-9b3b-7b5ec5b0b659", + "uuid": "8885dbe2-a50a-49fb-9fc8-2fc776e15927", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -11662,7 +11622,7 @@ ] }, { - "uuid": "9ad2b1d2-8e40-4f74-a93c-feddcc9f8269", + "uuid": "4e4a4426-64ed-495f-aab7-961050db5944", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -11679,7 +11639,7 @@ ] }, { - "uuid": "a2912a0b-772c-4a52-b73c-00875a30c5eb", + "uuid": "d5e5ecc6-cb73-4bdb-93e8-f5b396d86fd9", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -11696,7 +11656,7 @@ ] }, { - "uuid": "5afe2999-1ae4-4298-9f3a-6ad7f4338a46", + "uuid": "21791b6d-971d-4eba-ad83-1cf45efc3182", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -11718,7 +11678,7 @@ ] }, { - "uuid": "f2e2b5ce-2fcf-4d6f-939e-f56757996595", + "uuid": "9f09d857-cec0-4477-a53f-d2d356f1e1fc", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -11735,7 +11695,7 @@ ] }, { - "uuid": "0d38d646-32c3-4508-be3a-520a7b1a0947", + "uuid": "dca859b0-6107-4a77-9d60-9fa4ed9ba89a", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -11757,7 +11717,7 @@ ] }, { - "uuid": "15bb2ba9-e6c7-4a25-a259-a12961330923", + "uuid": "6b89ff97-364a-4d2e-8f07-10f602abe40c", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -11779,20 +11739,15 @@ ] }, { - "uuid": "1daf5f73-b7dd-4077-b183-ef692e6c5d78", + "uuid": "7e7d0a1f-efdf-40a3-ad0e-b6d0aec19485", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -11801,7 +11756,7 @@ ] }, { - "uuid": "c543de2c-1ca3-4304-ac68-3794a72b3f69", + "uuid": "af876550-3d7b-46e3-ac47-a5249a785e84", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -11823,7 +11778,7 @@ ] }, { - "uuid": "3be158ef-fbc2-4b36-b4ba-329f2229659f", + "uuid": "f57b6088-b296-490e-9770-d13a6572a385", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -11840,7 +11795,7 @@ ] }, { - "uuid": "53d3d2ce-57f4-4b81-b67b-8d593a154325", + "uuid": "b6874491-6e01-481a-9079-d13b3cdddcd2", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -11857,7 +11812,7 @@ ] }, { - "uuid": "f84101fb-be46-42e3-8322-d05169ddb882", + "uuid": "7977657b-e83b-4c12-a14d-3c60c71c7a7f", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -11874,7 +11829,7 @@ ] }, { - "uuid": "4b081b7b-4cfd-497c-b144-a6736bfdb2fd", + "uuid": "d791519e-70b7-48c2-b727-237a05d95ae0", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -11891,7 +11846,7 @@ ] }, { - "uuid": "b0d053fe-3f63-46a2-be74-a71346f4c182", + "uuid": "e9933966-b1a8-4a95-8689-8fe567a26d9a", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -11908,7 +11863,7 @@ ] }, { - "uuid": "de5d1eb4-c0b0-47bd-b8cd-09334b221794", + "uuid": "d86a73d6-08f5-4d8b-b88b-2b1f4d9218f4", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -11930,7 +11885,7 @@ ] }, { - "uuid": "2ad275c9-3f3a-4eab-8945-617ecb1ddc76", + "uuid": "e271fe94-656b-4f7a-af1d-348395e377bd", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -11947,7 +11902,7 @@ ] }, { - "uuid": "f13193ac-683c-4ca1-b6d4-a7d05fd04360", + "uuid": "2beec9fc-d316-427f-a08d-7a9c01543375", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -11969,19 +11924,24 @@ ] }, { - "uuid": "383e809e-b8db-41de-aaf9-a7a767858c32", + "uuid": "12c18665-bc2f-43fe-adf0-7343aba76b23", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "02698b7d-8f35-4e13-9567-71ef27580831", + "uuid": "a94532bb-01c7-4565-af24-007e77349d29", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -11998,7 +11958,7 @@ ] }, { - "uuid": "dc0ca21c-ce93-4a59-a148-727e80c75d37", + "uuid": "0eb2fcdc-d5c2-4aea-a30a-076487fe76ac", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -12025,7 +11985,7 @@ ] }, { - "uuid": "85f1b92e-56cc-4ce1-9a40-95caa96a7870", + "uuid": "cb76a34f-0a51-4b3f-9ae7-a60d0da103d0", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -12047,7 +12007,7 @@ ] }, { - "uuid": "8622c603-0aa2-45cb-9723-4afc59ff9a90", + "uuid": "f8e9e40c-b796-4c59-b625-5d128fc53583", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -12064,7 +12024,7 @@ ] }, { - "uuid": "6d7bc32b-e1c6-43f1-b991-c6114d15a037", + "uuid": "ec3ce448-2740-43ad-9d79-ff79b11f6c74", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -12081,7 +12041,7 @@ ] }, { - "uuid": "de73d13a-ab9c-438a-a0d0-b6fe8061a5bf", + "uuid": "72d70d50-0772-4c20-bd26-563863a312ac", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -12098,7 +12058,7 @@ ] }, { - "uuid": "7b70888f-4356-4839-87db-27fe551c7ba7", + "uuid": "a1ab9395-58a4-4c36-b34a-38e81b8c53ab", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -12111,7 +12071,7 @@ ] }, { - "uuid": "ac7728de-3c92-4a0e-805b-62ae4d9a0bfc", + "uuid": "65b98fd7-91f1-429c-b90b-5038a5662c22", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -12124,20 +12084,24 @@ ] }, { - "uuid": "df9e5713-98c0-4919-82f9-5ea992f75314", + "uuid": "6d9649fe-1b4f-4613-89e6-44cb3d4390d9", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "8395fafd-121e-4e0f-b3bf-deaddda1bea2", + "uuid": "2ff5cf28-0f24-43b4-9777-842fc5a88f5b", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -12154,7 +12118,7 @@ ] }, { - "uuid": "6b26d4a6-bf39-4a17-8977-2f1fdaffbc62", + "uuid": "45cd954f-16b4-4035-bea4-13b102a6e2f0", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -12167,7 +12131,7 @@ ] }, { - "uuid": "1bc1d1af-483b-4860-9306-59a17710a878", + "uuid": "c3f6f9d3-98a9-474a-bfd1-2d2f5215d819", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -12184,7 +12148,7 @@ ] }, { - "uuid": "8d72c803-ea86-4eed-8340-db512e80eb6e", + "uuid": "39bc88fb-fc3e-486a-badd-118e2d31388a", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -12201,7 +12165,7 @@ ] }, { - "uuid": "3b3cd8e8-b988-4efd-900a-288cd1160b16", + "uuid": "aee3abd3-ab82-4fec-8d24-10bd8c1ee2b1", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -12218,7 +12182,7 @@ ] }, { - "uuid": "46ea7071-3b0b-4772-aad0-b784504dd47b", + "uuid": "9acd6719-d3c1-4d76-925f-004ddebb18e8", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -12235,7 +12199,7 @@ ] }, { - "uuid": "710f38a9-4b96-4cf9-b537-980662abf213", + "uuid": "df23dc57-901d-44bd-a60e-2c0bd2447705", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -12252,7 +12216,7 @@ ] }, { - "uuid": "04de016f-6adc-4853-9fea-3b328515c91d", + "uuid": "fee80e3a-bd2e-488a-bfb6-aa078e5c3037", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -12264,7 +12228,7 @@ ] }, { - "uuid": "ba8f6ef2-50d6-4891-a249-7b89a61e09f3", + "uuid": "16a409f6-2f4a-4f23-87fc-8e8eafd2f113", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -12276,7 +12240,7 @@ ] }, { - "uuid": "f2d88409-4b6d-4d44-b21c-394922950fff", + "uuid": "c218bbcf-2cc0-4ef4-a907-c5fb5d913eed", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -12288,7 +12252,7 @@ ] }, { - "uuid": "ed567dd5-0c56-4756-aaa6-a76ddd8aa0f7", + "uuid": "ba6cd376-8b09-4a8e-98f8-611044aae5ed", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -12300,7 +12264,7 @@ ] }, { - "uuid": "02db44a4-ee8f-44af-b429-3b0f94056460", + "uuid": "e02cf6ee-0c22-4ad5-95ee-afdead91be84", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -12313,7 +12277,7 @@ ] }, { - "uuid": "0c4b1503-a38b-4fc4-b2ae-05ff22c78042", + "uuid": "7592686c-cd94-4230-b6a2-7296157bb9d5", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -12326,7 +12290,7 @@ ] }, { - "uuid": "07564b83-c970-4b17-b9b0-55067964f082", + "uuid": "7e583ea1-1f7f-468e-9a32-1242636f995a", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -12338,7 +12302,7 @@ ] }, { - "uuid": "cb983ecd-753a-476c-9344-94397f9b0335", + "uuid": "1f8c7274-d084-49bd-8c3e-e650b90b4077", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -12351,7 +12315,7 @@ ] }, { - "uuid": "3eaea838-d220-40f9-8117-0e0c970004b0", + "uuid": "3a945b40-acd0-4a80-ad9f-b859b97e3d37", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -12378,7 +12342,7 @@ ] }, { - "uuid": "34874c95-ef15-4d39-9df0-3a41419040cc", + "uuid": "1658cfbb-99a1-4a83-aaa6-1ee814338db2", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -12405,7 +12369,7 @@ ] }, { - "uuid": "855bd722-7ad2-408d-af27-be8183b2933f", + "uuid": "c507a9a0-958b-4af9-8bc1-e292dd8ee87a", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -12432,7 +12396,7 @@ ] }, { - "uuid": "4f8ab161-9b93-449a-bfb0-e0623d964320", + "uuid": "2a78daac-d145-4b29-9ea6-c89c79a27d33", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -12459,7 +12423,7 @@ ] }, { - "uuid": "1f81009d-b067-4ca3-aa15-3079382e2d20", + "uuid": "f1d27208-2a13-48f2-a8ff-4376c812354f", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -12486,7 +12450,7 @@ ] }, { - "uuid": "212025ec-f898-43b8-8a0a-38c41446a71f", + "uuid": "76d31ebd-682e-4c17-a952-62c9dc44ff6f", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -12513,7 +12477,7 @@ ] }, { - "uuid": "f7bae9f3-b036-4073-a21d-ac079f3040c2", + "uuid": "0004df98-e6f3-4203-8961-2539d1a09081", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -12540,7 +12504,7 @@ ] }, { - "uuid": "9305a7b2-e208-4bab-8c1a-8758ed29aecf", + "uuid": "a3bdfdc1-e88f-4958-804b-6c3a72868967", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -12567,7 +12531,7 @@ ] }, { - "uuid": "cd3b1efd-72b6-4d9f-83c9-97b956b77147", + "uuid": "6de4ccda-84c2-4b0b-b732-36a5d1a7d356", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -12594,7 +12558,7 @@ ] }, { - "uuid": "2df89c80-3882-4934-816c-016b8803c107", + "uuid": "db3615fa-fa10-4cd7-8628-d58cb05ad516", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -12621,7 +12585,7 @@ ] }, { - "uuid": "de60a5aa-90ca-4309-ac02-69d74e82d9e9", + "uuid": "f373ae74-28be-4cb9-a76b-0a1b3654b556", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -12663,7 +12627,7 @@ ] }, { - "uuid": "0fb7f7a3-9e77-45b8-ada3-66d6de9d57f6", + "uuid": "10d3a8c1-be7e-48ab-b614-75aad48a66f9", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -12685,7 +12649,7 @@ ] }, { - "uuid": "f5931569-9ad7-42e1-9d7d-68f66122f3c8", + "uuid": "a4c33964-623a-4199-849a-a26145cc7609", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -12707,7 +12671,7 @@ ] }, { - "uuid": "796308ca-e7d4-43c4-a89b-f2cd38254004", + "uuid": "31427301-30fb-4aa4-8802-2306b5575207", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -12720,7 +12684,7 @@ ] }, { - "uuid": "a44cc3f9-0b53-486c-9f20-b99451d57e1f", + "uuid": "8d17ee6a-6058-4889-8622-d8614a65a4bb", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -12737,7 +12701,7 @@ ] }, { - "uuid": "50def3d7-b096-4d80-8f2b-8a4d10825267", + "uuid": "875b3e34-7622-41a6-922d-77a988b0d1d3", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -12754,7 +12718,7 @@ ] }, { - "uuid": "2f121ba9-b364-4e42-a31c-342e48bc8216", + "uuid": "3346b785-9af4-4e58-af21-2ffc7a916b53", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -12771,7 +12735,7 @@ ] }, { - "uuid": "30f00d09-8c7c-4d46-88c7-906b8868d92f", + "uuid": "b61a22ce-010a-4f1b-b269-662cd6acdce2", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -12788,7 +12752,7 @@ ] }, { - "uuid": "2642fd5b-fb07-4ee7-8920-2d783bfb0b52", + "uuid": "65c2a3d0-b51c-4cb7-bbb0-bd0e354b5162", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -12805,7 +12769,7 @@ ] }, { - "uuid": "8c772520-dd79-422b-9e08-c37ae72aff78", + "uuid": "a8a8882b-9bbb-4ac1-9699-a286541bab55", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -12822,7 +12786,7 @@ ] }, { - "uuid": "b5bf9ed3-69b1-4d83-a2c7-d93e54bc4c7f", + "uuid": "bb1465df-4c79-4df6-9140-06e053a94553", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -12839,7 +12803,7 @@ ] }, { - "uuid": "9d2ec5b8-474d-44b1-9ab0-9917c4abc89f", + "uuid": "5754df03-739e-4450-a2c2-5a72140c1fa5", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -12866,7 +12830,7 @@ ] }, { - "uuid": "10bbd0dd-787d-4f7a-82ca-adbe34a09f71", + "uuid": "87c475de-d55d-4cdf-9ed9-d282d99ef950", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ @@ -13812,7 +13776,7 @@ { "name": "Parameter_Value_Alternatives_47", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -13830,7 +13794,7 @@ { "name": "Parameter_Value_Alternatives_48", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -14952,9559 +14916,9511 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_034" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg", + "value": "file_permissions_boot_grub2", "remarks": "rule_set_034" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Group Ownership", + "value": "All GRUB configuration files must have mode 0600 or more restrictive", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg", + "value": "file_owner_boot_grub2", "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg User Ownership", + "value": "All GRUB configuration files must be owned by root", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg", + "value": "file_groupowner_boot_grub2", "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/grub.cfg Permissions", + "value": "All GRUB configuration files must be group-owned by root", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg", + "value": "disable_users_coredumps", "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Group Ownership", + "value": "Disable Core Dumps for All Users", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg", + "value": "sysctl_fs_protected_hardlinks", "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg User Ownership", + "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg", + "value": "sysctl_fs_suid_dumpable", "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify /boot/grub2/user.cfg Permissions", + "value": "Disable Core Dumps for SUID programs", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_users_coredumps", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for All Users", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_protected_hardlinks", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Enforce DAC on Hardlinks", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_fs_suid_dumpable", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Core Dumps for SUID programs", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "coredump_disable_backtraces", "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Disable core dump backtraces", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "coredump_disable_storage", "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable storing core dump", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "configure_custom_crypto_policy_cis", "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_backtraces", + "value": "banner_etc_motd_cis", "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable core dump backtraces", + "value": "Ensure Message Of The Day Is Configured Properly", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "coredump_disable_storage", + "value": "banner_etc_issue_cis", "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable storing core dump", + "value": "Ensure Local Login Warning Banner Is Configured Properly", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_custom_crypto_policy_cis", + "value": "banner_etc_issue_net_cis", "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Custom Crypto Policy Modules for CIS Benchmark", + "value": "Ensure Remote Login Warning Banner Is Configured Properly", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_motd_cis", + "value": "file_groupowner_etc_motd", "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Message Of The Day Is Configured Properly", + "value": "Verify Group Ownership of Message of the Day Banner", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_cis", + "value": "file_owner_etc_motd", "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Local Login Warning Banner Is Configured Properly", + "value": "Verify ownership of Message of the Day Banner", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "banner_etc_issue_net_cis", + "value": "file_permissions_etc_motd", "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Remote Login Warning Banner Is Configured Properly", + "value": "Verify permissions on Message of the Day Banner", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_motd", + "value": "file_groupowner_etc_issue", "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of Message of the Day Banner", + "value": "Verify Group Ownership of System Login Banner", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_motd", + "value": "file_owner_etc_issue", "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of Message of the Day Banner", + "value": "Verify ownership of System Login Banner", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_motd", + "value": "file_permissions_etc_issue", "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on Message of the Day Banner", + "value": "Verify permissions on System Login Banner", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue", + "value": "file_groupowner_etc_issue_net", "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner", + "value": "Verify Group Ownership of System Login Banner for Remote Connections", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue", + "value": "file_owner_etc_issue_net", "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner", + "value": "Verify ownership of System Login Banner for Remote Connections", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue", + "value": "file_permissions_etc_issue_net", "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner", + "value": "Verify permissions on System Login Banner for Remote Connections", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_etc_issue_net", + "value": "dconf_gnome_banner_enabled", "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership of System Login Banner for Remote Connections", + "value": "Enable GNOME3 Login Warning Banner", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_etc_issue_net", + "value": "dconf_gnome_login_banner_text", "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify ownership of System Login Banner for Remote Connections", + "value": "Set the GNOME3 Login Warning Banner Text", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_etc_issue_net", + "value": "dconf_gnome_disable_user_list", "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify permissions on System Login Banner for Remote Connections", + "value": "Disable the GNOME3 Login User List", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_banner_enabled", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Login Warning Banner", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_login_banner_text", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set the GNOME3 Login Warning Banner Text", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_user_list", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the GNOME3 Login User List", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_user_locks", "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_disable_autorun", "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Disable GNOME3 Automount running", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "package_kea_removed", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Uninstall kea Package", "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "package_kea_removed", "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Uninstall kea Package", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "package_bind_removed", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Uninstall bind Package", "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_user_locks", + "value": "package_bind_removed", "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Screensaver Settings", + "value": "Uninstall bind Package", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_dnsmasq_removed", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_disable_autorun", + "value": "package_dnsmasq_removed", "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GNOME3 Automount running", + "value": "Uninstall dnsmasq Package", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_kea_removed", + "value": "package_vsftpd_removed", "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall kea Package", + "value": "Uninstall vsftpd Package", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_bind_removed", + "value": "package_dovecot_removed", "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall bind Package", + "value": "Uninstall dovecot Package", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dnsmasq_removed", + "value": "package_cyrus-imapd_removed", "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dnsmasq Package", + "value": "Uninstall cyrus-imapd Package", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_vsftpd_removed", + "value": "service_nfs_disabled", "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall vsftpd Package", + "value": "Disable Network File System (nfs)", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_dovecot_removed", + "value": "service_rpcbind_disabled", "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall dovecot Package", + "value": "Disable rpcbind Service", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "package_rsync_removed", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Uninstall rsync Package", "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cyrus-imapd_removed", + "value": "package_rsync_removed", "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall cyrus-imapd Package", + "value": "Uninstall rsync Package", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_samba_removed", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall Samba Package", "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_nfs_disabled", + "value": "package_samba_removed", "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Network File System (nfs)", + "value": "Uninstall Samba Package", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rpcbind_disabled", + "value": "package_net-snmp_removed", "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable rpcbind Service", + "value": "Uninstall net-snmp Package", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsync_removed", + "value": "package_telnet-server_removed", "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall rsync Package", + "value": "Uninstall telnet-server Package", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_samba_removed", + "value": "package_tftp-server_removed", "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall Samba Package", + "value": "Uninstall tftp-server Package", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_net-snmp_removed", + "value": "package_squid_removed", "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall net-snmp Package", + "value": "Uninstall squid Package", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet-server_removed", + "value": "package_httpd_removed", "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall telnet-server Package", + "value": "Uninstall httpd Package", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp-server_removed", + "value": "package_nginx_removed", "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall tftp-server Package", + "value": "Uninstall nginx Package", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_squid_removed", + "value": "postfix_network_listening_disabled", "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall squid Package", + "value": "Disable Postfix Network Listening", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_httpd_removed", + "value": "has_nonlocal_mta", "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall httpd Package", + "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_nginx_removed", + "value": "package_ftp_removed", "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Uninstall nginx Package", + "value": "Remove ftp Package", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "postfix_network_listening_disabled", + "value": "package_telnet_removed", "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Postfix Network Listening", + "value": "Remove telnet Clients", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "has_nonlocal_mta", + "value": "package_tftp_removed", "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Mail Transfer Agent is not Listening on any non-loopback Address", + "value": "Remove tftp Daemon", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_ftp_removed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove ftp Package", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_telnet_removed", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove telnet Clients", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_tftp_removed", + "value": "package_cron_installed", "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Remove tftp Daemon", + "value": "Install the cron service", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "service_crond_enabled", "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Enable cron Service", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "file_groupowner_crontab", "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Verify Group Who Owns Crontab", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_cron_installed", + "value": "file_owner_crontab", "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the cron service", + "value": "Verify Owner on crontab", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_crond_enabled", + "value": "file_permissions_crontab", "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable cron Service", + "value": "Verify Permissions on crontab", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_crontab", + "value": "file_groupowner_cron_hourly", "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns Crontab", + "value": "Verify Group Who Owns cron.hourly", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_crontab", + "value": "file_owner_cron_hourly", "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on crontab", + "value": "Verify Owner on cron.hourly", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_crontab", + "value": "file_permissions_cron_hourly", "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on crontab", + "value": "Verify Permissions on cron.hourly", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_hourly", + "value": "file_groupowner_cron_daily", "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.hourly", + "value": "Verify Group Who Owns cron.daily", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_hourly", + "value": "file_owner_cron_daily", "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.hourly", + "value": "Verify Owner on cron.daily", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_hourly", + "value": "file_permissions_cron_daily", "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.hourly", + "value": "Verify Permissions on cron.daily", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_daily", + "value": "file_groupowner_cron_weekly", "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.daily", + "value": "Verify Group Who Owns cron.weekly", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_daily", + "value": "file_owner_cron_weekly", "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.daily", + "value": "Verify Owner on cron.weekly", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_daily", + "value": "file_permissions_cron_weekly", "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.daily", + "value": "Verify Permissions on cron.weekly", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_weekly", + "value": "file_groupowner_cron_monthly", "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.weekly", + "value": "Verify Group Who Owns cron.monthly", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_weekly", + "value": "file_owner_cron_monthly", "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.weekly", + "value": "Verify Owner on cron.monthly", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_weekly", + "value": "file_permissions_cron_monthly", "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.weekly", + "value": "Verify Permissions on cron.monthly", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_monthly", + "value": "file_groupowner_cron_yearly", "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.monthly", + "value": "Verify Group Who Owns cron.yearly", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_monthly", + "value": "file_owner_cron_yearly", "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.monthly", + "value": "Verify Owner on cron.yearly", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_monthly", + "value": "file_permissions_cron_yearly", "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.monthly", + "value": "Verify Permissions on cron.yearly", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_yearly", + "value": "file_groupowner_cron_d", "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.yearly", + "value": "Verify Group Who Owns cron.d", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_yearly", + "value": "file_owner_cron_d", "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.yearly", + "value": "Verify Owner on cron.d", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_yearly", + "value": "file_permissions_cron_d", "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.yearly", + "value": "Verify Permissions on cron.d", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_d", + "value": "file_cron_deny_not_exist", "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns cron.d", + "value": "Ensure that /etc/cron.deny does not exist", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_d", + "value": "file_cron_allow_exists", "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on cron.d", + "value": "Ensure that /etc/cron.allow exists", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_d", + "value": "file_groupowner_cron_allow", "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on cron.d", + "value": "Verify Group Who Owns /etc/cron.allow file", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_deny_not_exist", + "value": "file_owner_cron_allow", "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.deny does not exist", + "value": "Verify User Who Owns /etc/cron.allow file", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_cron_allow_exists", + "value": "file_permissions_cron_allow", "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/cron.allow exists", + "value": "Verify Permissions on /etc/cron.allow file", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_cron_allow", + "value": "file_at_deny_not_exist", "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.deny does not exist", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_cron_allow", + "value": "file_at_allow_exists", "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/cron.allow file", + "value": "Ensure that /etc/at.allow exists", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_cron_allow", + "value": "file_groupowner_at_allow", "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/cron.allow file", + "value": "Verify Group Who Owns /etc/at.allow file", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_deny_not_exist", + "value": "file_owner_at_allow", "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.deny does not exist", + "value": "Verify User Who Owns /etc/at.allow file", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_at_allow_exists", + "value": "file_permissions_at_allow", "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that /etc/at.allow exists", + "value": "Verify Permissions on /etc/at.allow file", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_at_allow", + "value": "kernel_module_atm_disabled", "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns /etc/at.allow file", + "value": "Disable ATM Support", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "kernel_module_can_disabled", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable CAN Support", "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_at_allow", + "value": "kernel_module_can_disabled", "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify User Who Owns /etc/at.allow file", + "value": "Disable CAN Support", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable DCCP Support", "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_at_allow", + "value": "kernel_module_dccp_disabled", "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on /etc/at.allow file", + "value": "Disable DCCP Support", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_atm_disabled", + "value": "kernel_module_tipc_disabled", "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable ATM Support", + "value": "Disable TIPC Support", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_can_disabled", + "value": "kernel_module_rds_disabled", "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable CAN Support", + "value": "Disable RDS Support", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_dccp_disabled", + "value": "kernel_module_sctp_disabled", "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable DCCP Support", + "value": "Disable SCTP Support", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_tipc_disabled", + "value": "sysctl_net_ipv4_ip_forward", "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable TIPC Support", + "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_rds_disabled", + "value": "sysctl_net_ipv4_conf_all_forwarding", "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable RDS Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kernel_module_sctp_disabled", + "value": "sysctl_net_ipv4_conf_default_forwarding", "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SCTP Support", + "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_ip_forward", + "value": "sysctl_net_ipv4_conf_all_send_redirects", "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_forwarding", + "value": "sysctl_net_ipv4_conf_default_send_redirects", "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_forwarding", + "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv4 Forwarding By Default", + "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_send_redirects", + "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_send_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_redirects", "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default", + "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", + "value": "sysctl_net_ipv4_conf_default_accept_redirects", "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", + "value": "sysctl_net_ipv4_conf_all_secure_redirects", "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_redirects", + "value": "sysctl_net_ipv4_conf_default_secure_redirects", "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv4 Interfaces", + "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_redirects", + "value": "sysctl_net_ipv4_conf_all_rp_filter", "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_secure_redirects", + "value": "sysctl_net_ipv4_conf_default_rp_filter", "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_secure_redirects", + "value": "sysctl_net_ipv4_conf_all_accept_source_route", "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kernel Parameter for Accepting Secure Redirects By Default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_rp_filter", + "value": "sysctl_net_ipv4_conf_default_accept_source_route", "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_rp_filter", + "value": "sysctl_net_ipv4_conf_all_log_martians", "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_accept_source_route", + "value": "sysctl_net_ipv4_conf_default_log_martians", "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces", + "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_accept_source_route", + "value": "sysctl_net_ipv4_tcp_syncookies", "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default", + "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_all_log_martians", + "value": "sysctl_net_ipv6_conf_all_forwarding", "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces", + "value": "Disable Kernel Parameter for IPv6 Forwarding", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_conf_default_log_martians", + "value": "sysctl_net_ipv6_conf_default_forwarding", "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces by Default", + "value": "Disable Kernel Parameter for IPv6 Forwarding by default", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv4_tcp_syncookies", + "value": "sysctl_net_ipv6_conf_all_accept_redirects", "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", + "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_forwarding", + "value": "sysctl_net_ipv6_conf_default_accept_redirects", "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding", + "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_forwarding", + "value": "sysctl_net_ipv6_conf_all_accept_source_route", "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for IPv6 Forwarding by default", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_redirects", + "value": "sysctl_net_ipv6_conf_default_accept_source_route", "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting ICMP Redirects for All IPv6 Interfaces", + "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_redirects", + "value": "sysctl_net_ipv6_conf_all_accept_ra", "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces", + "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_source_route", + "value": "sysctl_net_ipv6_conf_default_accept_ra", "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces", + "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_source_route", + "value": "package_firewalld_installed", "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default", + "value": "Install firewalld Package", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_all_accept_ra", + "value": "firewalld-backend", "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Accepting Router Advertisements on All IPv6 Interfaces", + "value": "Configure Firewalld to Use the Nftables Backend", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_ipv6_conf_default_accept_ra", + "value": "service_firewalld_enabled", "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Accepting Router Advertisements on all IPv6 Interfaces by Default", + "value": "Verify firewalld Enabled", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "firewalld_loopback_traffic_trusted", "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Configure Firewalld to Trust Loopback Traffic", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld-backend", + "value": "file_groupowner_sshd_config", "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Use the Nftables Backend", + "value": "Verify Group Who Owns SSH Server config file", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "file_owner_sshd_config", "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Verify Owner on SSH Server config file", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "firewalld_loopback_traffic_trusted", + "value": "file_permissions_sshd_config", "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Firewalld to Trust Loopback Traffic", + "value": "Verify Permissions on SSH Server config file", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_config", + "value": "directory_permissions_sshd_config_d", "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_config", + "value": "file_permissions_sshd_drop_in_config", "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server config file", + "value": "Verify Permissions on SSH Server Config File", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_config", + "value": "directory_groupowner_sshd_config_d", "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server config file", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_permissions_sshd_config_d", + "value": "directory_owner_sshd_config_d", "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_drop_in_config", + "value": "file_groupowner_sshd_drop_in_config", "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Config File", + "value": "Verify Group Who Owns SSH Server Configuration Files", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_groupowner_sshd_config_d", + "value": "file_owner_sshd_drop_in_config", "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Owner on SSH Server Configuration Files", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_owner_sshd_config_d", + "value": "file_groupownership_sshd_private_key", "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Group Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_sshd_drop_in_config", + "value": "file_ownership_sshd_private_key", "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Who Owns SSH Server Configuration Files", + "value": "Verify Ownership on SSH Server Private *_key Key Files", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_sshd_drop_in_config", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Owner on SSH Server Configuration Files", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_private_key", + "value": "file_groupownership_sshd_pub_key", "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Private *_key Key Files", + "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_private_key", + "value": "file_ownership_sshd_pub_key", "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Private *_key Key Files", + "value": "Verify Ownership on SSH Server Public *.pub Key Files", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "file_permissions_sshd_pub_key", "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Verify Permissions on SSH Server Public *.pub Key Files", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupownership_sshd_pub_key", + "value": "sshd_limit_user_access", "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Group Ownership on SSH Server Public *.pub Key Files", + "value": "Limit Users' SSH Access", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_sshd_pub_key", + "value": "sshd_enable_warning_banner_net", "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Ownership on SSH Server Public *.pub Key Files", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_pub_key", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Public *.pub Key Files", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_limit_user_access", + "value": "sshd_set_keepalive", "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Users' SSH Access", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "sshd_disable_forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable SSH Forwarding", "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner_net", + "value": "sshd_disable_forwarding", "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Disable SSH Forwarding", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "disable_host_auth", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "disable_host_auth", "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_forwarding", + "value": "sshd_disable_rhosts", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Forwarding", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_forwarding", + "value": "sshd_disable_rhosts", "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Forwarding", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_use_strong_kex", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_use_strong_kex", "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Use Only Strong Key Exchange algorithms", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_login_grace_time", "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Ensure SSH LoginGraceTime is configured", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_set_loglevel_verbose", "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Set SSH Daemon LogLevel to VERBOSE", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_strong_kex", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Use Only Strong Key Exchange algorithms", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_login_grace_time", + "value": "sshd_set_maxstartups", "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH LoginGraceTime is configured", + "value": "Ensure SSH MaxStartups is configured", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_187" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_verbose", + "value": "sshd_set_max_sessions", "remarks": "rule_set_187" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Daemon LogLevel to VERBOSE", + "value": "Set SSH MaxSessions limit", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_maxstartups", + "value": "sshd_disable_root_login", "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SSH MaxStartups is configured", + "value": "Disable SSH Root Login", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_sessions", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH MaxSessions limit", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_enable_pam", "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Enable PAM", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "package_sudo_installed", "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Install sudo Package", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sudo_add_use_pty", "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_pam", + "value": "sudo_custom_logfile", "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable PAM", + "value": "Ensure Sudo Logfile Exists - sudo logfile", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_add_use_pty", + "value": "sudo_require_reauthentication", "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", + "value": "Require Re-Authentication When Using the sudo Command", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_custom_logfile", + "value": "use_pam_wheel_group_for_su", "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Sudo Logfile Exists - sudo logfile", + "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "ensure_pam_wheel_group_empty", "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_reauthentication", + "value": "account_password_pam_faillock_password_auth", "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Re-Authentication When Using the sudo Command", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "use_pam_wheel_group_for_su", + "value": "account_password_pam_faillock_system_auth", "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Usage of pam_wheel with Group Parameter for su Authentication", + "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_pam_wheel_group_empty", + "value": "package_pam_pwquality_installed", "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Group Used by pam_wheel.so Module Exists on System and is Empty", + "value": "Install pam_pwquality Package", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_password_auth", + "value": "accounts_password_pam_pwquality_password_auth", "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.", + "value": "Ensure PAM password complexity module is enabled in password-auth", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_password_pam_faillock_system_auth", + "value": "accounts_password_pam_pwquality_system_auth", "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.", + "value": "Ensure PAM password complexity module is enabled in system-auth", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pam_pwquality_installed", + "value": "accounts_password_pam_unix_enabled", "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install pam_pwquality Package", + "value": "Verify pam_unix module is activated", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_password_auth", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in password-auth", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwquality_system_auth", + "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM password complexity module is enabled in system-auth", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_enabled", + "value": "accounts_password_pam_difok", "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify pam_unix module is activated", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time_with_zero", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_difok", + "value": "accounts_password_pam_maxrepeat", "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Characters", + "value": "Set Password Maximum Consecutive Repeating Characters", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_maxsequence", "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Limit the maximum number of sequential characters in passwords", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_dictcheck", "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxrepeat", + "value": "accounts_password_pam_enforce_root", "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Consecutive Repeating Characters", + "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_maxsequence", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit the maximum number of sequential characters in passwords", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dictcheck", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_enforce_root", + "value": "accounts_password_pam_pwhistory_enforce_for_root", "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Enforce for root User", + "value": "Ensure Password History Is Enforced for the Root User", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_pwhistory_use_authtok", "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Enforce Password History with use_authtok", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "no_empty_passwords", "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_enforce_for_root", + "value": "accounts_password_pam_unix_no_remember", "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Password History Is Enforced for the Root User", + "value": "Avoid using remember in pam_unix module", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_use_authtok", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enforce Password History with use_authtok", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_no_remember", + "value": "accounts_password_pam_unix_authtok", "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Avoid using remember in pam_unix module", + "value": "Require use_authtok for pam_unix.so", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Maximum Age", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_authtok", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require use_authtok for pam_unix.so", + "value": "Set Password Warning Age", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_227" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_227" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_228" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_228" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_229" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_229" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_230" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_230" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_231" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_231" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_232" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "accounts_root_gid_zero", "remarks": "rule_set_232" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_233" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "groups_no_zero_gid_except_root", "remarks": "rule_set_233" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Verify Only Group Root Has GID 0", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_234" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "ensure_root_password_configured", "remarks": "rule_set_234" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Ensure Authentication Required for Single User Mode", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_235" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "accounts_root_path_dirs_no_write", "remarks": "rule_set_235" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_236" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "root_path_no_dot", "remarks": "rule_set_236" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_237" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "groups_no_zero_gid_except_root", + "value": "accounts_umask_root", "remarks": "rule_set_237" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Group Root Has GID 0", + "value": "Ensure the Root Bash Umask is Set Correctly", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_238" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_root_password_configured", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_238" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Authentication Required for Single User Mode", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_239" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_path_dirs_no_write", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_239" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include World or Group-Writable Directories", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_240" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "root_path_no_dot", + "value": "no_invalid_shell_accounts_unlocked", "remarks": "rule_set_240" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Root's Path Does Not Include Relative Paths or Null Directories", + "value": "Verify Non-Interactive Accounts Are Locked", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_241" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_root", + "value": "accounts_tmout", "remarks": "rule_set_241" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Root Bash Umask is Set Correctly", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_242" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "accounts_umask_etc_bashrc", "remarks": "rule_set_242" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "Ensure the Default Bash Umask is Set Correctly", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_243" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "accounts_umask_etc_login_defs", "remarks": "rule_set_243" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure the Default Umask is Set Correctly in login.defs", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_244" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_umask_etc_profile", "remarks": "rule_set_244" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Ensure the Default Umask is Set Correctly in /etc/profile", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_245" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_bashrc", + "value": "package_aide_installed", "remarks": "rule_set_245" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Bash Umask is Set Correctly", + "value": "Install AIDE", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_246" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_login_defs", + "value": "aide_build_database", "remarks": "rule_set_246" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in login.defs", + "value": "Build and Test AIDE Database", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_247" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_umask_etc_profile", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_247" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the Default Umask is Set Correctly in /etc/profile", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_248" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_check_audit_tools", "remarks": "rule_set_248" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure AIDE to Verify the Audit Tools", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_249" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "service_systemd-journald_enabled", "remarks": "rule_set_249" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Enable systemd-journald Service", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_250" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "ensure_journald_and_rsyslog_not_active_together", "remarks": "rule_set_250" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Ensure journald and rsyslog Are Not Active Together", "remarks": "rule_set_250" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_251" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_251" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_check_audit_tools", - "remarks": "rule_set_251" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure AIDE to Verify the Audit Tools", - "remarks": "rule_set_251" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_252" - }, - { - "name": "Rule_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_252" - }, - { - "name": "Check_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_systemd-journald_enabled", - "remarks": "rule_set_252" - }, - { - "name": "Check_Description", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable systemd-journald Service", - "remarks": "rule_set_252" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_systemd-journal-remote_installed", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install systemd-journal-remote Package", - "remarks": "rule_set_253" + "remarks": "rule_set_251" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_systemd-journal-upload_enabled", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable systemd-journal-upload Service", - "remarks": "rule_set_254" + "remarks": "rule_set_252" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "socket_systemd-journal-remote_disabled", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable systemd-journal-remote Socket", - "remarks": "rule_set_255" + "remarks": "rule_set_253" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_disable_forward_to_syslog", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald ForwardToSyslog is disabled", - "remarks": "rule_set_256" + "remarks": "rule_set_254" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_compress", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to compress large log files", - "remarks": "rule_set_257" + "remarks": "rule_set_255" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "journald_storage", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure journald is configured to write log files to persistent disk", - "remarks": "rule_set_258" + "remarks": "rule_set_256" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_259" + "remarks": "rule_set_257" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_260" + "remarks": "rule_set_258" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_261" + "remarks": "rule_set_259" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_passwd", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns passwd File", - "remarks": "rule_set_262" + "remarks": "rule_set_260" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_passwd", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns passwd File", - "remarks": "rule_set_263" + "remarks": "rule_set_261" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_passwd", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on passwd File", - "remarks": "rule_set_264" + "remarks": "rule_set_262" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_passwd", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup passwd File", - "remarks": "rule_set_265" + "remarks": "rule_set_263" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_passwd", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup passwd File", - "remarks": "rule_set_266" + "remarks": "rule_set_264" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_passwd", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup passwd File", - "remarks": "rule_set_267" + "remarks": "rule_set_265" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_group", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns group File", - "remarks": "rule_set_268" + "remarks": "rule_set_266" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_group", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns group File", - "remarks": "rule_set_269" + "remarks": "rule_set_267" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_group", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on group File", - "remarks": "rule_set_270" + "remarks": "rule_set_268" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_group", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup group File", - "remarks": "rule_set_271" + "remarks": "rule_set_269" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_group", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup group File", - "remarks": "rule_set_272" + "remarks": "rule_set_270" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_group", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup group File", - "remarks": "rule_set_273" + "remarks": "rule_set_271" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shadow", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns shadow File", - "remarks": "rule_set_274" + "remarks": "rule_set_272" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shadow", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns shadow File", - "remarks": "rule_set_275" + "remarks": "rule_set_273" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shadow", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on shadow File", - "remarks": "rule_set_276" + "remarks": "rule_set_274" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_shadow", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup shadow File", - "remarks": "rule_set_277" + "remarks": "rule_set_275" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_shadow", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup shadow File", - "remarks": "rule_set_278" + "remarks": "rule_set_276" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_shadow", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup shadow File", - "remarks": "rule_set_279" + "remarks": "rule_set_277" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_gshadow", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns gshadow File", - "remarks": "rule_set_280" + "remarks": "rule_set_278" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_gshadow", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns gshadow File", - "remarks": "rule_set_281" + "remarks": "rule_set_279" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_gshadow", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on gshadow File", - "remarks": "rule_set_282" + "remarks": "rule_set_280" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_backup_etc_gshadow", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns Backup gshadow File", - "remarks": "rule_set_283" + "remarks": "rule_set_281" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_backup_etc_gshadow", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns Backup gshadow File", - "remarks": "rule_set_284" + "remarks": "rule_set_282" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_backup_etc_gshadow", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on Backup gshadow File", - "remarks": "rule_set_285" + "remarks": "rule_set_283" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_shells", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/shells File", - "remarks": "rule_set_286" + "remarks": "rule_set_284" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_shells", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Who Owns /etc/shells File", - "remarks": "rule_set_287" + "remarks": "rule_set_285" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_shells", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/shells File", - "remarks": "rule_set_288" + "remarks": "rule_set_286" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd File", - "remarks": "rule_set_289" + "remarks": "rule_set_287" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd File", - "remarks": "rule_set_290" + "remarks": "rule_set_288" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd File", - "remarks": "rule_set_291" + "remarks": "rule_set_289" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupowner_etc_security_opasswd_old", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Group Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_292" + "remarks": "rule_set_290" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_owner_etc_security_opasswd_old", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify User Who Owns /etc/security/opasswd.old File", - "remarks": "rule_set_293" + "remarks": "rule_set_291" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_etc_security_opasswd_old", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on /etc/security/opasswd.old File", - "remarks": "rule_set_294" + "remarks": "rule_set_292" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_295" + "remarks": "rule_set_293" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_296" + "remarks": "rule_set_294" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_unowned_by_user", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a User", - "remarks": "rule_set_297" + "remarks": "rule_set_295" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_files_or_dirs_ungroupowned", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Files And Directories Are Owned by a Group", - "remarks": "rule_set_298" + "remarks": "rule_set_296" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_all_shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify All Account Password Hashes are Shadowed", - "remarks": "rule_set_299" + "remarks": "rule_set_297" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords_etc_shadow", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure There Are No Accounts With Blank or Null Passwords", - "remarks": "rule_set_300" + "remarks": "rule_set_298" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "gid_passwd_group_same", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", - "remarks": "rule_set_301" + "remarks": "rule_set_299" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_id", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique User IDs", - "remarks": "rule_set_302" + "remarks": "rule_set_300" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_id", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group ID", - "remarks": "rule_set_303" + "remarks": "rule_set_301" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "account_unique_name", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Accounts on the System Have Unique Names", - "remarks": "rule_set_304" + "remarks": "rule_set_302" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "group_unique_name", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All Groups on the System Have Unique Group Names", - "remarks": "rule_set_305" + "remarks": "rule_set_303" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_interactive_home_directory_exists", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive Users Home Directories Must Exist", - "remarks": "rule_set_306" + "remarks": "rule_set_304" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_home_directories", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Be Owned By The Primary User", - "remarks": "rule_set_307" + "remarks": "rule_set_305" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_home_directories", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", - "remarks": "rule_set_308" + "remarks": "rule_set_306" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_group_ownership", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Group-Owned By The Primary Group", - "remarks": "rule_set_309" + "remarks": "rule_set_307" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_user_ownership", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Be Owned By the Primary User", - "remarks": "rule_set_310" + "remarks": "rule_set_308" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_user_dot_no_world_writable_programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "User Initialization Files Must Not Run World-Writable Programs", - "remarks": "rule_set_311" + "remarks": "rule_set_309" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_init_files", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All User Initialization Files Have Mode 0740 Or Less Permissive", - "remarks": "rule_set_312" + "remarks": "rule_set_310" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_forward_files", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .forward Files Exist", - "remarks": "rule_set_313" + "remarks": "rule_set_311" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_netrc_files", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No netrc Files Exist", - "remarks": "rule_set_314" + "remarks": "rule_set_312" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_rhost_files", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify No .rhost Files Exist", - "remarks": "rule_set_315" + "remarks": "rule_set_313" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permission_user_bash_history", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure User Bash History File Has Correct Permissions", - "remarks": "rule_set_316" + "remarks": "rule_set_314" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_overlayfs_disabled", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure overlayfs kernel module is not available", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_overlayfs_disabled", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure overlayfs kernel module is not available", - "remarks": "rule_set_317" + "remarks": "rule_set_315" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_squashfs_disabled", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of squashfs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_squashfs_disabled", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of squashfs", - "remarks": "rule_set_318" + "remarks": "rule_set_316" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_udf_disabled", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of udf", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_udf_disabled", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Mounting of udf", - "remarks": "rule_set_319" + "remarks": "rule_set_317" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_firewire-core_disabled", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable IEEE 1394 (FireWire) Support", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_firewire-core_disabled", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable IEEE 1394 (FireWire) Support", - "remarks": "rule_set_320" + "remarks": "rule_set_318" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_usb-storage_disabled", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Modprobe Loading of USB Storage Driver", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kernel_module_usb-storage_disabled", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Modprobe Loading of USB Storage Driver", - "remarks": "rule_set_321" + "remarks": "rule_set_319" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_home", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /home Located On Separate Partition", - "remarks": "rule_set_322" + "remarks": "rule_set_320" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var Located On Separate Partition", - "remarks": "rule_set_323" + "remarks": "rule_set_321" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_tmp", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/tmp Located On Separate Partition", - "remarks": "rule_set_324" + "remarks": "rule_set_322" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log Located On Separate Partition", - "remarks": "rule_set_325" + "remarks": "rule_set_323" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "partition_for_var_log_audit", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure /var/log/audit Located On Separate Partition", - "remarks": "rule_set_326" + "remarks": "rule_set_324" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_weak_deps", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Installation of Weak Dependencies in DNF", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_weak_deps", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Installation of Weak Dependencies in DNF", - "remarks": "rule_set_327" + "remarks": "rule_set_325" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_328" + "remarks": "rule_set_326" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_fs_protected_symlinks", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Kernel Parameter to Enforce DAC on Symlinks", - "remarks": "rule_set_329" + "remarks": "rule_set_327" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dconf_gnome_disable_automount", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GNOME3 Automounting", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dconf_gnome_disable_automount", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GNOME3 Automounting", - "remarks": "rule_set_330" + "remarks": "rule_set_328" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dconf_gnome_disable_automount_open", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GNOME3 Automount Opening", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dconf_gnome_disable_automount_open", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GNOME3 Automount Opening", - "remarks": "rule_set_331" + "remarks": "rule_set_329" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "xwayland_disabled", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable XWayland", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "xwayland_disabled", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable XWayland", - "remarks": "rule_set_332" + "remarks": "rule_set_330" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_autofs_disabled", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the Automounter", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_autofs_disabled", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the Automounter", - "remarks": "rule_set_333" + "remarks": "rule_set_331" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_avahi-daemon_disabled", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Avahi Server Software", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_avahi-daemon_disabled", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Avahi Server Software", - "remarks": "rule_set_334" + "remarks": "rule_set_332" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_cockpit_disabled", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Cockpit Management Server", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_cockpit_disabled", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Cockpit Management Server", - "remarks": "rule_set_335" + "remarks": "rule_set_333" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_openldap-clients_removed", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure LDAP client is not installed", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_openldap-clients_removed", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure LDAP client is not installed", - "remarks": "rule_set_336" + "remarks": "rule_set_334" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_bluetooth_disabled", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Bluetooth Service", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_bluetooth_disabled", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Bluetooth Service", - "remarks": "rule_set_337" + "remarks": "rule_set_335" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_338" + "remarks": "rule_set_336" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_339" + "remarks": "rule_set_337" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_340" + "remarks": "rule_set_338" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_set_min_life_existing", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Existing Passwords Minimum Age", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_set_min_life_existing", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Existing Passwords Minimum Age", - "remarks": "rule_set_341" + "remarks": "rule_set_339" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_nologin_in_shells", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure nologin Shell is Not Listed in /etc/shells", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_nologin_in_shells", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure nologin Shell is Not Listed in /etc/shells", - "remarks": "rule_set_342" + "remarks": "rule_set_340" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_343" + "remarks": "rule_set_341" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit-libs_installed", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit-libs_installed", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit-libs package as a part of audit Subsystem is Installed", - "remarks": "rule_set_344" + "remarks": "rule_set_342" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_argument", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_argument", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", - "remarks": "rule_set_345" + "remarks": "rule_set_343" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_backlog_limit_argument", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Extend Audit Backlog Limit for the Audit Daemon", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_backlog_limit_argument", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Extend Audit Backlog Limit for the Audit Daemon", - "remarks": "rule_set_346" + "remarks": "rule_set_344" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_347" + "remarks": "rule_set_345" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Max Log File Size", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Max Log File Size", - "remarks": "rule_set_348" + "remarks": "rule_set_346" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file_action", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_max_log_file_action", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", - "remarks": "rule_set_349" + "remarks": "rule_set_347" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_error_action", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Error Action on Disk Error", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_error_action", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Error Action on Disk Error", - "remarks": "rule_set_350" + "remarks": "rule_set_348" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_full_action", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Full Action when Disk Space Is Full", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_disk_full_action", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd Disk Full Action when Disk Space Is Full", - "remarks": "rule_set_351" + "remarks": "rule_set_349" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_admin_space_left_action", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd admin_space_left Action on Low Disk Space", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_admin_space_left_action", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd admin_space_left Action on Low Disk Space", - "remarks": "rule_set_352" + "remarks": "rule_set_350" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left_action", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left Action on Low Disk Space", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left_action", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left Action on Low Disk Space", - "remarks": "rule_set_353" + "remarks": "rule_set_351" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_354" + "remarks": "rule_set_352" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_suid_auid_privilege_function", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events When Executables Are Run As Another User", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_suid_auid_privilege_function", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events When Executables Are Run As Another User", - "remarks": "rule_set_355" + "remarks": "rule_set_353" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_356" + "remarks": "rule_set_354" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_357" + "remarks": "rule_set_355" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_358" + "remarks": "rule_set_356" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_359" + "remarks": "rule_set_357" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_360" + "remarks": "rule_set_358" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_setdomainname", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - setdomainname", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_setdomainname", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - setdomainname", - "remarks": "rule_set_361" + "remarks": "rule_set_359" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_sethostname", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - sethostname", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_sethostname", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - sethostname", - "remarks": "rule_set_362" + "remarks": "rule_set_360" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue", - "remarks": "rule_set_363" + "remarks": "rule_set_361" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue_net", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_issue_net", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/issue.net", - "remarks": "rule_set_364" + "remarks": "rule_set_362" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_hosts", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hosts", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_hosts", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hosts", - "remarks": "rule_set_365" + "remarks": "rule_set_363" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_hostname_file", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hostname", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_hostname_file", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/hostname", - "remarks": "rule_set_366" + "remarks": "rule_set_364" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_sysconfig_network", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/sysconfig/network", - "remarks": "rule_set_367" + "remarks": "rule_set_365" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_etc_networkmanager_system_connections", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/system-connections/", - "remarks": "rule_set_368" + "remarks": "rule_set_366" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_networkmanager", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification_networkmanager", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment - /etc/NetworkManager/", - "remarks": "rule_set_369" + "remarks": "rule_set_367" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_370" + "remarks": "rule_set_368" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_371" + "remarks": "rule_set_369" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_372" + "remarks": "rule_set_370" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_373" + "remarks": "rule_set_371" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_374" + "remarks": "rule_set_372" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_375" + "remarks": "rule_set_373" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_376" + "remarks": "rule_set_374" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_377" + "remarks": "rule_set_375" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_378" + "remarks": "rule_set_376" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_379" + "remarks": "rule_set_377" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_380" + "remarks": "rule_set_378" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_nsswitch_conf", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_nsswitch_conf", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/nsswitch.conf", - "remarks": "rule_set_381" + "remarks": "rule_set_379" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pam_conf", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.conf", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pam_conf", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.conf", - "remarks": "rule_set_382" + "remarks": "rule_set_380" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pamd", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.d/", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_pamd", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/pam.d/", - "remarks": "rule_set_383" + "remarks": "rule_set_381" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_384" + "remarks": "rule_set_382" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_385" + "remarks": "rule_set_383" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_386" + "remarks": "rule_set_384" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_387" + "remarks": "rule_set_385" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_388" + "remarks": "rule_set_386" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_389" + "remarks": "rule_set_387" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_390" + "remarks": "rule_set_388" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_391" + "remarks": "rule_set_389" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_392" + "remarks": "rule_set_390" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_393" + "remarks": "rule_set_391" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_394" + "remarks": "rule_set_392" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_395" + "remarks": "rule_set_393" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_396" + "remarks": "rule_set_394" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_397" + "remarks": "rule_set_395" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_398" + "remarks": "rule_set_396" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_399" + "remarks": "rule_set_397" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_400" + "remarks": "rule_set_398" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_401" + "remarks": "rule_set_399" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_402" + "remarks": "rule_set_400" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_lastlog", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - lastlog", - "remarks": "rule_set_403" + "remarks": "rule_set_401" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_404" + "remarks": "rule_set_402" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_405" + "remarks": "rule_set_403" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_406" + "remarks": "rule_set_404" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_407" + "remarks": "rule_set_405" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_408" + "remarks": "rule_set_406" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_409" + "remarks": "rule_set_407" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_usr_share", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_usr_share", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls in usr/share", - "remarks": "rule_set_410" + "remarks": "rule_set_408" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_411" + "remarks": "rule_set_409" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfacl", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfacl", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfacl", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfacl", - "remarks": "rule_set_412" + "remarks": "rule_set_410" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chacl", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chacl", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chacl", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chacl", - "remarks": "rule_set_413" + "remarks": "rule_set_411" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_usermod", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_usermod", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", - "remarks": "rule_set_414" + "remarks": "rule_set_412" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands_kmod", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands - kmod", - "remarks": "rule_set_415" + "remarks": "rule_set_413" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_init", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading - init_module", - "remarks": "rule_set_416" + "remarks": "rule_set_414" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_finit", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module", - "remarks": "rule_set_417" + "remarks": "rule_set_415" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_delete", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Unloading - delete_module", - "remarks": "rule_set_418" + "remarks": "rule_set_416" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_query", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading_query", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module", - "remarks": "rule_set_419" + "remarks": "rule_set_417" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_continue_loading", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_continue_loading", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the Audit Configuration is Loaded Regardless of Errors", - "remarks": "rule_set_420" + "remarks": "rule_set_418" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_421" + "remarks": "rule_set_419" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_var_log_audit", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_permissions_var_log_audit", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0750 or Less Permissive", - "remarks": "rule_set_422" + "remarks": "rule_set_420" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_var_log_audit", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_var_log_audit", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", - "remarks": "rule_set_423" + "remarks": "rule_set_421" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_var_log_audit_stig", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_var_log_audit_stig", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_424" + "remarks": "rule_set_422" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_425" + "remarks": "rule_set_423" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_configuration", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Permissions are 640 or More Restrictive", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_configuration", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Permissions are 640 or More Restrictive", - "remarks": "rule_set_426" + "remarks": "rule_set_424" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_configuration", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Root", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_configuration", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Root", - "remarks": "rule_set_427" + "remarks": "rule_set_425" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_configuration", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Group root", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_configuration", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Audit Configuration Files Must Be Owned By Group root", - "remarks": "rule_set_428" + "remarks": "rule_set_426" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_binaries", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools Have Mode 0755 or less", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_audit_binaries", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools Have Mode 0755 or less", - "remarks": "rule_set_429" + "remarks": "rule_set_427" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_binaries", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by root", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_audit_binaries", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by root", - "remarks": "rule_set_430" + "remarks": "rule_set_428" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_binaries", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by group root", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_groupownership_audit_binaries", - "remarks": "rule_set_431" + "remarks": "rule_set_429" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that audit tools are owned by group root", - "remarks": "rule_set_431" + "remarks": "rule_set_429" } ], "control-implementations": [ { - "uuid": "e076c461-de0d-44bc-8936-0522e79ade63", + "uuid": "99608dbc-6aec-4e42-86b6-8953960612c7", "source": "trestle://profiles/rhel10-cis_rhel10-l2_workstation/profile.json", "description": "Control implementation for cis_workstation_l2", "props": [ @@ -24800,13 +24716,13 @@ { "param-id": "var_password_hashing_algorithm", "values": [ - "yescrypt" + "cis_rhel10" ] }, { "param-id": "var_password_hashing_algorithm_pam", "values": [ - "yescrypt" + "cis_rhel10" ] }, { @@ -24920,7 +24836,7 @@ ], "implemented-requirements": [ { - "uuid": "35f0f40d-5f04-487c-85ef-70ccc0dc38f1", + "uuid": "1b09085d-edf8-4fa5-9200-d977b68e7464", "control-id": "cis_rhel10_1-1.1.6", "description": "No notes for control-id 1.1.1.6.", "props": [ @@ -24937,7 +24853,7 @@ ] }, { - "uuid": "1872e5df-43e2-42e4-b73a-bd041e4e22ed", + "uuid": "0260b8f7-7e16-4fa4-98d2-5a7a1c984731", "control-id": "cis_rhel10_1-1.1.7", "description": "No notes for control-id 1.1.1.7.", "props": [ @@ -24954,7 +24870,7 @@ ] }, { - "uuid": "92fdf60f-f92b-47dc-a246-d80bb9baed5f", + "uuid": "12416322-63c0-49f3-b6ab-f9df9f5feb4c", "control-id": "cis_rhel10_1-1.1.8", "description": "No notes for control-id 1.1.1.8.", "props": [ @@ -24971,7 +24887,7 @@ ] }, { - "uuid": "0bcd3133-6edb-45cb-8362-58d937f75afd", + "uuid": "929efb8d-614b-48d4-b2ca-1dd34fd2b546", "control-id": "cis_rhel10_1-1.1.9", "description": "No notes for control-id 1.1.1.9.", "props": [ @@ -24988,7 +24904,7 @@ ] }, { - "uuid": "ae920990-dec2-439e-a94e-577f1771ec78", + "uuid": "b15f4110-4a69-498e-99c6-8b92fe17d466", "control-id": "cis_rhel10_1-1.1.10", "description": "No notes for control-id 1.1.1.10.", "props": [ @@ -25005,7 +24921,7 @@ ] }, { - "uuid": "174ba3d1-1413-465c-81b2-cb0416e51b46", + "uuid": "39af2182-d8ad-4296-875d-921936a0e130", "control-id": "cis_rhel10_1-1.2.3.1", "description": "No notes for control-id 1.1.2.3.1.", "props": [ @@ -25022,7 +24938,7 @@ ] }, { - "uuid": "d4ef2e8f-7187-45cc-978f-521434bee845", + "uuid": "2c47e39d-dc11-4433-acb2-47ce62527308", "control-id": "cis_rhel10_1-1.2.4.1", "description": "No notes for control-id 1.1.2.4.1.", "props": [ @@ -25039,7 +24955,7 @@ ] }, { - "uuid": "3cb1ba69-ea79-431e-acf8-5b0918464905", + "uuid": "ffe3a8e8-243f-4a6f-b8b0-4853d1ea01c3", "control-id": "cis_rhel10_1-1.2.5.1", "description": "No notes for control-id 1.1.2.5.1.", "props": [ @@ -25056,7 +24972,7 @@ ] }, { - "uuid": "ed671bd8-2c3c-4bf0-bce1-d8b1ede831e9", + "uuid": "1570b41e-5afe-406a-a96d-0296c4fbd26c", "control-id": "cis_rhel10_1-1.2.6.1", "description": "No notes for control-id 1.1.2.6.1.", "props": [ @@ -25073,7 +24989,7 @@ ] }, { - "uuid": "cea2438b-d2cb-404f-a38d-8eef2c582f4d", + "uuid": "e2ae8efd-338b-4eb1-a41e-5fc810ef19c9", "control-id": "cis_rhel10_1-1.2.7.1", "description": "No notes for control-id 1.1.2.7.1.", "props": [ @@ -25090,7 +25006,7 @@ ] }, { - "uuid": "04598ab4-86f4-4c51-b88b-ee86c4bf1918", + "uuid": "52e55674-97c9-4b24-85da-20c85f94ca7e", "control-id": "cis_rhel10_1-2.1.3", "description": "The description for control-id cis_rhel10_1-2.1.3.", "props": [ @@ -25103,7 +25019,7 @@ ] }, { - "uuid": "aa5b7443-32b5-4a39-8f71-80a6f1ce33d9", + "uuid": "7e9b1de3-6255-40d3-b69d-8e660686f6c0", "control-id": "cis_rhel10_1-2.1.5", "description": "No notes for control-id 1.2.1.5.", "props": [ @@ -25120,7 +25036,7 @@ ] }, { - "uuid": "f1acd8f1-f5da-447f-b1fd-59127774e72e", + "uuid": "ab48c788-2605-47f8-9ea4-f184db586627", "control-id": "cis_rhel10_1-3.1.5", "description": "No notes for control-id 1.3.1.5.", "props": [ @@ -25137,7 +25053,7 @@ ] }, { - "uuid": "f66ed475-b21e-44b1-b72a-b10a0dd65bff", + "uuid": "55ef8e9f-0502-4115-b4bb-8c7fbf4d80e7", "control-id": "cis_rhel10_1-3.1.6", "description": "The description for control-id cis_rhel10_1-3.1.6.", "props": [ @@ -25150,7 +25066,7 @@ ] }, { - "uuid": "5e7534a7-a234-479e-9ab7-d80d1a231c5b", + "uuid": "623eb029-7995-4ed5-9e9e-3733078c5e81", "control-id": "cis_rhel10_1-5.3", "description": "No notes for control-id 1.5.3.", "props": [ @@ -25167,7 +25083,7 @@ ] }, { - "uuid": "c4b92096-1ebe-44c5-91f7-b1039418feca", + "uuid": "7d782a0b-ff7b-44a9-b40c-87f1f07d9cc6", "control-id": "cis_rhel10_1-8.4", "description": "No notes for control-id 1.8.4.", "props": [ @@ -25189,7 +25105,7 @@ ] }, { - "uuid": "9098f8fb-e04e-46e3-b4ee-ab424cd48c09", + "uuid": "1ec38b92-8fa5-43fe-bd96-722e15f8791b", "control-id": "cis_rhel10_1-8.6", "description": "No notes for control-id 1.8.6.", "props": [ @@ -25206,7 +25122,7 @@ ] }, { - "uuid": "b0b1d814-803f-4eb2-8a60-c81daf6dbead", + "uuid": "e8ddf69d-cf53-4166-8f90-defc6b913f90", "control-id": "cis_rhel10_2-1.1", "description": "No notes for control-id 2.1.1.", "props": [ @@ -25223,7 +25139,7 @@ ] }, { - "uuid": "133a834d-ccd3-4ce6-9613-ffb344cc9d08", + "uuid": "2017262b-c276-4160-a6ef-ff7657f35e14", "control-id": "cis_rhel10_2-1.2", "description": "No notes for control-id 2.1.2.", "props": [ @@ -25240,7 +25156,7 @@ ] }, { - "uuid": "97a4fc05-8d5d-43ac-b0fc-69b4be45a74a", + "uuid": "aff1b034-012d-4689-8567-2bcd0770ff65", "control-id": "cis_rhel10_2-1.3", "description": "No notes for control-id 2.1.3.", "props": [ @@ -25257,7 +25173,7 @@ ] }, { - "uuid": "f14c6475-ad47-47d4-b367-1efb391c56f5", + "uuid": "35e1eb01-9570-4481-8876-8d0a32e059f1", "control-id": "cis_rhel10_2-2.2", "description": "No notes for control-id 2.2.2.", "props": [ @@ -25274,7 +25190,7 @@ ] }, { - "uuid": "b6579509-8195-4c18-80d8-0d8f1f34d9e5", + "uuid": "ce2beef9-fb9c-4e3c-879c-9abcde03f8af", "control-id": "cis_rhel10_3-1.3", "description": "No notes for control-id 3.1.3.", "props": [ @@ -25291,7 +25207,7 @@ ] }, { - "uuid": "e2f7e3a9-415a-4c40-b304-38352bd56f75", + "uuid": "bc84ac44-ac91-4540-a330-968696c12639", "control-id": "cis_rhel10_5-2.4", "description": "No notes for control-id 5.2.4.", "props": [ @@ -25308,7 +25224,7 @@ ] }, { - "uuid": "1879e297-d583-42bc-a83b-d2d676bd0b62", + "uuid": "1722a931-c387-4eb6-b5a3-e188ea00ea20", "control-id": "cis_rhel10_5-3.2.1.3", "description": "No notes for control-id 5.3.2.1.3.", "props": [ @@ -25325,7 +25241,7 @@ ] }, { - "uuid": "dc9e2c11-4a2d-488d-8d01-da2c03cb17fa", + "uuid": "61d1f7f3-8f3b-4cc2-9128-0a67a1206536", "control-id": "cis_rhel10_5-4.1.2", "description": "No notes for control-id 5.4.1.2.", "props": [ @@ -25347,7 +25263,7 @@ ] }, { - "uuid": "da005c2e-4bdd-4d27-ba26-01ae689e2290", + "uuid": "d984c8ad-aa4e-4dee-a42c-c7dba2c776e6", "control-id": "cis_rhel10_5-4.3.1", "description": "No notes for control-id 5.4.3.1.", "props": [ @@ -25364,7 +25280,7 @@ ] }, { - "uuid": "1b1759c8-023f-4fbc-87e9-c097ca2e145c", + "uuid": "a7d318a4-7b2c-4756-a395-2e048ae023b3", "control-id": "cis_rhel10_6-3.1.1", "description": "No notes for control-id 6.3.1.1.", "props": [ @@ -25386,7 +25302,7 @@ ] }, { - "uuid": "8f98a959-8cfe-448e-b165-b116b1494b15", + "uuid": "52aefce6-e0f5-4ce2-afe5-461cf55edb50", "control-id": "cis_rhel10_6-3.1.2", "description": "No notes for control-id 6.3.1.2.", "props": [ @@ -25403,7 +25319,7 @@ ] }, { - "uuid": "973f9e25-306a-4413-be40-ca652263937e", + "uuid": "67def5d0-506a-4b36-abcb-518e6773024b", "control-id": "cis_rhel10_6-3.1.3", "description": "No notes for control-id 6.3.1.3.", "props": [ @@ -25420,7 +25336,7 @@ ] }, { - "uuid": "01092c2a-1554-4449-8afd-3ed167d069f9", + "uuid": "85532f19-283c-4f2a-9c6a-5fb6c15b1098", "control-id": "cis_rhel10_6-3.1.4", "description": "No notes for control-id 6.3.1.4.", "props": [ @@ -25437,7 +25353,7 @@ ] }, { - "uuid": "5542ed57-91a5-400e-a697-d8e81b42ee40", + "uuid": "1d3124ec-c66d-4efe-ba8e-f4f031d6db32", "control-id": "cis_rhel10_6-3.2.1", "description": "No notes for control-id 6.3.2.1.", "props": [ @@ -25454,7 +25370,7 @@ ] }, { - "uuid": "405962ea-9456-450f-b3ee-01746390d851", + "uuid": "962cbaa4-e8bc-49b8-9352-16c3ee142c6d", "control-id": "cis_rhel10_6-3.2.2", "description": "No notes for control-id 6.3.2.2.", "props": [ @@ -25471,7 +25387,7 @@ ] }, { - "uuid": "5d8b07bd-5d73-412a-b07e-2b7157d24fe3", + "uuid": "83e507db-0c8f-46ae-8027-2fab672281d2", "control-id": "cis_rhel10_6-3.2.3", "description": "No notes for control-id 6.3.2.3.", "props": [ @@ -25493,7 +25409,7 @@ ] }, { - "uuid": "f06777b4-97cc-4c54-9fa7-724e48549046", + "uuid": "882a45c9-5235-40b8-b9d0-fbb09b33feb5", "control-id": "cis_rhel10_6-3.2.4", "description": "No notes for control-id 6.3.2.4.", "props": [ @@ -25515,7 +25431,7 @@ ] }, { - "uuid": "5c6aca49-06b0-4832-82ba-febc2228e906", + "uuid": "04b33037-d322-4a91-a577-c1a442cfe9c3", "control-id": "cis_rhel10_6-3.3.1", "description": "No notes for control-id 6.3.3.1.", "props": [ @@ -25532,7 +25448,7 @@ ] }, { - "uuid": "813d55f0-b81f-4358-b191-036154996ab2", + "uuid": "5be79d39-10aa-484b-8526-84cd6411aa3a", "control-id": "cis_rhel10_6-3.3.2", "description": "No notes for control-id 6.3.3.2.", "props": [ @@ -25549,7 +25465,7 @@ ] }, { - "uuid": "415d8e0c-3e2f-40cf-8ebe-a683ce7224d8", + "uuid": "8b0875b3-075e-47f1-9878-abf23d9ea302", "control-id": "cis_rhel10_6-3.3.3", "description": "No notes for control-id 6.3.3.3.", "props": [ @@ -25566,7 +25482,7 @@ ] }, { - "uuid": "b25453d4-ed9e-40f8-9133-cd92e19718c3", + "uuid": "a99cb44e-c0c6-47c3-81b8-528e5db5bd89", "control-id": "cis_rhel10_6-3.3.4", "description": "No notes for control-id 6.3.3.4.", "props": [ @@ -25598,7 +25514,7 @@ ] }, { - "uuid": "03644593-2954-4d61-8717-863ec9b6897e", + "uuid": "718ccfe1-d0fb-418e-b9c4-256a3159c825", "control-id": "cis_rhel10_6-3.3.5", "description": "No notes for control-id 6.3.3.5.", "props": [ @@ -25620,7 +25536,7 @@ ] }, { - "uuid": "580f6168-cf8d-4390-869e-57c749516ed7", + "uuid": "4e46b6e7-767b-4f61-8231-282495c4a0b7", "control-id": "cis_rhel10_6-3.3.6", "description": "No notes for control-id 6.3.3.6.", "props": [ @@ -25642,7 +25558,7 @@ ] }, { - "uuid": "807d440a-c32f-43d3-96b1-e3f660f19699", + "uuid": "c076f1c7-40e9-46d3-86ba-88baf02ab622", "control-id": "cis_rhel10_6-3.3.7", "description": "No notes for control-id 6.3.3.7.", "props": [ @@ -25664,7 +25580,7 @@ ] }, { - "uuid": "b62df933-2d33-4768-9643-eccb545d1918", + "uuid": "4a836a25-112d-4131-ac4f-8211411ec345", "control-id": "cis_rhel10_6-3.3.8", "description": "No notes for control-id 6.3.3.8.", "props": [ @@ -25686,7 +25602,7 @@ ] }, { - "uuid": "81d48084-6ec7-49d1-b176-706913081848", + "uuid": "517a799a-75cf-489c-9576-b11050b58cee", "control-id": "cis_rhel10_6-3.3.9", "description": "No notes for control-id 6.3.3.9.", "props": [ @@ -25703,7 +25619,7 @@ ] }, { - "uuid": "5ac93dc8-1196-4a05-aeef-26adf8792f72", + "uuid": "9aaa0476-4949-4403-abcc-913c613b2809", "control-id": "cis_rhel10_6-3.3.10", "description": "No notes for control-id 6.3.3.10.", "props": [ @@ -25720,7 +25636,7 @@ ] }, { - "uuid": "4d4185cb-43c4-45d7-a397-b4ef4d9077a7", + "uuid": "b0b4bc71-94be-406d-b18e-8dae9aed4cec", "control-id": "cis_rhel10_6-3.3.11", "description": "No notes for control-id 6.3.3.11.", "props": [ @@ -25757,7 +25673,7 @@ ] }, { - "uuid": "7ca12354-089d-4d01-882b-a6efd2b62830", + "uuid": "27616b6b-1788-46db-80f8-cf5249ce4443", "control-id": "cis_rhel10_6-3.3.12", "description": "No notes for control-id 6.3.3.12.", "props": [ @@ -25774,7 +25690,7 @@ ] }, { - "uuid": "b9212f4e-4a7f-4063-87df-f356f8053ded", + "uuid": "50e951a8-cc06-42a9-b1f8-7454b7a615bb", "control-id": "cis_rhel10_6-3.3.13", "description": "No notes for control-id 6.3.3.13.", "props": [ @@ -25791,7 +25707,7 @@ ] }, { - "uuid": "b41db379-be46-4d3a-b6f7-4e6875b036b4", + "uuid": "e62d0466-5971-41f7-86ca-124acb02a4ae", "control-id": "cis_rhel10_6-3.3.14", "description": "No notes for control-id 6.3.3.14.", "props": [ @@ -25813,7 +25729,7 @@ ] }, { - "uuid": "f8c2b415-11ab-45f7-9d26-312d749844d6", + "uuid": "caa33515-3d08-4548-a3e4-4531643b523e", "control-id": "cis_rhel10_6-3.3.15", "description": "No notes for control-id 6.3.3.15.", "props": [ @@ -25830,7 +25746,7 @@ ] }, { - "uuid": "2a9cf972-ee73-4fdc-b1fe-d75dbfcc3d92", + "uuid": "35455c38-9b5a-4d80-9085-52ddeb3fdf5a", "control-id": "cis_rhel10_6-3.3.16", "description": "No notes for control-id 6.3.3.16.", "props": [ @@ -25847,7 +25763,7 @@ ] }, { - "uuid": "7190804d-d743-440e-9f40-1aba5840116a", + "uuid": "a2856ac2-af95-4528-a6ec-63c1b0ff625a", "control-id": "cis_rhel10_6-3.3.17", "description": "No notes for control-id 6.3.3.17.", "props": [ @@ -25869,7 +25785,7 @@ ] }, { - "uuid": "06f228d8-2a76-4bd8-9382-343b7b697f9a", + "uuid": "59d8669d-10af-4f60-aa4c-70d462b85bf9", "control-id": "cis_rhel10_6-3.3.18", "description": "No notes for control-id 6.3.3.18.", "props": [ @@ -25901,7 +25817,7 @@ ] }, { - "uuid": "9ef4d9eb-8813-43a1-9506-dca4f8128a6f", + "uuid": "0d7e3717-80f2-409e-ab8f-261fed850682", "control-id": "cis_rhel10_6-3.3.19", "description": "No notes for control-id 6.3.3.19.", "props": [ @@ -25933,7 +25849,7 @@ ] }, { - "uuid": "f31b3f96-1bec-41ef-968c-263ce949b100", + "uuid": "bfead6fc-ef90-4012-a0a8-1bc2bb5fdd9f", "control-id": "cis_rhel10_6-3.3.20", "description": "No notes for control-id 6.3.3.20.", "props": [ @@ -25975,7 +25891,7 @@ ] }, { - "uuid": "8c73031a-3a17-41a7-ad08-4967ee2c6427", + "uuid": "7e522aea-c1e3-45d5-aa0a-11c541542422", "control-id": "cis_rhel10_6-3.3.21", "description": "No notes for control-id 6.3.3.21.", "props": [ @@ -25992,7 +25908,7 @@ ] }, { - "uuid": "63e30bf9-4164-4fbf-b176-6143232bd7c3", + "uuid": "bbc6f01e-561f-4d1b-88f3-2f1cc291bda0", "control-id": "cis_rhel10_6-3.3.22", "description": "No notes for control-id 6.3.3.22.", "props": [ @@ -26019,7 +25935,7 @@ ] }, { - "uuid": "80cebbe5-8fff-45dd-96d5-67bfd6b596cd", + "uuid": "3bcdeb67-cdbf-410d-9095-3f9cb480967f", "control-id": "cis_rhel10_6-3.3.23", "description": "No notes for control-id 6.3.3.23.", "props": [ @@ -26041,7 +25957,7 @@ ] }, { - "uuid": "928915c7-bd39-4235-bc7a-3fabd7e350b5", + "uuid": "0ce30678-5935-47cc-a130-378f65e2d9d7", "control-id": "cis_rhel10_6-3.3.24", "description": "No notes for control-id 6.3.3.24.", "props": [ @@ -26063,7 +25979,7 @@ ] }, { - "uuid": "2b424a67-8d7b-4e70-a5cc-6ff68909c065", + "uuid": "b6f841b1-b1a2-47f2-9ec9-22ccb5d534a2", "control-id": "cis_rhel10_6-3.3.25", "description": "No notes for control-id 6.3.3.25.", "props": [ @@ -26090,7 +26006,7 @@ ] }, { - "uuid": "f49b212c-3e11-497b-9535-f8c9c3832268", + "uuid": "c8c99be5-48e0-4479-8b26-c2343f43ddd9", "control-id": "cis_rhel10_6-3.3.26", "description": "No notes for control-id 6.3.3.26.", "props": [ @@ -26112,7 +26028,7 @@ ] }, { - "uuid": "248c2323-af34-4a5e-9634-d75433d6ae8a", + "uuid": "70406cb2-b19d-4926-bcdf-928a2dcbea53", "control-id": "cis_rhel10_6-3.3.27", "description": "No notes for control-id 6.3.3.27.", "props": [ @@ -26129,7 +26045,7 @@ ] }, { - "uuid": "2fffd850-5e7c-41f0-8752-44af34da18eb", + "uuid": "c9cc7459-a739-4045-93ff-00ea1009299b", "control-id": "cis_rhel10_6-3.3.28", "description": "No notes for control-id 6.3.3.28.", "props": [ @@ -26146,7 +26062,7 @@ ] }, { - "uuid": "7ab6bce7-119c-4f0f-a78f-b3189e905ec3", + "uuid": "07426558-cc38-4192-82fb-57f16661d98e", "control-id": "cis_rhel10_6-3.3.29", "description": "No notes for control-id 6.3.3.29.", "props": [ @@ -26163,7 +26079,7 @@ ] }, { - "uuid": "91767e06-cd81-4733-8a6b-197cc5c34f09", + "uuid": "185d6c8e-b5d4-4268-b2ff-f499b93db495", "control-id": "cis_rhel10_6-3.3.30", "description": "No notes for control-id 6.3.3.30.", "props": [ @@ -26180,7 +26096,7 @@ ] }, { - "uuid": "38d0c46c-d533-475b-b116-365125457287", + "uuid": "448bd0f4-8db9-4ee8-bdde-9a404c252b0a", "control-id": "cis_rhel10_6-3.3.31", "description": "No notes for control-id 6.3.3.31.", "props": [ @@ -26197,7 +26113,7 @@ ] }, { - "uuid": "4357fe3d-ef72-4c19-b5dc-380c7d8409f5", + "uuid": "49292af1-525e-44f7-86f4-dd90f7e65a2e", "control-id": "cis_rhel10_6-3.3.32", "description": "No notes for control-id 6.3.3.32.", "props": [ @@ -26219,7 +26135,7 @@ ] }, { - "uuid": "97d69e3c-c63c-4abf-a948-1923bc6cacb6", + "uuid": "f8e48494-2e8a-4973-b925-396376045e78", "control-id": "cis_rhel10_6-3.3.33", "description": "No notes for control-id 6.3.3.33.", "props": [ @@ -26236,7 +26152,7 @@ ] }, { - "uuid": "30b578ee-b357-4fa1-aa89-a4d6f2db3269", + "uuid": "3ad0f727-a79a-4f8a-9fb7-70fd5613b480", "control-id": "cis_rhel10_6-3.3.34", "description": "No notes for control-id 6.3.3.34.", "props": [ @@ -26253,7 +26169,7 @@ ] }, { - "uuid": "668157a8-cf1f-4c48-859c-1e26b703856b", + "uuid": "a4742a96-9ee5-45f4-92af-b0d972e831a2", "control-id": "cis_rhel10_6-3.3.35", "description": "No notes for control-id 6.3.3.35.", "props": [ @@ -26270,7 +26186,7 @@ ] }, { - "uuid": "2c47b1b0-fc81-4478-b808-cf72968c4547", + "uuid": "392a59bd-ad7a-42e4-8736-3e09fea0bd0e", "control-id": "cis_rhel10_6-3.3.36", "description": "No notes for control-id 6.3.3.36.", "props": [ @@ -26287,7 +26203,7 @@ ] }, { - "uuid": "a829936f-7f7e-4170-8c43-1ff891ab919d", + "uuid": "dae9cda3-191d-4f77-92da-d4d29abf8d5d", "control-id": "cis_rhel10_6-3.3.37", "description": "The description for control-id cis_rhel10_6-3.3.37.", "props": [ @@ -26300,7 +26216,7 @@ ] }, { - "uuid": "3020bd1c-baa1-4905-a44f-6d312ab32d59", + "uuid": "3cd4ce51-ddeb-4329-93e6-fa8045fcc1ec", "control-id": "cis_rhel10_6-3.4.1", "description": "No notes for control-id 6.3.4.1.", "props": [ @@ -26317,7 +26233,7 @@ ] }, { - "uuid": "acbfe0de-5686-448f-9025-cd737f132e12", + "uuid": "14a20c5f-22d5-4ed6-928e-a51082acc9cf", "control-id": "cis_rhel10_6-3.4.2", "description": "No notes for control-id 6.3.4.2.", "props": [ @@ -26334,7 +26250,7 @@ ] }, { - "uuid": "c8580f00-9693-4b46-9710-c01dc96d15fa", + "uuid": "825515ab-6200-433f-ac07-a4e9cfca269a", "control-id": "cis_rhel10_6-3.4.3", "description": "No notes for control-id 6.3.4.3.", "props": [ @@ -26351,7 +26267,7 @@ ] }, { - "uuid": "438604ff-888c-4918-a35d-11494d70c75f", + "uuid": "aa65f56e-6ff0-44ba-acba-cf465a51f299", "control-id": "cis_rhel10_6-3.4.4", "description": "No notes for control-id 6.3.4.4.", "props": [ @@ -26368,7 +26284,7 @@ ] }, { - "uuid": "3df8c522-3f01-41d6-8177-8caa9f0ab9b3", + "uuid": "9b25c3fa-d94d-497b-97ca-d11477b5bf30", "control-id": "cis_rhel10_6-3.4.5", "description": "No notes for control-id 6.3.4.5.", "props": [ @@ -26385,7 +26301,7 @@ ] }, { - "uuid": "0281fd35-7b5c-46d6-bb4a-79551975a7a7", + "uuid": "58f55f01-d029-428a-afeb-6e9f64abc5b7", "control-id": "cis_rhel10_6-3.4.6", "description": "No notes for control-id 6.3.4.6.", "props": [ @@ -26402,7 +26318,7 @@ ] }, { - "uuid": "bb700e5a-01df-4e09-81b3-93168e9ce06e", + "uuid": "1a6fe145-6481-42aa-8943-24376796d2b4", "control-id": "cis_rhel10_6-3.4.7", "description": "No notes for control-id 6.3.4.7.", "props": [ @@ -26419,7 +26335,7 @@ ] }, { - "uuid": "11cbaa13-1cbc-4d0d-9e4d-57f7ab1f173d", + "uuid": "e251dd32-4886-4253-ad11-0d1882ea0e8e", "control-id": "cis_rhel10_6-3.4.8", "description": "No notes for control-id 6.3.4.8.", "props": [ @@ -26436,7 +26352,7 @@ ] }, { - "uuid": "e37d453a-ebac-4033-a66c-9d5da42a4101", + "uuid": "826b3dfe-265c-4186-b407-41e2c577f508", "control-id": "cis_rhel10_6-3.4.9", "description": "No notes for control-id 6.3.4.9.", "props": [ @@ -26453,7 +26369,7 @@ ] }, { - "uuid": "f31ac817-3114-40f6-86b1-30a6baf650a3", + "uuid": "e8605e15-b46a-4331-a611-b00707580978", "control-id": "cis_rhel10_6-3.4.10", "description": "No notes for control-id 6.3.4.10.", "props": [ @@ -26470,7 +26386,7 @@ ] }, { - "uuid": "bb645269-bee1-40b0-a187-15d9c9e04ae2", + "uuid": "7564a952-4504-42ee-9934-28cdd213e5d6", "control-id": "reload_dconf_db", "description": "This is a helper rule to reload Dconf database correctly.", "props": [ @@ -26487,7 +26403,7 @@ ] }, { - "uuid": "5246fa22-01aa-482a-9840-427d8af2feaf", + "uuid": "17ca3286-b9fa-4dd0-b9c6-cb1d22c632d9", "control-id": "cis_rhel10_1-1.1.1", "description": "No notes for control-id 1.1.1.1.", "props": [ @@ -26504,7 +26420,7 @@ ] }, { - "uuid": "71b40742-a571-4f6e-ab2a-2439eb841303", + "uuid": "5108b64c-2d2b-461c-af9a-29b2718234a7", "control-id": "cis_rhel10_1-1.1.2", "description": "No notes for control-id 1.1.1.2.", "props": [ @@ -26521,7 +26437,7 @@ ] }, { - "uuid": "b90a849b-0b65-4935-9824-644501a9da5e", + "uuid": "66eaed8a-372d-4de8-8978-91e25f4a0f1c", "control-id": "cis_rhel10_1-1.1.3", "description": "No notes for control-id 1.1.1.3.", "props": [ @@ -26538,7 +26454,7 @@ ] }, { - "uuid": "21074d7f-9c44-4a9c-ab7c-66dcd91b4f8f", + "uuid": "9c7e21a7-8ddb-4221-87f3-26b821006952", "control-id": "cis_rhel10_1-1.1.4", "description": "No notes for control-id 1.1.1.4.", "props": [ @@ -26555,7 +26471,7 @@ ] }, { - "uuid": "5fcc5e52-ca1e-4892-827b-8c2b474b8e63", + "uuid": "84799d55-ef4e-4ad1-b7ad-f1b0542adc65", "control-id": "cis_rhel10_1-1.1.5", "description": "No notes for control-id 1.1.1.5.", "props": [ @@ -26572,7 +26488,7 @@ ] }, { - "uuid": "8f287413-fb91-4a54-a557-1b079dac8726", + "uuid": "8315e083-2f55-4809-8559-72a65797384a", "control-id": "cis_rhel10_1-1.1.11", "description": "The description for control-id cis_rhel10_1-1.1.11.", "props": [ @@ -26585,7 +26501,7 @@ ] }, { - "uuid": "1c795a00-0c3c-4216-9b2e-63d01feb7ce6", + "uuid": "0917dc43-1c32-4099-9602-35ffa0e4db4f", "control-id": "cis_rhel10_1-1.2.1.1", "description": "No notes for control-id 1.1.2.1.1.", "props": [ @@ -26602,7 +26518,7 @@ ] }, { - "uuid": "33eb4017-9098-487c-8f19-738080a10aff", + "uuid": "d1825d59-1be8-43f3-b66d-37e77577e648", "control-id": "cis_rhel10_1-1.2.1.2", "description": "No notes for control-id 1.1.2.1.2.", "props": [ @@ -26619,7 +26535,7 @@ ] }, { - "uuid": "b3c27b2d-1af5-4728-8c74-dde28ebe9e1c", + "uuid": "84d6b373-218e-46a3-a27e-924a61c19b28", "control-id": "cis_rhel10_1-1.2.1.3", "description": "No notes for control-id 1.1.2.1.3.", "props": [ @@ -26636,7 +26552,7 @@ ] }, { - "uuid": "2314332b-c660-4158-9675-9ed812d62e84", + "uuid": "7dbfeda4-e9ea-4bec-8991-9a6da1328682", "control-id": "cis_rhel10_1-1.2.1.4", "description": "No notes for control-id 1.1.2.1.4.", "props": [ @@ -26653,7 +26569,7 @@ ] }, { - "uuid": "d95240c1-afb0-427f-9285-e75e5a0ba6f6", + "uuid": "1e7f8751-0b9b-4525-826f-da6d23a930a2", "control-id": "cis_rhel10_1-1.2.2.1", "description": "No notes for control-id 1.1.2.2.1.", "props": [ @@ -26670,7 +26586,7 @@ ] }, { - "uuid": "27a5e2b4-c429-4efa-b4fc-cc849726a1db", + "uuid": "68c86261-3ba6-4827-a110-7089b8529e33", "control-id": "cis_rhel10_1-1.2.2.2", "description": "No notes for control-id 1.1.2.2.2.", "props": [ @@ -26687,7 +26603,7 @@ ] }, { - "uuid": "95e82297-77f1-488b-8096-5529d8f95761", + "uuid": "528c5e73-c85f-4e35-9890-e1f79a934ca8", "control-id": "cis_rhel10_1-1.2.2.3", "description": "No notes for control-id 1.1.2.2.3.", "props": [ @@ -26704,7 +26620,7 @@ ] }, { - "uuid": "65e34b7f-b7c0-4a12-8c7c-8171da06fbf2", + "uuid": "fbfc9d99-57a2-4218-bc67-86566ab2ad61", "control-id": "cis_rhel10_1-1.2.2.4", "description": "No notes for control-id 1.1.2.2.4.", "props": [ @@ -26721,7 +26637,7 @@ ] }, { - "uuid": "0859be9f-3e69-46c0-86c1-3049a6d1cfb0", + "uuid": "5ce1bb74-c97e-44fb-869a-a308be2c4958", "control-id": "cis_rhel10_1-1.2.3.2", "description": "No notes for control-id 1.1.2.3.2.", "props": [ @@ -26738,7 +26654,7 @@ ] }, { - "uuid": "ccb2ded8-c36a-451d-97a0-a06c1cb1180c", + "uuid": "ce92df38-b3be-49a9-9aa3-45807efc8c9e", "control-id": "cis_rhel10_1-1.2.3.3", "description": "No notes for control-id 1.1.2.3.3.", "props": [ @@ -26755,7 +26671,7 @@ ] }, { - "uuid": "7c27911c-df3c-458b-bb74-d8db6460599f", + "uuid": "6a1e49b2-d0e6-4477-91bc-0d62c2caff1f", "control-id": "cis_rhel10_1-1.2.4.2", "description": "No notes for control-id 1.1.2.4.2.", "props": [ @@ -26772,7 +26688,7 @@ ] }, { - "uuid": "6ddec5f9-431b-4e23-991b-4938e3a18187", + "uuid": "37212d10-ed4a-44cd-9fc2-ab5aa677e87a", "control-id": "cis_rhel10_1-1.2.4.3", "description": "No notes for control-id 1.1.2.4.3.", "props": [ @@ -26789,7 +26705,7 @@ ] }, { - "uuid": "f0735151-9d23-496d-b6f2-22b1b633112f", + "uuid": "6e499469-855f-4de7-98ca-9d4c75487788", "control-id": "cis_rhel10_1-1.2.5.2", "description": "No notes for control-id 1.1.2.5.2.", "props": [ @@ -26806,7 +26722,7 @@ ] }, { - "uuid": "53733f7b-8c8b-42fe-bef9-3ad6b852d508", + "uuid": "4bbba2ed-c21c-4700-94cc-a264aead7e26", "control-id": "cis_rhel10_1-1.2.5.3", "description": "No notes for control-id 1.1.2.5.3.", "props": [ @@ -26823,7 +26739,7 @@ ] }, { - "uuid": "d9c460e7-e13a-48ac-a520-7c9603804687", + "uuid": "1eeae521-904a-469e-95bc-69f9c9320096", "control-id": "cis_rhel10_1-1.2.5.4", "description": "No notes for control-id 1.1.2.5.4.", "props": [ @@ -26840,7 +26756,7 @@ ] }, { - "uuid": "14191d73-0b83-4b0a-a0a9-df6bd252122f", + "uuid": "982d7d07-471a-4486-94da-fc5283058a49", "control-id": "cis_rhel10_1-1.2.6.2", "description": "No notes for control-id 1.1.2.6.2.", "props": [ @@ -26857,7 +26773,7 @@ ] }, { - "uuid": "61ba32bf-4907-4e43-9d5b-ec5999714fb3", + "uuid": "62fab630-f402-434d-addd-3390a23773aa", "control-id": "cis_rhel10_1-1.2.6.3", "description": "No notes for control-id 1.1.2.6.3.", "props": [ @@ -26874,7 +26790,7 @@ ] }, { - "uuid": "fe264ece-e572-45d5-8c0a-1b9d30f44b05", + "uuid": "a4af6820-d3f6-4ab4-bd18-81ad05f76c8f", "control-id": "cis_rhel10_1-1.2.6.4", "description": "No notes for control-id 1.1.2.6.4.", "props": [ @@ -26891,7 +26807,7 @@ ] }, { - "uuid": "eaacb15c-8f29-499a-9d74-703306e3aa72", + "uuid": "6522bf7f-fabc-43fb-be13-195bc2d4f527", "control-id": "cis_rhel10_1-1.2.7.2", "description": "No notes for control-id 1.1.2.7.2.", "props": [ @@ -26908,7 +26824,7 @@ ] }, { - "uuid": "dddce8b2-77a8-456b-9d90-9806b6dd7710", + "uuid": "c4752b6e-bc10-443d-943a-776c91ed0b73", "control-id": "cis_rhel10_1-1.2.7.3", "description": "No notes for control-id 1.1.2.7.3.", "props": [ @@ -26925,7 +26841,7 @@ ] }, { - "uuid": "eac5283c-1af9-43b0-9141-0a5f92986bc0", + "uuid": "3a7857cd-950e-46c5-b277-6379529d8539", "control-id": "cis_rhel10_1-1.2.7.4", "description": "No notes for control-id 1.1.2.7.4.", "props": [ @@ -26942,7 +26858,7 @@ ] }, { - "uuid": "2530512d-96ac-40c8-aa12-ecb3e37817ac", + "uuid": "7325418c-98af-4575-b237-0cccfa2625e0", "control-id": "cis_rhel10_1-2.1.1", "description": "The description for control-id cis_rhel10_1-2.1.1.", "props": [ @@ -26955,7 +26871,7 @@ ] }, { - "uuid": "fecdd619-4624-4206-b0e4-7827ca118176", + "uuid": "64337793-0671-4004-af57-f42feebe0762", "control-id": "cis_rhel10_1-2.1.2", "description": "No notes for control-id 1.2.1.2.", "props": [ @@ -26972,7 +26888,7 @@ ] }, { - "uuid": "4739b9d5-33f5-41d4-aa18-344fb7ba5a9e", + "uuid": "fa5de22f-c1c3-41d2-9c26-7251f28a1e03", "control-id": "cis_rhel10_1-2.1.4", "description": "The description for control-id cis_rhel10_1-2.1.4.", "props": [ @@ -26985,7 +26901,7 @@ ] }, { - "uuid": "5b4f322a-9b0f-40df-b75e-5d64a7d69587", + "uuid": "0d69ce65-7020-4fe8-a25a-15ab6ff2cf51", "control-id": "cis_rhel10_1-2.2.1", "description": "The description for control-id cis_rhel10_1-2.2.1.", "props": [ @@ -26998,7 +26914,7 @@ ] }, { - "uuid": "041b343d-f9d5-4ca8-bfd8-6608cd705768", + "uuid": "3874fde3-c368-4639-a960-0dff5a119ab6", "control-id": "cis_rhel10_1-3.1.1", "description": "No notes for control-id 1.3.1.1.", "props": [ @@ -27015,7 +26931,7 @@ ] }, { - "uuid": "6707bbf6-5cd4-4da9-b9f9-7879d573a396", + "uuid": "0c00310f-b35d-4f88-9d59-3b18b47da1bf", "control-id": "cis_rhel10_1-3.1.2", "description": "No notes for control-id 1.3.1.2.", "props": [ @@ -27032,7 +26948,7 @@ ] }, { - "uuid": "fee59fca-37bb-4fb0-a36a-02e1fb314bca", + "uuid": "46cef159-25f3-4d7a-811b-cd2fb7dcfc02", "control-id": "cis_rhel10_1-3.1.3", "description": "No notes for control-id 1.3.1.3.", "props": [ @@ -27049,7 +26965,7 @@ ] }, { - "uuid": "b38dd510-df26-4c23-afd9-d1798d53fe5b", + "uuid": "4c049b9b-6ba3-49eb-a911-b1aff9d788cf", "control-id": "cis_rhel10_1-3.1.4", "description": "No notes for control-id 1.3.1.4.", "props": [ @@ -27066,7 +26982,7 @@ ] }, { - "uuid": "aa401452-45d7-4420-8c71-9516ab643f54", + "uuid": "411ac329-ae40-4a2c-a71b-4126ffc90ea4", "control-id": "cis_rhel10_1-3.1.7", "description": "No notes for control-id 1.3.1.7.", "props": [ @@ -27083,7 +26999,7 @@ ] }, { - "uuid": "b35aed28-187d-4dc0-954a-269c2ee81f4e", + "uuid": "9b538241-b538-4fcc-9f57-99cc417012dd", "control-id": "cis_rhel10_1-4.1", "description": "There is no automated remediation for this rule and this is intentional.\nMore details in the rule description.", "props": [ @@ -27100,50 +27016,34 @@ ] }, { - "uuid": "76b7aef7-45ac-4363-b20d-d0e371aa74d6", + "uuid": "6e149d83-e977-428c-9d6f-14226d3de9f6", "control-id": "cis_rhel10_1-4.2", - "description": "The description for control-id cis_rhel10_1-4.2.", + "description": "This requirement demands a deeper review of the rules.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "This requirement demands a deeper review of the rules." - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_grub2_cfg" - }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_grub2_cfg" + "value": "implemented" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_groupowner_user_cfg" + "value": "file_permissions_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_owner_user_cfg" + "value": "file_owner_boot_grub2" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_user_cfg" + "value": "file_groupowner_boot_grub2" } ] }, { - "uuid": "e67c1f18-591e-42d6-9f14-ed9ed4093acc", + "uuid": "0ea59085-1f79-4958-acd1-90e0044e9d7d", "control-id": "cis_rhel10_1-5.1", "description": "No notes for control-id 1.5.1.", "props": [ @@ -27160,7 +27060,7 @@ ] }, { - "uuid": "28574cf3-acea-41da-82ff-01287de0b7a6", + "uuid": "6bd07a1e-29d0-4894-bc03-7cf44be81b87", "control-id": "cis_rhel10_1-5.2", "description": "No notes for control-id 1.5.2.", "props": [ @@ -27177,7 +27077,7 @@ ] }, { - "uuid": "2d235b5b-088f-4805-915e-216577574e72", + "uuid": "6607ecfc-c2d0-4348-9fbf-9e3b942f823a", "control-id": "cis_rhel10_1-5.4", "description": "No notes for control-id 1.5.4.", "props": [ @@ -27194,7 +27094,7 @@ ] }, { - "uuid": "4031efae-6830-4839-93d2-a82c001d86c1", + "uuid": "50b3f130-cf8f-483a-8e98-dbabc478d539", "control-id": "cis_rhel10_1-5.5", "description": "No notes for control-id 1.5.5.", "props": [ @@ -27211,7 +27111,7 @@ ] }, { - "uuid": "f3d4a313-b46b-4ff5-bb74-30c3bade35ff", + "uuid": "db54684a-1916-4a7e-bad8-a27f7ee7c6b5", "control-id": "cis_rhel10_1-5.6", "description": "No notes for control-id 1.5.6.", "props": [ @@ -27228,7 +27128,7 @@ ] }, { - "uuid": "75fe7d88-73fe-4b45-81a4-e668c8144d31", + "uuid": "4b097dd1-058e-4452-ba78-4d20732c29eb", "control-id": "cis_rhel10_1-5.7", "description": "No notes for control-id 1.5.7.", "props": [ @@ -27245,7 +27145,7 @@ ] }, { - "uuid": "98bd9467-44da-435e-9d14-693ea5ad578d", + "uuid": "5ec4b5ee-6421-40b6-ae10-cad5a08cbcd6", "control-id": "cis_rhel10_1-5.8", "description": "Address Space Layout Randomization (ASLR)", "props": [ @@ -27262,7 +27162,7 @@ ] }, { - "uuid": "e7e5f8fe-d79f-4864-b1c2-d987a5db6fc9", + "uuid": "1bb90ba1-a908-470f-a515-5160c84d20d4", "control-id": "cis_rhel10_1-5.9", "description": "No notes for control-id 1.5.9.", "props": [ @@ -27279,7 +27179,7 @@ ] }, { - "uuid": "6fdc181f-5aff-4ce9-b376-78e9288357d3", + "uuid": "ccbf5eb9-064c-491d-a4f6-8af4179ba178", "control-id": "cis_rhel10_1-5.10", "description": "No notes for control-id 1.5.10.", "props": [ @@ -27296,7 +27196,7 @@ ] }, { - "uuid": "38037a9e-cc13-4794-97a3-3620be4e6d63", + "uuid": "0bfefb99-f469-49b7-ab1d-6ad0edf45398", "control-id": "cis_rhel10_1-6.1", "description": "No notes for control-id 1.6.1.", "props": [ @@ -27313,7 +27213,7 @@ ] }, { - "uuid": "edb31e03-fc8b-4a51-8f57-d8cce6016fe4", + "uuid": "0f462acf-de0a-4116-8f64-19fa7c43019a", "control-id": "cis_rhel10_1-6.2", "description": "No notes for control-id 1.6.2.", "props": [ @@ -27330,7 +27230,7 @@ ] }, { - "uuid": "c4027fb2-1a58-4f3a-8df3-c122e61ed421", + "uuid": "9b4a23bf-02d4-4c4e-a080-13708347e47f", "control-id": "cis_rhel10_1-6.3", "description": "No notes for control-id 1.6.3.", "props": [ @@ -27347,7 +27247,7 @@ ] }, { - "uuid": "120dc2a5-8773-4bf3-aeeb-d61e597c2b7c", + "uuid": "a314c7d2-a5d4-43d3-b3a8-825258f26e21", "control-id": "cis_rhel10_1-6.4", "description": "No notes for control-id 1.6.4.", "props": [ @@ -27364,7 +27264,7 @@ ] }, { - "uuid": "04685d7a-0880-4ec5-a832-aff96f8571a7", + "uuid": "1b0d9c23-88a1-4539-8b33-906523bf6cb9", "control-id": "cis_rhel10_1-7.1", "description": "No notes for control-id 1.7.1.", "props": [ @@ -27381,7 +27281,7 @@ ] }, { - "uuid": "6e65316e-7271-4c61-b20b-920cf7f339a0", + "uuid": "28af30d2-3856-4607-b6ea-b6f983e96345", "control-id": "cis_rhel10_1-7.2", "description": "No notes for control-id 1.7.2.", "props": [ @@ -27398,7 +27298,7 @@ ] }, { - "uuid": "4ea7162e-098e-43ed-9fba-0347efb2cb0d", + "uuid": "bc0a61d2-2e56-4d10-a52c-688a343bcbd8", "control-id": "cis_rhel10_1-7.3", "description": "No notes for control-id 1.7.3.", "props": [ @@ -27415,7 +27315,7 @@ ] }, { - "uuid": "35a907f1-6b54-48ae-a68e-e10bbad91c07", + "uuid": "4dc68017-4ff9-4ce3-8ea1-ac97058d376f", "control-id": "cis_rhel10_1-7.4", "description": "No notes for control-id 1.7.4.", "props": [ @@ -27442,7 +27342,7 @@ ] }, { - "uuid": "183aef49-9035-4bad-abdb-e0da96269b97", + "uuid": "be58c67a-1e6f-4bd2-bb09-f34084ef1427", "control-id": "cis_rhel10_1-7.5", "description": "No notes for control-id 1.7.5.", "props": [ @@ -27469,7 +27369,7 @@ ] }, { - "uuid": "a9e1a888-f68e-45e5-8e3f-80812556d3b7", + "uuid": "e7aabd65-3fbe-4e1f-8256-231e9cc2b619", "control-id": "cis_rhel10_1-7.6", "description": "No notes for control-id 1.7.6.", "props": [ @@ -27496,7 +27396,7 @@ ] }, { - "uuid": "be694cfd-f13f-484c-80dc-0b17996cbc63", + "uuid": "ac697eb3-c133-4c44-bb5b-15bc4ad2f065", "control-id": "cis_rhel10_1-8.1", "description": "No notes for control-id 1.8.1.", "props": [ @@ -27518,7 +27418,7 @@ ] }, { - "uuid": "e691ea18-3e4b-4b9b-847d-a362708f5c73", + "uuid": "43d6207d-f7c3-40f3-881e-2946387873ab", "control-id": "cis_rhel10_1-8.2", "description": "No notes for control-id 1.8.2.", "props": [ @@ -27535,7 +27435,7 @@ ] }, { - "uuid": "fe457554-dc56-44ae-86ee-c6f84c9b0731", + "uuid": "92f851da-c1b9-466a-8621-17c25e8e7d58", "control-id": "cis_rhel10_1-8.3", "description": "No notes for control-id 1.8.3.", "props": [ @@ -27567,7 +27467,7 @@ ] }, { - "uuid": "3aa51e03-e4b4-4dfd-be7e-4f5021e80a29", + "uuid": "057dd0bb-c2ce-4da0-9b83-c58b9a4c9464", "control-id": "cis_rhel10_1-8.5", "description": "No notes for control-id 1.8.5.", "props": [ @@ -27584,7 +27484,7 @@ ] }, { - "uuid": "a8cc070c-0147-4fc9-aa74-b20f7f989f7b", + "uuid": "34e3bd61-532b-4179-9e19-9d337c7de928", "control-id": "cis_rhel10_2-1.4", "description": "No notes for control-id 2.1.4.", "props": [ @@ -27601,7 +27501,7 @@ ] }, { - "uuid": "b84b544d-993f-4aa2-83bd-d49d44de76ca", + "uuid": "8ace24c7-3f73-44fe-a12d-d8cd91accd93", "control-id": "cis_rhel10_2-1.5", "description": "No notes for control-id 2.1.5.", "props": [ @@ -27618,7 +27518,7 @@ ] }, { - "uuid": "61979c9a-5ba2-4c95-9479-f2d7b5ae4fe1", + "uuid": "aed1bdb3-5a81-4b5c-b652-2ad3e371bd7d", "control-id": "cis_rhel10_2-1.6", "description": "No notes for control-id 2.1.6.", "props": [ @@ -27635,7 +27535,7 @@ ] }, { - "uuid": "2ec4cd2e-4c3a-4bec-b45d-651257b8612c", + "uuid": "6089ce80-5aa6-4131-b364-a7a7217bd028", "control-id": "cis_rhel10_2-1.7", "description": "No notes for control-id 2.1.7.", "props": [ @@ -27652,7 +27552,7 @@ ] }, { - "uuid": "cabb6418-338f-4587-9bb2-d09410ae70e5", + "uuid": "61a93dc7-72d4-496b-be62-853a65170a38", "control-id": "cis_rhel10_2-1.8", "description": "No notes for control-id 2.1.8.", "props": [ @@ -27674,7 +27574,7 @@ ] }, { - "uuid": "fc8bb6d6-160b-453c-ab51-f4b6db8893eb", + "uuid": "b5511c28-7556-4bda-a3e6-5f49ad10db29", "control-id": "cis_rhel10_2-1.9", "description": "Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the\nnfs-utils package.", "props": [ @@ -27691,7 +27591,7 @@ ] }, { - "uuid": "878b5cd8-d362-4f78-8836-b69a57b9b88d", + "uuid": "64ef4ab3-2919-47e6-9e2c-4bd95328f383", "control-id": "cis_rhel10_2-1.11", "description": "Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils\npackage used for The Network File System (NFS), are dependent on the rpcbind package.", "props": [ @@ -27708,7 +27608,7 @@ ] }, { - "uuid": "e305dd60-f514-45e6-98eb-dc02140e2cf9", + "uuid": "f4a20941-c15a-46f5-96f8-0dcd9ff685fe", "control-id": "cis_rhel10_2-1.12", "description": "No notes for control-id 2.1.12.", "props": [ @@ -27725,7 +27625,7 @@ ] }, { - "uuid": "9cc9b44d-08e7-4407-865d-0037e0923e4f", + "uuid": "419843d6-a256-4cc9-ab70-edd9d7421750", "control-id": "cis_rhel10_2-1.13", "description": "No notes for control-id 2.1.13.", "props": [ @@ -27742,7 +27642,7 @@ ] }, { - "uuid": "75295430-1e77-4252-b9d0-02ca70922ab9", + "uuid": "680ba4a8-156c-4d89-a367-97b10b0b2a6c", "control-id": "cis_rhel10_2-1.14", "description": "No notes for control-id 2.1.14.", "props": [ @@ -27759,7 +27659,7 @@ ] }, { - "uuid": "32a24d2f-6d45-4e23-933a-e88d8dee1f23", + "uuid": "b5fb3766-aaf2-4b28-9447-bc7c51ff40bc", "control-id": "cis_rhel10_2-1.15", "description": "No notes for control-id 2.1.15.", "props": [ @@ -27776,7 +27676,7 @@ ] }, { - "uuid": "99b1c308-3d7f-477e-8630-1859a3e7f31d", + "uuid": "10ce1fbb-4bf7-4a4d-971b-1209a32717f3", "control-id": "cis_rhel10_2-1.16", "description": "No notes for control-id 2.1.16.", "props": [ @@ -27793,7 +27693,7 @@ ] }, { - "uuid": "14079db6-83ee-4c65-ae6e-1adbee9e9f10", + "uuid": "b201a62c-80d2-41e0-9f0f-c7195e2ef188", "control-id": "cis_rhel10_2-1.17", "description": "No notes for control-id 2.1.17.", "props": [ @@ -27810,7 +27710,7 @@ ] }, { - "uuid": "9ee2305d-9598-49af-8bbe-609960ed9857", + "uuid": "39809210-4ce2-4bb7-8dfd-a1dca9ac3c32", "control-id": "cis_rhel10_2-1.18", "description": "No notes for control-id 2.1.18.", "props": [ @@ -27832,7 +27732,7 @@ ] }, { - "uuid": "571fbdeb-7f7e-410c-ae23-65f312b1b330", + "uuid": "cf6cadd0-043a-4356-8136-f1793c939b09", "control-id": "cis_rhel10_2-1.21", "description": "No notes for control-id 2.1.21.", "props": [ @@ -27854,7 +27754,7 @@ ] }, { - "uuid": "51ccad4a-dac9-4c49-8785-c149761e21df", + "uuid": "846fc641-ed25-4962-b464-3771a6d9168e", "control-id": "cis_rhel10_2-1.22", "description": "The description for control-id cis_rhel10_2-1.22.", "props": [ @@ -27867,7 +27767,7 @@ ] }, { - "uuid": "7adba0e9-2249-4fe3-9c77-58774236d88f", + "uuid": "e82ae63a-f474-42da-a80c-76ad2ffc26e0", "control-id": "cis_rhel10_2-2.1", "description": "No notes for control-id 2.2.1.", "props": [ @@ -27884,7 +27784,7 @@ ] }, { - "uuid": "a9372aa7-1c17-4ff8-b3dd-f3dc6709ed0f", + "uuid": "7a42aa2f-d348-44ce-b7b6-b71c00982b89", "control-id": "cis_rhel10_2-2.3", "description": "No notes for control-id 2.2.3.", "props": [ @@ -27901,7 +27801,7 @@ ] }, { - "uuid": "cb3652df-36f4-4549-9fc7-88c1aaa4b369", + "uuid": "62ecd303-423f-40ab-ae03-9f97263efb48", "control-id": "cis_rhel10_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -27918,7 +27818,7 @@ ] }, { - "uuid": "b990c279-2a3e-4efe-b8e9-465fd4beceb4", + "uuid": "ca2f665d-ce9c-4ece-aa85-c6f748138b1e", "control-id": "cis_rhel10_2-3.1", "description": "No notes for control-id 2.3.1.", "props": [ @@ -27930,7 +27830,7 @@ ] }, { - "uuid": "cf00e20c-b57c-46bb-906e-0efb914ef3b9", + "uuid": "397dc31a-78e8-4cd4-ace6-f541b3d86ea4", "control-id": "cis_rhel10_2-3.2", "description": "No notes for control-id 2.3.2.", "props": [ @@ -27947,7 +27847,7 @@ ] }, { - "uuid": "61050cfc-1f1b-4fda-87b7-12037767669e", + "uuid": "23502ff6-b985-48ef-ac81-71d16b023839", "control-id": "cis_rhel10_2-3.3", "description": "No notes for control-id 2.3.3.", "props": [ @@ -27964,7 +27864,7 @@ ] }, { - "uuid": "6f41bb5c-13c7-42d8-858a-61d365778882", + "uuid": "aec67312-51de-4558-b893-5fb3059f46a7", "control-id": "cis_rhel10_2-4.1.1", "description": "No notes for control-id 2.4.1.1.", "props": [ @@ -27986,7 +27886,7 @@ ] }, { - "uuid": "abb74cc7-4971-4a63-8e13-0a390b67f9b6", + "uuid": "66216129-3ec6-42c2-b232-fac8d253720c", "control-id": "cis_rhel10_2-4.1.2", "description": "No notes for control-id 2.4.1.2.", "props": [ @@ -28013,7 +27913,7 @@ ] }, { - "uuid": "b0a97770-2959-4c80-bd14-fe98446bfc97", + "uuid": "4cc65c0b-f70a-4c1a-93a0-7565d824c0c0", "control-id": "cis_rhel10_2-4.1.3", "description": "No notes for control-id 2.4.1.3.", "props": [ @@ -28040,7 +27940,7 @@ ] }, { - "uuid": "f116e9a1-b4d9-42fe-96ef-f09e4b0e83a3", + "uuid": "faa250fa-6adf-459c-944c-0d56d51104cf", "control-id": "cis_rhel10_2-4.1.4", "description": "No notes for control-id 2.4.1.4.", "props": [ @@ -28067,7 +27967,7 @@ ] }, { - "uuid": "8945aa69-3b87-4406-aedd-54befc3f270c", + "uuid": "c3a78c3e-7a9e-4d60-8bed-96c0de2fc09c", "control-id": "cis_rhel10_2-4.1.5", "description": "No notes for control-id 2.4.1.5.", "props": [ @@ -28094,7 +27994,7 @@ ] }, { - "uuid": "b1b7a9f1-0db4-42cf-b9a1-9d7667dd092e", + "uuid": "70e92c91-c6ab-4977-b6fc-d940d6d94b0f", "control-id": "cis_rhel10_2-4.1.6", "description": "No notes for control-id 2.4.1.6.", "props": [ @@ -28121,7 +28021,7 @@ ] }, { - "uuid": "de3eed10-e00c-416d-87e4-54bd1d86d1ad", + "uuid": "08b4496a-fb16-4ad6-942c-b43ef137ec45", "control-id": "cis_rhel10_2-4.1.7", "description": "No notes for control-id 2.4.1.7.", "props": [ @@ -28148,7 +28048,7 @@ ] }, { - "uuid": "5e6bd0fa-d91b-4301-8427-52c5dd2a2844", + "uuid": "f4d591c8-04fc-42be-981a-d085f23db2fa", "control-id": "cis_rhel10_2-4.1.8", "description": "No notes for control-id 2.4.1.8.", "props": [ @@ -28175,7 +28075,7 @@ ] }, { - "uuid": "906df6f5-9efe-4f6b-a4a7-1781a9344745", + "uuid": "0b8636fb-0d60-413b-b83d-6f605e17e5c4", "control-id": "cis_rhel10_2-4.1.9", "description": "No notes for control-id 2.4.1.9.", "props": [ @@ -28212,7 +28112,7 @@ ] }, { - "uuid": "8ba2e72d-ffed-423b-b5c8-41767ca1277f", + "uuid": "6e1de265-c490-4d01-91ee-f91164443498", "control-id": "cis_rhel10_2-4.2.1", "description": "No notes for control-id 2.4.2.1.", "props": [ @@ -28249,7 +28149,7 @@ ] }, { - "uuid": "15f5b1cb-8eef-4c6a-9669-672ad355d220", + "uuid": "a55366dc-61d5-43be-8fa0-88a3523c8e41", "control-id": "cis_rhel10_3-1.1", "description": "The description for control-id cis_rhel10_3-1.1.", "props": [ @@ -28262,7 +28162,7 @@ ] }, { - "uuid": "0e3b4012-d681-4915-89bd-80008ce5f61e", + "uuid": "2f471f18-0df3-44d0-8085-1956acc04df6", "control-id": "cis_rhel10_3-2.1", "description": "No notes for control-id 3.2.1.", "props": [ @@ -28279,7 +28179,7 @@ ] }, { - "uuid": "a780996e-ab31-4ecd-8d56-2f2eda3bc5ca", + "uuid": "12186809-7d1d-4e8c-bed0-5fb391dfa8e6", "control-id": "cis_rhel10_3-2.2", "description": "No notes for control-id 3.2.2.", "props": [ @@ -28296,7 +28196,7 @@ ] }, { - "uuid": "243a0f63-40e2-4acc-b469-18a58718f1ad", + "uuid": "c8e1d6a8-2743-40e8-9411-9dcf679a6c80", "control-id": "cis_rhel10_3-2.3", "description": "No notes for control-id 3.2.3.", "props": [ @@ -28313,7 +28213,7 @@ ] }, { - "uuid": "c2207004-8417-4a49-a0d2-ac1cb65b2a86", + "uuid": "a248cfc8-d685-4e0f-b58a-4fed34b025cc", "control-id": "cis_rhel10_3-2.4", "description": "No notes for control-id 3.2.4.", "props": [ @@ -28330,7 +28230,7 @@ ] }, { - "uuid": "46feded6-89b5-4609-b5e0-533680123530", + "uuid": "34a16078-4fab-4892-b75b-623d8dffcdf7", "control-id": "cis_rhel10_3-2.5", "description": "No notes for control-id 3.2.5.", "props": [ @@ -28347,7 +28247,7 @@ ] }, { - "uuid": "b2363188-7095-4682-b630-7a3c69029798", + "uuid": "d51bbf15-7bd2-43f1-a5c7-a7754b28ed0c", "control-id": "cis_rhel10_3-2.6", "description": "No notes for control-id 3.2.6.", "props": [ @@ -28364,7 +28264,7 @@ ] }, { - "uuid": "3221e6b0-0550-4aba-9eb3-47a8d2b8bec7", + "uuid": "cfc57748-c775-4de2-a893-6c1c27bcdd5c", "control-id": "cis_rhel10_3-3.1.1", "description": "No notes for control-id 3.3.1.1.", "props": [ @@ -28381,7 +28281,7 @@ ] }, { - "uuid": "30c425a3-a5cf-4187-bcbc-610787aa481f", + "uuid": "a3f69762-073f-4a7e-886b-94f097560e10", "control-id": "cis_rhel10_3-3.1.2", "description": "No notes for control-id 3.3.1.2.", "props": [ @@ -28398,7 +28298,7 @@ ] }, { - "uuid": "60075386-d41a-4a1e-bbf1-5c711906a3e8", + "uuid": "914a8a88-e66c-4dfd-bbc2-325c23782800", "control-id": "cis_rhel10_3-3.1.3", "description": "No notes for control-id 3.3.1.3.", "props": [ @@ -28415,7 +28315,7 @@ ] }, { - "uuid": "524888d9-8933-42f2-a43e-ea87c8b55954", + "uuid": "019e93ad-c55a-4a79-88b1-c83ae60f1ca8", "control-id": "cis_rhel10_3-3.1.4", "description": "No notes for control-id 3.3.1.4.", "props": [ @@ -28432,7 +28332,7 @@ ] }, { - "uuid": "cedf817f-1045-40f6-a992-b2ac9671715f", + "uuid": "3477c9ae-9b8d-4e64-8f83-421318e58f55", "control-id": "cis_rhel10_3-3.1.5", "description": "No notes for control-id 3.3.1.5.", "props": [ @@ -28449,7 +28349,7 @@ ] }, { - "uuid": "fdc5b2d8-9556-4781-b616-aba560a7c9a8", + "uuid": "2383e928-8040-4c95-90fc-107771fe4dbe", "control-id": "cis_rhel10_3-3.1.6", "description": "No notes for control-id 3.3.1.6.", "props": [ @@ -28466,7 +28366,7 @@ ] }, { - "uuid": "a00e7d7d-741e-443d-81fb-4372e7938f82", + "uuid": "078e526b-a4e0-42e6-b322-ff29363bdfaa", "control-id": "cis_rhel10_3-3.1.7", "description": "No notes for control-id 3.3.1.7.", "props": [ @@ -28483,7 +28383,7 @@ ] }, { - "uuid": "ed842360-4e0b-4813-bdc2-111d6a3b6389", + "uuid": "59b929d8-9418-4ea6-830a-8d75e451873d", "control-id": "cis_rhel10_3-3.1.8", "description": "No notes for control-id 3.3.1.8.", "props": [ @@ -28500,7 +28400,7 @@ ] }, { - "uuid": "8b6eb7fd-34f3-48c3-b840-c32f4550fd78", + "uuid": "5c5e3766-73a4-4a61-916e-ea8d1cf27d00", "control-id": "cis_rhel10_3-3.1.9", "description": "No notes for control-id 3.3.1.9.", "props": [ @@ -28517,7 +28417,7 @@ ] }, { - "uuid": "60b6e982-42be-4bcb-92a1-45d89ac5ba8d", + "uuid": "9cfe68b3-e16d-479f-95cb-1aaeccb5c990", "control-id": "cis_rhel10_3-3.1.10", "description": "No notes for control-id 3.3.1.10.", "props": [ @@ -28534,7 +28434,7 @@ ] }, { - "uuid": "3c62d4ea-f8f5-4942-9d82-db5d09b6b9c4", + "uuid": "66b5ec90-a1ea-4bc5-8f98-ec775ed95f4f", "control-id": "cis_rhel10_3-3.1.11", "description": "No notes for control-id 3.3.1.11.", "props": [ @@ -28551,7 +28451,7 @@ ] }, { - "uuid": "c9243102-f965-4860-b2ec-af6aa33d8637", + "uuid": "fb415730-052a-49f2-a400-b1d26c05c3cd", "control-id": "cis_rhel10_3-3.1.12", "description": "No notes for control-id 3.3.1.12.", "props": [ @@ -28568,7 +28468,7 @@ ] }, { - "uuid": "d320dc26-cc6a-4cda-9278-971cf080da76", + "uuid": "e4d83b72-92b0-4fb5-b566-765616565852", "control-id": "cis_rhel10_3-3.1.13", "description": "No notes for control-id 3.3.1.13.", "props": [ @@ -28585,7 +28485,7 @@ ] }, { - "uuid": "dd67eea0-ece8-423b-87cb-43427c74e6a6", + "uuid": "85eabac6-c9e7-4004-aadb-a4e104bfd968", "control-id": "cis_rhel10_3-3.1.14", "description": "No notes for control-id 3.3.1.14.", "props": [ @@ -28602,7 +28502,7 @@ ] }, { - "uuid": "73ce2ce7-600d-4af8-a5c8-45a951ae9a72", + "uuid": "1fba599b-28ed-4bb5-9cf7-32ee8513f181", "control-id": "cis_rhel10_3-3.1.15", "description": "No notes for control-id 3.3.1.15.", "props": [ @@ -28619,7 +28519,7 @@ ] }, { - "uuid": "93310c25-917d-4c3e-9099-095e16223c8e", + "uuid": "6a376673-a36c-499f-8312-dc26c10ccc5c", "control-id": "cis_rhel10_3-3.1.16", "description": "No notes for control-id 3.3.1.16.", "props": [ @@ -28636,7 +28536,7 @@ ] }, { - "uuid": "5c4068d8-7b81-49d0-8cce-f1c9390dfe42", + "uuid": "a01425b9-e79b-4242-b7c3-9e111d0983bb", "control-id": "cis_rhel10_3-3.1.17", "description": "No notes for control-id 3.3.1.17.", "props": [ @@ -28653,7 +28553,7 @@ ] }, { - "uuid": "a15b8dfa-cb17-436f-b7ab-f55c7a3f8cf3", + "uuid": "6f76bedd-39ec-4b14-b0c7-f92eac7aa761", "control-id": "cis_rhel10_3-3.1.18", "description": "No notes for control-id 3.3.1.18.", "props": [ @@ -28670,7 +28570,7 @@ ] }, { - "uuid": "75911a60-648a-4726-900d-a9063c7e991a", + "uuid": "0680ae4a-9d50-4431-bdb5-1886ff51a892", "control-id": "cis_rhel10_3-3.2.1", "description": "No notes for control-id 3.3.2.1.", "props": [ @@ -28687,7 +28587,7 @@ ] }, { - "uuid": "7f07ecb5-26e8-4001-87fd-805d3e2102b8", + "uuid": "11ec3772-99cc-40a4-8299-88beb13b18a8", "control-id": "cis_rhel10_3-3.2.2", "description": "No notes for control-id 3.3.2.2.", "props": [ @@ -28704,7 +28604,7 @@ ] }, { - "uuid": "ba77c7a6-b7ac-47b0-b2f9-74cea8dd12a1", + "uuid": "dbe1164e-212d-4f09-b93d-a5063155bf4d", "control-id": "cis_rhel10_3-3.2.3", "description": "No notes for control-id 3.3.2.3.", "props": [ @@ -28721,7 +28621,7 @@ ] }, { - "uuid": "4a892963-47de-4ba8-8434-2a2bbd67c297", + "uuid": "e834df44-553a-421c-b759-5bcc9c925c95", "control-id": "cis_rhel10_3-3.2.4", "description": "No notes for control-id 3.3.2.4.", "props": [ @@ -28738,7 +28638,7 @@ ] }, { - "uuid": "c6e06eba-5d58-4de9-ba06-d6a07ddfb1f3", + "uuid": "dd4d938e-c941-4f9f-b1ac-0eddaacb5e0f", "control-id": "cis_rhel10_3-3.2.5", "description": "No notes for control-id 3.3.2.5.", "props": [ @@ -28755,7 +28655,7 @@ ] }, { - "uuid": "1a089f50-bcfc-4b2d-a5c9-088c3a2fb75d", + "uuid": "aa2d2982-f659-44af-b979-81353ad879e5", "control-id": "cis_rhel10_3-3.2.6", "description": "No notes for control-id 3.3.2.6.", "props": [ @@ -28772,7 +28672,7 @@ ] }, { - "uuid": "d9630e18-3ec2-40c3-8cbb-52d547d94364", + "uuid": "c5c0a9ec-9049-4d35-a283-05d96684b65f", "control-id": "cis_rhel10_3-3.2.7", "description": "No notes for control-id 3.3.2.7.", "props": [ @@ -28789,7 +28689,7 @@ ] }, { - "uuid": "e5d5faef-be85-4b0b-9e3f-2c27d996ff5b", + "uuid": "e6dd6a50-5112-4ecc-a9b1-2ba955455017", "control-id": "cis_rhel10_3-3.2.8", "description": "No notes for control-id 3.3.2.8.", "props": [ @@ -28806,7 +28706,7 @@ ] }, { - "uuid": "d6253a98-1a38-4c3c-ae36-eca628e6eb81", + "uuid": "840c16dd-b734-42fb-875c-babf2fa3ceaa", "control-id": "cis_rhel10_4-1.1", "description": "No notes for control-id 4.1.1.", "props": [ @@ -28823,7 +28723,7 @@ ] }, { - "uuid": "51501b30-69dd-400b-9d24-0f5887b32065", + "uuid": "f9e2209a-5394-4a24-920c-fdff4a8db9a0", "control-id": "cis_rhel10_4-1.2", "description": "No notes for control-id 4.1.2.", "props": [ @@ -28840,7 +28740,7 @@ ] }, { - "uuid": "af7f6ea4-7943-4296-944f-5d02076c8bf4", + "uuid": "717bd16e-b059-4f40-bd81-d137c7de91bc", "control-id": "cis_rhel10_4-1.3", "description": "No notes for control-id 4.1.3.", "props": [ @@ -28857,7 +28757,7 @@ ] }, { - "uuid": "a6767c9d-49a9-4776-97f9-0883353cf626", + "uuid": "bc852c5c-4690-434b-9ab3-85cce6b4f942", "control-id": "cis_rhel10_4-1.4", "description": "The description for control-id cis_rhel10_4-1.4.", "props": [ @@ -28865,12 +28765,12 @@ "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "alternative", - "remarks": "No notes for control-id 4.1.4." + "remarks": "There is not an easy way to do this for only active zones using OVAL.\nFor now, there are are no rules for this control." } ] }, { - "uuid": "bf7eb40a-e913-4d53-ac4e-25346ffea3e2", + "uuid": "c2284a0e-1543-4923-8700-766feff4abfd", "control-id": "cis_rhel10_4-1.5", "description": "Firewalld in Red Hat Enterprise Linux 10 accepts loopback traffic by default.", "props": [ @@ -28887,7 +28787,7 @@ ] }, { - "uuid": "e660d6c8-4257-4e01-8291-c1575d101f52", + "uuid": "196b1838-7049-486d-835d-ad87c3001ac9", "control-id": "cis_rhel10_4-1.6", "description": "The description for control-id cis_rhel10_4-1.6.", "props": [ @@ -28900,7 +28800,7 @@ ] }, { - "uuid": "831db3d8-15b5-4e63-bd85-6879889830ad", + "uuid": "06cbd3ba-ddd3-456b-bad6-ba7e52280dc7", "control-id": "cis_rhel10_4-1.7", "description": "The description for control-id cis_rhel10_4-1.7.", "props": [ @@ -28913,7 +28813,7 @@ ] }, { - "uuid": "83542764-8eca-479a-822b-1ba1d56db9c9", + "uuid": "a162490c-c0d4-445e-9169-45ad7605a40a", "control-id": "cis_rhel10_5-1.1", "description": "No notes for control-id 5.1.1.", "props": [ @@ -28970,7 +28870,7 @@ ] }, { - "uuid": "4ade1fc5-eb2a-4fa6-a6d0-024a8470f772", + "uuid": "0fdb77c7-20b5-4538-8226-6e87582faea3", "control-id": "cis_rhel10_5-1.2", "description": "No notes for control-id 5.1.2.", "props": [ @@ -28997,7 +28897,7 @@ ] }, { - "uuid": "360d04dd-6e6a-4b4f-96b8-6eabac1a1026", + "uuid": "61ddc4ac-4644-49fe-a8a7-5a0519fd69e6", "control-id": "cis_rhel10_5-1.3", "description": "No notes for control-id 5.1.3.", "props": [ @@ -29024,7 +28924,7 @@ ] }, { - "uuid": "863d6d74-da80-48ff-a471-33232d547f9d", + "uuid": "69031bef-d4dd-4a79-87c3-29663450511a", "control-id": "cis_rhel10_5-1.4", "description": "No notes for control-id 5.1.4.", "props": [ @@ -29041,7 +28941,7 @@ ] }, { - "uuid": "de768758-4134-48c1-a9f7-4512d7716bb6", + "uuid": "db3529ec-27ae-45e8-8e15-4931d0a0a8fd", "control-id": "cis_rhel10_5-1.5", "description": "No notes for control-id 5.1.5.", "props": [ @@ -29058,7 +28958,7 @@ ] }, { - "uuid": "d09a829f-dab7-4c1e-93ed-591790a048e9", + "uuid": "c653ecd3-5eeb-4cb5-98b9-30dcd0ddc56a", "control-id": "cis_rhel10_5-1.6", "description": "No notes for control-id 5.1.6.", "props": [ @@ -29075,7 +28975,7 @@ ] }, { - "uuid": "65ba57ee-e398-43d7-a4aa-09fc175a2f7d", + "uuid": "4fea3248-1a91-4816-a03e-6ed03c219dbe", "control-id": "cis_rhel10_5-1.7", "description": "The requirement gives an example of 45 seconds, but is flexible about the values. It is only\nnecessary to ensure there is a timeout configured in alignment to the site policy.", "props": [ @@ -29097,7 +28997,7 @@ ] }, { - "uuid": "67a17d06-9d04-4968-bc1b-092068e2f61a", + "uuid": "4c9e9c50-564d-42fa-b93c-bed0dcdad3cf", "control-id": "cis_rhel10_5-1.8", "description": "No notes for control-id 5.1.8.", "props": [ @@ -29114,7 +29014,7 @@ ] }, { - "uuid": "ad1b789b-2562-4db7-9d12-ba813e49d429", + "uuid": "e9fc823e-0b7e-4ddd-840a-10d94da26042", "control-id": "cis_rhel10_5-1.9", "description": "No notes for control-id 5.1.9.", "props": [ @@ -29131,7 +29031,7 @@ ] }, { - "uuid": "55832963-6dd5-4945-bd1c-b17766f1190c", + "uuid": "cdb4946f-6165-49ac-b2ef-f5c802422ed9", "control-id": "cis_rhel10_5-1.10", "description": "No notes for control-id 5.1.10.", "props": [ @@ -29148,7 +29048,7 @@ ] }, { - "uuid": "088866da-af41-4eff-b401-44f5cfe1fca2", + "uuid": "6b9e34cc-a691-4d8c-bb37-6af8bdd62491", "control-id": "cis_rhel10_5-1.11", "description": "No notes for control-id 5.1.11.", "props": [ @@ -29165,7 +29065,7 @@ ] }, { - "uuid": "2937ac1b-d92f-4cc5-9756-dce119ea8e38", + "uuid": "8661d3ad-e4d2-49c4-bf75-998eddacb3f5", "control-id": "cis_rhel10_5-1.12", "description": "The description for control-id cis_rhel10_5-1.12.", "props": [ @@ -29183,7 +29083,7 @@ ] }, { - "uuid": "b3cc308e-b15b-4cd4-81ce-45947bade829", + "uuid": "526e96e9-321e-4b1f-ad90-71e0fa7ecbb1", "control-id": "cis_rhel10_5-1.13", "description": "No notes for control-id 5.1.13.", "props": [ @@ -29200,7 +29100,7 @@ ] }, { - "uuid": "f34d6f69-3c09-4b85-9889-4fd316b32453", + "uuid": "7f89a3d9-9f6a-4b1c-a20e-9d3ad5448cb6", "control-id": "cis_rhel10_5-1.14", "description": "The CIS benchmark is not opinionated about which loglevel is selected here. Here, this\nprofile uses VERBOSE by default, as it allows for the capture of login and logout activity\nas well as key fingerprints.", "props": [ @@ -29217,7 +29117,7 @@ ] }, { - "uuid": "338c7752-cd9f-46dd-b308-0759c45ce7a1", + "uuid": "435f67e4-380c-462f-9fdd-f5e0b28c6817", "control-id": "cis_rhel10_5-1.15", "description": "No notes for control-id 5.1.15.", "props": [ @@ -29234,7 +29134,7 @@ ] }, { - "uuid": "b467840e-b2e5-47a3-9c1e-87f9978f9c61", + "uuid": "9c460b96-5cb2-4f58-80a5-8579701cf8ba", "control-id": "cis_rhel10_5-1.16", "description": "No notes for control-id 5.1.16.", "props": [ @@ -29251,7 +29151,7 @@ ] }, { - "uuid": "50e7925b-0d5a-4ee6-ad70-261502230476", + "uuid": "d8abe41a-4a96-4e3a-9eff-e05ef1fca2a8", "control-id": "cis_rhel10_5-1.17", "description": "No notes for control-id 5.1.17.", "props": [ @@ -29268,7 +29168,7 @@ ] }, { - "uuid": "86ff8f31-fcba-4864-b139-b13985f9f08e", + "uuid": "ab600037-79b6-4a7b-adc7-ca1d8fcc3bd3", "control-id": "cis_rhel10_5-1.18", "description": "No notes for control-id 5.1.18.", "props": [ @@ -29285,7 +29185,7 @@ ] }, { - "uuid": "e853c35c-d5a4-42f8-8f15-9ffcb0717ba2", + "uuid": "c93511cf-7c25-45bb-9ff9-ab16ebb68026", "control-id": "cis_rhel10_5-1.19", "description": "No notes for control-id 5.1.19.", "props": [ @@ -29302,7 +29202,7 @@ ] }, { - "uuid": "73c90a78-f5dd-48b4-a663-4a93369f1bca", + "uuid": "4eb48c67-e3b2-4c94-89cd-92292e7ace87", "control-id": "cis_rhel10_5-1.20", "description": "No notes for control-id 5.1.20.", "props": [ @@ -29319,7 +29219,7 @@ ] }, { - "uuid": "2104ee99-7bc6-451b-aa80-2f6393e800b7", + "uuid": "bf59486f-a88f-4170-a6de-fdf332125e47", "control-id": "cis_rhel10_5-1.21", "description": "No notes for control-id 5.1.21.", "props": [ @@ -29336,7 +29236,7 @@ ] }, { - "uuid": "6b8514f2-d40b-459e-9844-64b797f50793", + "uuid": "805582a3-57fd-42b1-987f-5fabcdded7ca", "control-id": "cis_rhel10_5-1.22", "description": "No notes for control-id 5.1.22.", "props": [ @@ -29353,7 +29253,7 @@ ] }, { - "uuid": "6008dfe6-ad6d-4575-8d4f-51c2bf54b1a8", + "uuid": "58af92af-e015-4b9e-bde4-5bc2af1e5e60", "control-id": "cis_rhel10_5-2.1", "description": "No notes for control-id 5.2.1.", "props": [ @@ -29370,7 +29270,7 @@ ] }, { - "uuid": "40f1e7a7-3cf9-4272-93aa-04fa633d2d88", + "uuid": "d9fd565e-70ed-4e8c-91be-f5e63dadeeed", "control-id": "cis_rhel10_5-2.2", "description": "No notes for control-id 5.2.2.", "props": [ @@ -29387,7 +29287,7 @@ ] }, { - "uuid": "4be30c9d-a879-4289-aa99-327e2bbe5e77", + "uuid": "7034a6e6-2c49-4904-b2f9-1ab0ab16de1e", "control-id": "cis_rhel10_5-2.3", "description": "No notes for control-id 5.2.3.", "props": [ @@ -29404,7 +29304,7 @@ ] }, { - "uuid": "e69babe3-e8d2-4207-8075-8ac762a82bcd", + "uuid": "886ae974-0313-44e0-9f21-e91a1f5f7a7c", "control-id": "cis_rhel10_5-2.5", "description": "No notes for control-id 5.2.5.", "props": [ @@ -29421,7 +29321,7 @@ ] }, { - "uuid": "f52aa92d-6d67-47de-bccf-aed635b62676", + "uuid": "a460f31b-9984-40c1-80ef-4482d4229144", "control-id": "cis_rhel10_5-2.6", "description": "No notes for control-id 5.2.6.", "props": [ @@ -29438,7 +29338,7 @@ ] }, { - "uuid": "1a2682e8-6672-432f-a571-504bd808ce1a", + "uuid": "e39df864-5751-486b-82c7-c9dea37d84a9", "control-id": "cis_rhel10_5-2.7", "description": "Members of \"wheel\" or GID 0 groups are checked by default if the group option is not set for\npam_wheel.so module. The recommendation states the group should be empty to reinforce the\nuse of \"sudo\" for privileged access. Therefore, members of these groups should be manually\nchecked or a different group should be informed.", "props": [ @@ -29460,7 +29360,7 @@ ] }, { - "uuid": "99dc8ecb-435b-42aa-9cbe-6c871edc2152", + "uuid": "714cdb4e-9882-4dc9-b4e9-b6d78481d051", "control-id": "cis_rhel10_5-3.1.1", "description": "This requirement is hard to be automated without any specific requirement. The policy even\nstates that provided commands are examples, other custom settings might be in place and the\nsettings might be different depending on site policies. The other rules will already make\nsure there is a correct autheselect profile regardless of the existing settings. It is\nnecessary to better discuss with CIS Community.", "props": [ @@ -29472,7 +29372,7 @@ ] }, { - "uuid": "7f49684b-b825-44a2-8a47-69f471584c8f", + "uuid": "737601ac-e4ab-4322-86e5-46ce02036a8c", "control-id": "cis_rhel10_5-3.1.2", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.1.", "props": [ @@ -29494,7 +29394,7 @@ ] }, { - "uuid": "13756588-bbfd-4ae1-9b7e-37c208a127ff", + "uuid": "841c545e-d8b8-4efc-86e5-efbc0448ce11", "control-id": "cis_rhel10_5-3.1.3", "description": "This requirement is also indirectly satisfied by the requirement 5.3.2.2.", "props": [ @@ -29521,7 +29421,7 @@ ] }, { - "uuid": "99fc125b-4b19-4200-a686-448d14b804eb", + "uuid": "7c99c310-8ca3-4156-b9b3-7f859bff4eaf", "control-id": "cis_rhel10_5-3.1.4", "description": "The module is properly enabled by the rules mentioned in related_rules.\nRequirements in 5.3.2.3 use these rules.", "props": [ @@ -29533,7 +29433,7 @@ ] }, { - "uuid": "6d099985-a922-450e-9e8c-5905165fcd1a", + "uuid": "d46f194c-6ed8-4645-975a-10905f00c140", "control-id": "cis_rhel10_5-3.1.5", "description": "No notes for control-id 5.3.1.5.", "props": [ @@ -29550,7 +29450,7 @@ ] }, { - "uuid": "a385a27e-855d-4d20-9d32-0879fec3b64b", + "uuid": "6bb400e4-8150-4376-87af-9f16ff2112c6", "control-id": "cis_rhel10_5-3.2.1.1", "description": "No notes for control-id 5.3.2.1.1.", "props": [ @@ -29567,7 +29467,7 @@ ] }, { - "uuid": "edf4217e-3617-4b77-a631-6e0b3334ba7e", + "uuid": "c470a8b3-6e4f-4c16-873b-babb21a9f5ba", "control-id": "cis_rhel10_5-3.2.1.2", "description": "The policy also accepts value 0, which means the locked accounts should be manually unlocked\nby an administrator. However, it also mentions that using value 0 can facilitate a DoS\nattack to legitimate users.", "props": [ @@ -29584,7 +29484,7 @@ ] }, { - "uuid": "3f1a235f-7f39-4069-b023-5df19bdc1e1a", + "uuid": "dd6e389f-5b85-437c-960b-14d6aedb568b", "control-id": "cis_rhel10_5-3.2.2.1", "description": "No notes for control-id 5.3.2.2.1.", "props": [ @@ -29601,7 +29501,7 @@ ] }, { - "uuid": "e5a0ea94-be4e-4cb9-90df-170a389f49a6", + "uuid": "7f7a7725-357f-4bfd-a5d0-2133034cfc2d", "control-id": "cis_rhel10_5-3.2.2.2", "description": "No notes for control-id 5.3.2.2.2.", "props": [ @@ -29618,7 +29518,7 @@ ] }, { - "uuid": "b9f9805c-d4cc-4233-8796-2e40308c125c", + "uuid": "656a5732-8110-42f1-b8d0-635cc1b6066d", "control-id": "cis_rhel10_5-3.2.2.3", "description": "This requirement is expected to be manual. However, in previous versions of the policy\nit was already automated the configuration of \"minclass\" option. This posture was kept for\nRHEL 10 in this new version. Rules related to other options are informed in related_rules.\nIn short, minclass=4 alone can achieve the same result achieved by the combination of the\nother 4 options mentioned in the policy.", "props": [ @@ -29635,7 +29535,7 @@ ] }, { - "uuid": "aa00eb8d-6b77-493a-ae54-3b7ec6ed52b1", + "uuid": "d2a5a4d9-e954-4570-86a8-b510e15bbce3", "control-id": "cis_rhel10_5-3.2.2.4", "description": "No notes for control-id 5.3.2.2.4.", "props": [ @@ -29652,7 +29552,7 @@ ] }, { - "uuid": "68039ae4-22fe-488d-9c2a-b2e09cd23c0b", + "uuid": "adf2ed82-3f86-4977-9350-ca2a9cf80a0a", "control-id": "cis_rhel10_5-3.2.2.5", "description": "No notes for control-id 5.3.2.2.5.", "props": [ @@ -29669,7 +29569,7 @@ ] }, { - "uuid": "1cbbb25d-8c44-4b7e-84a6-743c3cebf33f", + "uuid": "a0e0c3b2-e13f-4c76-a687-b3fcd0552afa", "control-id": "cis_rhel10_5-3.2.2.6", "description": "No notes for control-id 5.3.2.2.6.", "props": [ @@ -29686,7 +29586,7 @@ ] }, { - "uuid": "bddfc550-8c35-42c7-9ec9-cb441bd2fefe", + "uuid": "5ff7b9d3-e9be-400f-befd-bda51adde681", "control-id": "cis_rhel10_5-3.2.2.7", "description": "No notes for control-id 5.3.2.2.7.", "props": [ @@ -29703,7 +29603,7 @@ ] }, { - "uuid": "1a7383eb-0673-45fb-a7cb-9b07231c255a", + "uuid": "5562c26a-5e45-4afb-9c98-3e77ed68cfa4", "control-id": "cis_rhel10_5-3.2.3.1", "description": "Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure\nretry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry\ncan be used.", "props": [ @@ -29725,7 +29625,7 @@ ] }, { - "uuid": "4589e953-67ab-4806-9f87-1165c9704208", + "uuid": "054a4b7d-4c65-4ffa-adc4-4570b56ea10b", "control-id": "cis_rhel10_5-3.2.3.2", "description": "No notes for control-id 5.3.2.3.2.", "props": [ @@ -29742,7 +29642,7 @@ ] }, { - "uuid": "0813df07-2a85-48ff-8a36-c3db7f3f1c15", + "uuid": "8ddf7473-7349-44c7-8743-037833f15be7", "control-id": "cis_rhel10_5-3.2.3.3", "description": "In RHEL 10 pam_pwhistory is enabled via authselect feature, as required in 5.3.1.4. The\nfeature automatically set \"use_authok\" option. In any case, we don't have a rule to check\nthis option specifically.", "props": [ @@ -29759,7 +29659,7 @@ ] }, { - "uuid": "e9035ed4-3b76-4083-b3c1-175859553398", + "uuid": "7daf1d23-f32f-4ae9-96f4-5f67a1503b07", "control-id": "cis_rhel10_5-3.2.4.1", "description": "The rule more specifically used in this requirement also satify the requirement 5.3.1.5.", "props": [ @@ -29776,7 +29676,7 @@ ] }, { - "uuid": "2083a8f0-ef9a-4b45-a344-0c06cbb6670b", + "uuid": "7dc54b14-9c20-45fd-8303-7aba85f9e836", "control-id": "cis_rhel10_5-3.2.4.2", "description": "Usage of pam_unix.so module together with \"remember\" option is deprecated and is not\nrecommended by this policy. Instead, it should be used remember option of pam_pwhistory\nmodule, as required in 5.3.2.3.1. See here for more details about pam_unix.so:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1778929", "props": [ @@ -29793,7 +29693,7 @@ ] }, { - "uuid": "59bae74f-3a76-49dc-84b0-21939a690d09", + "uuid": "2858219c-97e8-4694-af30-c869da4f1607", "control-id": "cis_rhel10_5-3.2.4.3", "description": "Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4", "props": [ @@ -29815,7 +29715,7 @@ ] }, { - "uuid": "576331f7-9852-4f6b-9f01-40b84e33c84f", + "uuid": "229b6a58-d9ea-454b-8a2d-2fa12691954f", "control-id": "cis_rhel10_5-3.2.4.4", "description": "In RHEL 10 pam_unix is enabled by default in all authselect profiles already with the\nuse_authtok option set. In any case, we don't have a rule to check this option specifically,\nlike in 5.3.2.3.3.", "props": [ @@ -29832,7 +29732,7 @@ ] }, { - "uuid": "aa33d5af-e3a6-4173-8c26-fb1c217338f7", + "uuid": "5aa616c1-a375-4201-8e51-de5af313704c", "control-id": "cis_rhel10_5-4.1.1", "description": "No notes for control-id 5.4.1.1.", "props": [ @@ -29854,7 +29754,7 @@ ] }, { - "uuid": "5790778e-57a4-4534-b830-9a93e0d4cda8", + "uuid": "460ee834-51c5-4bcf-85fa-3fba9085ddcb", "control-id": "cis_rhel10_5-4.1.3", "description": "No notes for control-id 5.4.1.3.", "props": [ @@ -29876,20 +29776,15 @@ ] }, { - "uuid": "713f58a7-17a0-447c-ac61-0e7a4780131f", + "uuid": "1caeb5d2-e948-480d-95bc-185dd2274e76", "control-id": "cis_rhel10_5-4.1.4", - "description": "There's a \"new\" set of options in /etc/login.defs file to define the number of iterations\nperformed during the hashing process.", + "description": "No notes for control-id 5.4.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" }, - { - "name": "Rule_Id", - "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf" - }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -29898,7 +29793,7 @@ ] }, { - "uuid": "a3cc9261-bcc1-4495-bdb7-1df5157b6332", + "uuid": "999b7a09-2784-4fd4-80d3-8b88d774a894", "control-id": "cis_rhel10_5-4.1.5", "description": "No notes for control-id 5.4.1.5.", "props": [ @@ -29920,7 +29815,7 @@ ] }, { - "uuid": "9c5e7fcb-270c-4d24-aad5-ede491f2e90d", + "uuid": "055fcf41-e5be-4b77-9fc4-0007075c56af", "control-id": "cis_rhel10_5-4.1.6", "description": "No notes for control-id 5.4.1.6.", "props": [ @@ -29937,7 +29832,7 @@ ] }, { - "uuid": "34db4c16-2310-4e1d-9c21-71c2b6f7df57", + "uuid": "7b5a22e3-d4cd-4981-b71f-830389f9f751", "control-id": "cis_rhel10_5-4.2.1", "description": "No notes for control-id 5.4.2.1.", "props": [ @@ -29954,7 +29849,7 @@ ] }, { - "uuid": "278a42ad-8b20-4ba5-9425-e23b170f4e84", + "uuid": "f1050c9a-da8f-49c5-a88a-e57744371151", "control-id": "cis_rhel10_5-4.2.2", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -29971,7 +29866,7 @@ ] }, { - "uuid": "604e6602-ff77-45f5-86fb-f6d5c0a7b0b4", + "uuid": "0bb11a29-9a3b-4194-96de-ec575b8a3dd2", "control-id": "cis_rhel10_5-4.2.3", "description": "There is assessment but no automated remediation for this rule and this sounds reasonable.", "props": [ @@ -29988,7 +29883,7 @@ ] }, { - "uuid": "87ba9979-6658-49ad-b8f8-3f64a8b80da4", + "uuid": "76075340-1fed-40d4-82c8-5f2b05aac8bf", "control-id": "cis_rhel10_5-4.2.4", "description": "No notes for control-id 5.4.2.4.", "props": [ @@ -30005,7 +29900,7 @@ ] }, { - "uuid": "adac0a35-bca8-4266-8db1-bbafb7bad107", + "uuid": "456c938a-86a9-4e02-86be-c0811c58412a", "control-id": "cis_rhel10_5-4.2.5", "description": "No notes for control-id 5.4.2.5.", "props": [ @@ -30027,7 +29922,7 @@ ] }, { - "uuid": "980871ae-7ca2-4c2e-9bcb-16a93417edb2", + "uuid": "ea8a324d-70c3-48da-9eb9-6160e0203f3c", "control-id": "cis_rhel10_5-4.2.6", "description": "No notes for control-id 5.4.2.6.", "props": [ @@ -30044,7 +29939,7 @@ ] }, { - "uuid": "a40e06d5-f038-4555-9b8b-a215ca91c9fc", + "uuid": "2b389aa2-2a4b-44b8-9870-d0fde1fff544", "control-id": "cis_rhel10_5-4.2.7", "description": "No notes for control-id 5.4.2.7.", "props": [ @@ -30066,19 +29961,24 @@ ] }, { - "uuid": "f29c7a5f-f862-40ba-96b1-410746fc2731", + "uuid": "e62ab662-b2f8-4fac-b418-4e37b8911edc", "control-id": "cis_rhel10_5-4.2.8", - "description": "New rule is necessary.", + "description": "No notes for control-id 5.4.2.8.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "no_invalid_shell_accounts_unlocked" } ] }, { - "uuid": "82bdd8bd-5157-45b4-8a54-8bf52b4a92d1", + "uuid": "0a73e2b3-dfde-4f9b-a2e7-f52b014a2555", "control-id": "cis_rhel10_5-4.3.2", "description": "No notes for control-id 5.4.3.2.", "props": [ @@ -30095,7 +29995,7 @@ ] }, { - "uuid": "f213207e-b6c6-43fc-96b7-3eecf7fdeb76", + "uuid": "7c0751c4-3f76-47af-bf0a-23b01b7a665b", "control-id": "cis_rhel10_5-4.3.3", "description": "No notes for control-id 5.4.3.3.", "props": [ @@ -30122,7 +30022,7 @@ ] }, { - "uuid": "6e7b8b08-e3e1-44ac-af97-2ba95a3d7ac7", + "uuid": "3b5199f1-d145-4fbe-8fb9-261c25e73340", "control-id": "cis_rhel10_6-1.1", "description": "No notes for control-id 6.1.1.", "props": [ @@ -30144,7 +30044,7 @@ ] }, { - "uuid": "60f032d8-5e29-4216-bf8c-a21d7cd9dd3f", + "uuid": "3ba9fd65-1493-4493-b44b-722412dc7f94", "control-id": "cis_rhel10_6-1.2", "description": "No notes for control-id 6.1.2.", "props": [ @@ -30161,7 +30061,7 @@ ] }, { - "uuid": "ed3fc307-777a-4d20-96bf-1902fba9dc99", + "uuid": "6f1ab0b1-3574-437c-9db6-238544fab464", "control-id": "cis_rhel10_6-1.3", "description": "No notes for control-id 6.1.3.", "props": [ @@ -30178,7 +30078,7 @@ ] }, { - "uuid": "cde208f1-2038-43e2-8b23-18844d26eb4b", + "uuid": "fdaffd47-25ff-4d2c-8935-f0b8abf1b9bd", "control-id": "cis_rhel10_6-2.1.1", "description": "No notes for control-id 6.2.1.1.", "props": [ @@ -30195,7 +30095,7 @@ ] }, { - "uuid": "04d1fa7d-c751-474a-8aaf-84cf743bf6a7", + "uuid": "4fc9f574-a9e5-44fb-8015-4d4b4df39ed2", "control-id": "cis_rhel10_6-2.1.2", "description": "The description for control-id cis_rhel10_6-2.1.2.", "props": [ @@ -30208,7 +30108,7 @@ ] }, { - "uuid": "16f730ff-8ad0-446e-a7bb-682bebb61087", + "uuid": "c72b2091-ac7b-487a-9ed0-f8464b7046c7", "control-id": "cis_rhel10_6-2.1.3", "description": "The description for control-id cis_rhel10_6-2.1.3.", "props": [ @@ -30221,20 +30121,24 @@ ] }, { - "uuid": "c61ddb3c-dfc5-4e2c-934c-a25e4b0a2c6e", + "uuid": "5bf1e715-2032-4fff-a2bc-95fc41c271db", "control-id": "cis_rhel10_6-2.1.4", - "description": "The description for control-id cis_rhel10_6-2.1.4.", + "description": "No notes for control-id 6.2.1.4.", "props": [ { "name": "implementation-status", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "alternative", - "remarks": "It is necessary to create a new rule to check the status of journald and rsyslog.\nIt would also be necessary a new rule to disable or remove rsyslog." + "value": "implemented" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "ensure_journald_and_rsyslog_not_active_together" } ] }, { - "uuid": "bd462907-8c18-4562-9a15-89b8be975ff3", + "uuid": "47ac90d2-3231-4772-b9b2-beb0822f2ac6", "control-id": "cis_rhel10_6-2.2.1.1", "description": "No notes for control-id 6.2.2.1.1.", "props": [ @@ -30251,7 +30155,7 @@ ] }, { - "uuid": "ee980646-7d43-4ba7-accb-ea95e0dd4aeb", + "uuid": "1305dcff-87a6-4ef0-81a6-51ddaa172c96", "control-id": "cis_rhel10_6-2.2.1.2", "description": "The description for control-id cis_rhel10_6-2.2.1.2.", "props": [ @@ -30264,7 +30168,7 @@ ] }, { - "uuid": "dd760ec9-06c0-4267-92bb-962fa037d7a1", + "uuid": "998cb71d-e11b-442e-a6e9-7ae193004a5f", "control-id": "cis_rhel10_6-2.2.1.3", "description": "No notes for control-id 6.2.2.1.3.", "props": [ @@ -30281,7 +30185,7 @@ ] }, { - "uuid": "f5e624ba-ffb4-4efb-90ca-3d3963dba9dd", + "uuid": "6fa6afa6-1676-4ee1-845e-bb38d91e0aa5", "control-id": "cis_rhel10_6-2.2.1.4", "description": "No notes for control-id 6.2.2.1.4.", "props": [ @@ -30298,7 +30202,7 @@ ] }, { - "uuid": "e47bb3f2-ddf2-4ed7-9ee6-5a9a2ac99605", + "uuid": "b6d8258a-51fa-4dea-96fb-5f11c333d90f", "control-id": "cis_rhel10_6-2.2.2", "description": "No notes for control-id 6.2.2.2.", "props": [ @@ -30315,7 +30219,7 @@ ] }, { - "uuid": "65e9e97d-eae3-4274-a047-f7563913b788", + "uuid": "af4d4672-af6d-46a5-bfbd-94b1d7a4937a", "control-id": "cis_rhel10_6-2.2.3", "description": "No notes for control-id 6.2.2.3.", "props": [ @@ -30332,7 +30236,7 @@ ] }, { - "uuid": "2a778eab-272d-4615-a53e-813633f46e12", + "uuid": "cd1a8b78-316d-43d7-8aab-1747680a8723", "control-id": "cis_rhel10_6-2.2.4", "description": "No notes for control-id 6.2.2.4.", "props": [ @@ -30349,7 +30253,7 @@ ] }, { - "uuid": "691e5065-28a8-4a1d-9468-58ead6695fb6", + "uuid": "382fdc31-c4c0-49ab-9a55-a596634eb4f5", "control-id": "cis_rhel10_6-2.3.1", "description": "No notes for control-id 6.2.3.1.", "props": [ @@ -30361,7 +30265,7 @@ ] }, { - "uuid": "50abc1c3-4039-490f-9f8c-b1344bb54708", + "uuid": "2f6b88f9-0b16-4ddb-9b06-c3c03c277bdc", "control-id": "cis_rhel10_6-2.3.2", "description": "No notes for control-id 6.2.3.2.", "props": [ @@ -30373,7 +30277,7 @@ ] }, { - "uuid": "94ce0ba8-83d3-4adf-8c65-635ca9796f54", + "uuid": "1ee1f714-79b6-4379-9504-286ee1c6f283", "control-id": "cis_rhel10_6-2.3.3", "description": "No notes for control-id 6.2.3.3.", "props": [ @@ -30385,7 +30289,7 @@ ] }, { - "uuid": "20be5972-1a94-4d09-82fe-4d1a6903ea8e", + "uuid": "5479ea23-a8d6-48fb-ac8d-0abb28a6777e", "control-id": "cis_rhel10_6-2.3.4", "description": "No notes for control-id 6.2.3.4.", "props": [ @@ -30397,7 +30301,7 @@ ] }, { - "uuid": "b4cda12d-aed3-4b87-8689-0dc3ff404ad9", + "uuid": "dbef5a56-f0ae-4dc1-bf0f-b86e0015fb38", "control-id": "cis_rhel10_6-2.3.5", "description": "The description for control-id cis_rhel10_6-2.3.5.", "props": [ @@ -30410,7 +30314,7 @@ ] }, { - "uuid": "f5a5a656-2182-4441-abcd-227b98afc3ce", + "uuid": "6586ec23-bad8-4b19-9f43-117b3468f97e", "control-id": "cis_rhel10_6-2.3.6", "description": "The description for control-id cis_rhel10_6-2.3.6.", "props": [ @@ -30423,7 +30327,7 @@ ] }, { - "uuid": "4fbca94a-f2f5-4ade-82e2-4d7837d0c2f5", + "uuid": "4509c425-cf12-4800-8b24-19c08757195b", "control-id": "cis_rhel10_6-2.3.7", "description": "No notes for control-id 6.2.3.7.", "props": [ @@ -30435,7 +30339,7 @@ ] }, { - "uuid": "2a88826c-fd3d-49a2-94e5-c6a52b201f9d", + "uuid": "b9117ec6-bfdc-482f-a92c-3522c681e98a", "control-id": "cis_rhel10_6-2.3.8", "description": "The description for control-id cis_rhel10_6-2.3.8.", "props": [ @@ -30448,7 +30352,7 @@ ] }, { - "uuid": "b426afac-c239-4d2c-8043-b8a8d502310c", + "uuid": "449786a7-f627-46da-b8b7-f6347ebc0b66", "control-id": "cis_rhel10_6-2.4.1", "description": "It is not harmful to run these rules even if rsyslog is not installed or active.", "props": [ @@ -30475,7 +30379,7 @@ ] }, { - "uuid": "03530e40-30fd-4c71-b1dd-85443f2c7e84", + "uuid": "dd752ada-f759-49b2-9a14-605af55fc59a", "control-id": "cis_rhel10_7-1.1", "description": "No notes for control-id 7.1.1.", "props": [ @@ -30502,7 +30406,7 @@ ] }, { - "uuid": "eba6e24d-2d19-4013-bc55-057ca5337279", + "uuid": "a2bc23d7-6d73-438f-ac19-3063132f6608", "control-id": "cis_rhel10_7-1.2", "description": "No notes for control-id 7.1.2.", "props": [ @@ -30529,7 +30433,7 @@ ] }, { - "uuid": "6e3f4ffc-97d3-455b-bb19-7867567df953", + "uuid": "63897cac-97c7-4c84-8eb8-0193c1541d1b", "control-id": "cis_rhel10_7-1.3", "description": "No notes for control-id 7.1.3.", "props": [ @@ -30556,7 +30460,7 @@ ] }, { - "uuid": "1558834f-d57a-4a80-8627-59c058f80ba7", + "uuid": "66543cbb-453e-4966-a3df-d89f954ced10", "control-id": "cis_rhel10_7-1.4", "description": "No notes for control-id 7.1.4.", "props": [ @@ -30583,7 +30487,7 @@ ] }, { - "uuid": "a9ea6a21-3a52-4661-b22d-fb90e01dbfbd", + "uuid": "3a9172fb-9c34-44a9-9350-8dbf8b960d09", "control-id": "cis_rhel10_7-1.5", "description": "No notes for control-id 7.1.5.", "props": [ @@ -30610,7 +30514,7 @@ ] }, { - "uuid": "0f10d9ba-944f-4697-9561-5b35089852bf", + "uuid": "31782436-ed5f-4b67-98aa-e560c497dafa", "control-id": "cis_rhel10_7-1.6", "description": "No notes for control-id 7.1.6.", "props": [ @@ -30637,7 +30541,7 @@ ] }, { - "uuid": "ae6d10dc-faa3-4146-ac48-5e4062d96288", + "uuid": "52bf90a7-c51d-47d0-be75-bcf9e16e81b7", "control-id": "cis_rhel10_7-1.7", "description": "No notes for control-id 7.1.7.", "props": [ @@ -30664,7 +30568,7 @@ ] }, { - "uuid": "2d478ebc-27c3-4a08-b946-24637bd917a9", + "uuid": "e94f8f38-fe0b-4d99-a9ec-ff7ef4da5fb0", "control-id": "cis_rhel10_7-1.8", "description": "No notes for control-id 7.1.8.", "props": [ @@ -30691,7 +30595,7 @@ ] }, { - "uuid": "fe32075d-4ef1-4e55-b717-fa3cab9a9413", + "uuid": "29db3e51-5871-4edb-a27c-cc848129b8c2", "control-id": "cis_rhel10_7-1.9", "description": "No notes for control-id 7.1.9.", "props": [ @@ -30718,7 +30622,7 @@ ] }, { - "uuid": "78e42f6b-050a-44c7-ab92-e27804de77c7", + "uuid": "a7c90473-6436-4faf-882a-27d1ad21c829", "control-id": "cis_rhel10_7-1.10", "description": "No notes for control-id 7.1.10.", "props": [ @@ -30760,7 +30664,7 @@ ] }, { - "uuid": "e00285bb-2991-4434-b380-7ba2ab98e6b1", + "uuid": "0112f4de-8173-41d7-9df0-712812ead58f", "control-id": "cis_rhel10_7-1.11", "description": "No notes for control-id 7.1.11.", "props": [ @@ -30782,7 +30686,7 @@ ] }, { - "uuid": "6ffc93b4-907e-4475-9ed7-11a04dfdee0d", + "uuid": "f59cf67f-80ca-42e4-84a0-e9ffb71c8126", "control-id": "cis_rhel10_7-1.12", "description": "No notes for control-id 7.1.12.", "props": [ @@ -30804,7 +30708,7 @@ ] }, { - "uuid": "a3a99455-1d58-4e4f-8b1f-38043a75e3bd", + "uuid": "12f406f8-ed40-4d6e-83a8-907fa930e60e", "control-id": "cis_rhel10_7-1.13", "description": "The description for control-id cis_rhel10_7-1.13.", "props": [ @@ -30817,7 +30721,7 @@ ] }, { - "uuid": "538e1bf8-73fd-4ec5-b96f-7663c72bfef6", + "uuid": "3e5d2b65-e94d-44ae-bd9d-3eed5c7047d6", "control-id": "cis_rhel10_7-2.1", "description": "No notes for control-id 7.2.1.", "props": [ @@ -30834,7 +30738,7 @@ ] }, { - "uuid": "56a14e9c-5cd5-4569-a5f0-f0252ad2f28d", + "uuid": "53397de9-340c-4ebd-b9ce-2c3a62904864", "control-id": "cis_rhel10_7-2.2", "description": "No notes for control-id 7.2.2.", "props": [ @@ -30851,7 +30755,7 @@ ] }, { - "uuid": "02e34873-1833-45e2-80ff-eb26f23195f3", + "uuid": "f7315bd8-38d1-4715-9d1c-ee68b1b5ee8b", "control-id": "cis_rhel10_7-2.3", "description": "No notes for control-id 7.2.3.", "props": [ @@ -30868,7 +30772,7 @@ ] }, { - "uuid": "61644e4f-443b-492d-ab7a-6740678930f2", + "uuid": "64e38ff6-df19-41c8-b0b1-06fa611ef6ec", "control-id": "cis_rhel10_7-2.4", "description": "No notes for control-id 7.2.4.", "props": [ @@ -30885,7 +30789,7 @@ ] }, { - "uuid": "68374e29-ea38-4822-93e1-c7d5a46dceae", + "uuid": "9bb19ff4-23b3-480c-8913-c6d708e4425e", "control-id": "cis_rhel10_7-2.5", "description": "No notes for control-id 7.2.5.", "props": [ @@ -30902,7 +30806,7 @@ ] }, { - "uuid": "da4df607-7571-4162-b5ad-7399cb5bd45d", + "uuid": "a1ea56cd-1770-4518-9132-b9c767464895", "control-id": "cis_rhel10_7-2.6", "description": "No notes for control-id 7.2.6.", "props": [ @@ -30919,7 +30823,7 @@ ] }, { - "uuid": "6fadf33b-23da-45ad-8bb5-ee249a27cb4a", + "uuid": "3f1e8b94-2226-4dd1-a34f-178115235238", "control-id": "cis_rhel10_7-2.7", "description": "No notes for control-id 7.2.7.", "props": [ @@ -30936,7 +30840,7 @@ ] }, { - "uuid": "30ddfefe-ebfc-4c64-9d5d-583ca144002a", + "uuid": "877585de-c66e-4199-a8f7-b39e977fd30f", "control-id": "cis_rhel10_7-2.8", "description": "No notes for control-id 7.2.8.", "props": [ @@ -30963,7 +30867,7 @@ ] }, { - "uuid": "fc2f95d1-6919-428d-988c-c9999f32ec32", + "uuid": "3a1d311a-1729-438a-8879-c123dc9da17b", "control-id": "cis_rhel10_7-2.9", "description": "No notes for control-id 7.2.9.", "props": [ diff --git a/component-definitions/rhel10/rhel10-ism_o-base/component-definition.json b/component-definitions/rhel10/rhel10-ism_o-base/component-definition.json index 286fc6b99..0e2af176c 100644 --- a/component-definitions/rhel10/rhel10-ism_o-base/component-definition.json +++ b/component-definitions/rhel10/rhel10-ism_o-base/component-definition.json @@ -3,8 +3,8 @@ "uuid": "608557af-015f-43b1-aacb-5926b2660da3", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:27:53.105403+00:00", - "version": "1.3", + "last-modified": "2025-12-17T11:15:49.970100+00:00", + "version": "1.4", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -317,1975 +317,1987 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_011" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_011" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_nopasswd", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_012" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_012" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "sudo_remove_nopasswd", "remarks": "rule_set_013" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", "remarks": "rule_set_013" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_authentication", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_014" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_014" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_fapolicyd_installed", + "value": "sudo_require_authentication", "remarks": "rule_set_015" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install fapolicyd Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", "remarks": "rule_set_015" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_fapolicyd_enabled", + "value": "package_fapolicyd_installed", "remarks": "rule_set_016" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the File Access Policy Service", + "value": "Install fapolicyd Package", "remarks": "rule_set_016" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_crypto_policy", + "value": "service_fapolicyd_enabled", "remarks": "rule_set_017" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure System Cryptography Policy", + "value": "Enable the File Access Policy Service", "remarks": "rule_set_017" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_ssh_crypto_policy", + "value": "configure_crypto_policy", "remarks": "rule_set_018" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SSH to use System Crypto Policy", + "value": "Configure System Cryptography Policy", "remarks": "rule_set_018" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_directory_configuration", + "value": "configure_ssh_crypto_policy", "remarks": "rule_set_019" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Distribute the SSH Server configuration to multiple files in a config directory.", + "value": "Configure SSH to use System Crypto Policy", "remarks": "rule_set_019" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "sshd_use_directory_configuration", "remarks": "rule_set_020" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Distribute the SSH Server configuration to multiple files in a config directory.", "remarks": "rule_set_020" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_disable_root_login", "remarks": "rule_set_021" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Disable SSH Root Login", "remarks": "rule_set_021" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_print_last_log", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_022" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Print Last Log", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_022" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sshd_print_last_log", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Enable SSH Print Last Log", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_info", + "value": "sshd_disable_rhosts", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set LogLevel to INFO", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_set_loglevel_info", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Set LogLevel to INFO", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_user_known_hosts", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for User Known Hosts", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_strictmodes", + "value": "sshd_disable_user_known_hosts", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Use of Strict Mode Checking", + "value": "Disable SSH Support for User Known Hosts", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsyslog_installed", + "value": "sshd_enable_strictmodes", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure rsyslog is Installed", + "value": "Enable Use of Strict Mode Checking", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rsyslog_enabled", + "value": "package_rsyslog_installed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable rsyslog Service", + "value": "Ensure rsyslog is Installed", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "service_rsyslog_enabled", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Enable rsyslog Service", "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_flush", + "value": "service_auditd_enabled", "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd flush priority", + "value": "Enable auditd Service", "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_local_events", + "value": "auditd_data_retention_flush", "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Include Local Events in Audit Logs", + "value": "Configure auditd flush priority", "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_write_logs", + "value": "auditd_local_events", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Write Audit Logs to the Disk", + "value": "Include Local Events in Audit Logs", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_log_format", + "value": "auditd_write_logs", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Resolve information before writing to audit logs", + "value": "Write Audit Logs to the Disk", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_freq", + "value": "auditd_log_format", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of records to cause an explicit flush to audit logs", + "value": "Resolve information before writing to audit logs", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_name_format", + "value": "auditd_freq", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set type of computer node name logging in audit logs", + "value": "Set number of records to cause an explicit flush to audit logs", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "auditd_name_format", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Set type of computer node name logging in audit logs", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_adjtimex", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through adjtimex", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_clock_settime", + "value": "audit_rules_time_adjtimex", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through clock_settime", + "value": "Record attempts to alter time through adjtimex", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_watch_localtime", + "value": "audit_rules_time_clock_settime", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter the localtime File", + "value": "Record Attempts to Alter Time Through clock_settime", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_settimeofday", + "value": "audit_rules_time_watch_localtime", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through settimeofday", + "value": "Record Attempts to Alter the localtime File", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_stime", + "value": "audit_rules_time_settimeofday", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through stime", + "value": "Record attempts to alter time through settimeofday", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_restorecon", + "value": "audit_rules_time_stime", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run restorecon", + "value": "Record Attempts to Alter Time Through stime", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_chcon", + "value": "audit_rules_execution_restorecon", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run chcon", + "value": "Record Any Attempts to Run restorecon", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_semanage", + "value": "audit_rules_execution_chcon", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run semanage", + "value": "Record Any Attempts to Run chcon", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setsebool", + "value": "audit_rules_execution_semanage", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setsebool", + "value": "Record Any Attempts to Run semanage", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setfiles", + "value": "audit_rules_execution_setsebool", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setfiles", + "value": "Record Any Attempts to Run setsebool", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_seunshare", + "value": "audit_rules_execution_setfiles", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run seunshare", + "value": "Record Any Attempts to Run setfiles", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_sysadmin_actions", + "value": "audit_rules_execution_seunshare", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects System Administrator Actions", + "value": "Record Any Attempts to Run seunshare", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification", + "value": "audit_rules_sysadmin_actions", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment", + "value": "Ensure auditd Collects System Administrator Actions", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_group", + "value": "audit_rules_networkconfig_modification", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/group", + "value": "Record Events that Modify the System's Network Environment", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_gshadow", + "value": "audit_rules_usergroup_modification_group", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/gshadow", + "value": "Record Events that Modify User/Group Information - /etc/group", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_opasswd", + "value": "audit_rules_usergroup_modification_gshadow", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", + "value": "Record Events that Modify User/Group Information - /etc/gshadow", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_passwd", + "value": "audit_rules_usergroup_modification_opasswd", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/passwd", + "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_shadow", + "value": "audit_rules_usergroup_modification_passwd", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/shadow", + "value": "Record Events that Modify User/Group Information - /etc/passwd", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chmod", + "value": "audit_rules_usergroup_modification_shadow", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", + "value": "Record Events that Modify User/Group Information - /etc/shadow", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chown", + "value": "audit_rules_dac_modification_chmod", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chown", + "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading", + "value": "audit_rules_dac_modification_chown", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", + "value": "Record Events that Modify the System's Discretionary Access Controls - chown", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "audit_rules_kernel_module_loading", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_exec_shield", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable ExecShield via sysctl", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "sysctl_kernel_exec_shield", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Enable ExecShield via sysctl", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kexec_load_disabled", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Image Loading", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "sysctl_kernel_kexec_load_disabled", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable Kernel Image Loading", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_unprivileged_bpf_disabled", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_core_bpf_jit_harden", + "value": "sysctl_kernel_unprivileged_bpf_disabled", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Harden the operation of the BPF just-in-time compiler", + "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_state", + "value": "sysctl_net_core_bpf_jit_harden", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SELinux State is Enforcing", + "value": "Harden the operation of the BPF just-in-time compiler", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_policytype", + "value": "selinux_state", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SELinux Policy", + "value": "Ensure SELinux State is Enforcing", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_sgid", + "value": "selinux_policytype", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All SGID Executables Are Authorized", + "value": "Configure SELinux Policy", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_suid", + "value": "file_permissions_unauthorized_sgid", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All SUID Executables Are Authorized", + "value": "Ensure All SGID Executables Are Authorized", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_world_writable", + "value": "file_permissions_unauthorized_suid", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure No World-Writable Files Exist", + "value": "Ensure All SUID Executables Are Authorized", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_perms_world_writable_sticky_bits", + "value": "file_permissions_unauthorized_world_writable", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that All World-Writable Directories Have Sticky Bits Set", + "value": "Ensure No World-Writable Files Exist", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_library_dirs", + "value": "dir_perms_world_writable_sticky_bits", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that Shared Library Files Have Restrictive Permissions", + "value": "Verify that All World-Writable Directories Have Sticky Bits Set", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_binary_dirs", + "value": "file_permissions_library_dirs", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Root Ownership", + "value": "Verify that Shared Library Files Have Restrictive Permissions", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_binary_dirs", + "value": "file_ownership_binary_dirs", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Restrictive Permissions", + "value": "Verify that System Executables Have Root Ownership", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_library_dirs", + "value": "file_permissions_binary_dirs", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that Shared Library Files Have Root Ownership", + "value": "Verify that System Executables Have Restrictive Permissions", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "file_ownership_library_dirs", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Verify that Shared Library Files Have Root Ownership", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_nodev", + "value": "no_empty_passwords", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nodev Option to /dev/shm", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_nosuid", + "value": "mount_option_dev_shm_nodev", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /dev/shm", + "value": "Add nodev Option to /dev/shm", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_noexec", + "value": "mount_option_dev_shm_nosuid", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /dev/shm", + "value": "Add nosuid Option to /dev/shm", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "mount_option_dev_shm_noexec", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Add noexec Option to /dev/shm", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "package_firewalld_installed", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Install firewalld Package", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_sniffer_disabled", + "value": "service_firewalld_enabled", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System is Not Acting as a Network Sniffer", + "value": "Verify firewalld Enabled", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "network_sniffer_disabled", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Ensure System is Not Acting as a Network Sniffer", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_minimum_age_login_defs", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Age", + "value": "Set Password Maximum Age", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "accounts_minimum_age_login_defs", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Password Minimum Age", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_kerberos_crypto_policy", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kerberos to use System Crypto Policy", + "value": "Set Password Warning Age", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "enable_ldap_client", + "value": "configure_kerberos_crypto_policy", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the LDAP Client For Use in Authconfig", + "value": "Configure Kerberos to use System Crypto Policy", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kerberos_disable_no_keytab", + "value": "enable_ldap_client", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kerberos by removing host keytab", + "value": "Enable the LDAP Client For Use in Authconfig", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_nmcli_permissions", + "value": "kerberos_disable_no_keytab", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", + "value": "Disable Kerberos by removing host keytab", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_kerberos_enabled", + "value": "network_nmcli_permissions", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the kerberos_enabled SELinux Boolean", + "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "sebool_kerberos_enabled", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Enable the kerberos_enabled SELinux Boolean", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "set_password_hashing_algorithm_libuserconf", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Set Password Hashing Algorithm in /etc/libuser.conf", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_minlen_login_defs", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Length in login.defs", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dcredit", + "value": "accounts_password_minlen_login_defs", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", + "value": "Set Password Minimum Length in login.defs", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_lcredit", + "value": "accounts_password_pam_dcredit", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_lcredit", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_ocredit", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_ucredit", + "value": "accounts_password_pam_ocredit", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_ucredit", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny_root", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the root Account for Failed Password Attempts", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_interval", + "value": "accounts_passwords_pam_faillock_deny_root", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interval For Counting Failed Password Attempts", + "value": "Configure the root Account for Failed Password Attempts", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time", + "value": "accounts_passwords_pam_faillock_interval", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Set Interval For Counting Failed Password Attempts", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "accounts_passwords_pam_faillock_unlock_time", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "require_emergency_target_auth", + "value": "disable_host_auth", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Authentication for Emergency Systemd Target", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_authlogin_nsswitch_use_ldap", + "value": "require_emergency_target_auth", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", + "value": "Require Authentication for Emergency Systemd Target", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_authlogin_radius", + "value": "sebool_authlogin_nsswitch_use_ldap", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the authlogin_radius SELinux Boolean", + "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_kerb_auth", + "value": "sebool_authlogin_radius", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kerberos Authentication", + "value": "Disable the authlogin_radius SELinux Boolean", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_kerb_auth", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable Kerberos Authentication", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sssd_enable_smartcards", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Smartcards in SSSD", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner", + "value": "sssd_enable_smartcards", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Enable Smartcards in SSSD", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_x11_forwarding", + "value": "sshd_enable_warning_banner", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable X11 Forwarding", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed", + "value": "sshd_disable_x11_forwarding", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses", + "value": "Disable X11 Forwarding", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed_aarch64", + "value": "audit_access_failed", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses (AArch64)", + "value": "Configure auditing of unsuccessful file accesses", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed_ppc64le", + "value": "audit_access_failed_aarch64", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses (ppc64le)", + "value": "Configure auditing of unsuccessful file accesses (AArch64)", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success", + "value": "audit_access_failed_ppc64le", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses", + "value": "Configure auditing of unsuccessful file accesses (ppc64le)", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success_aarch64", + "value": "audit_access_success", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses (AArch64)", + "value": "Configure auditing of successful file accesses", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success_ppc64le", + "value": "audit_access_success_aarch64", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses (ppc64le)", + "value": "Configure auditing of successful file accesses (AArch64)", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands", + "value": "audit_access_success_ppc64le", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands", + "value": "Configure auditing of successful file accesses (ppc64le)", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_privileged_commands", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_creat", + "value": "audit_rules_session_events_wtmp", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - creat", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open", + "value": "audit_rules_unsuccessful_file_modification_creat", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open", + "value": "Record Unsuccessful Access Attempts to Files - creat", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_openat", + "value": "audit_rules_unsuccessful_file_modification_open", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - openat", + "value": "Record Unsuccessful Access Attempts to Files - open", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", + "value": "audit_rules_unsuccessful_file_modification_openat", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", + "value": "Record Unsuccessful Access Attempts to Files - openat", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_truncate", + "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - truncate", + "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_ftruncate", + "value": "audit_rules_unsuccessful_file_modification_truncate", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - ftruncate", + "value": "Record Unsuccessful Access Attempts to Files - truncate", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "audit_rules_unsuccessful_file_modification_ftruncate", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Record Unsuccessful Access Attempts to Files - ftruncate", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_auditadm_exec_content", + "value": "package_audit_installed", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the auditadm_exec_content SELinux Boolean", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_configure_pool_and_server", + "value": "sebool_auditadm_exec_content", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Chrony Configure Pool and Server", + "value": "Enable the auditadm_exec_content SELinux Boolean", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_or_ntpd_specify_multiple_servers", + "value": "chronyd_configure_pool_and_server", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Specify Additional Remote NTP Servers", + "value": "Chrony Configure Pool and Server", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "chronyd_or_ntpd_specify_multiple_servers", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Specify Additional Remote NTP Servers", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_chrony_installed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "The Chrony package is installed", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_cron_logging", + "value": "package_chrony_installed", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure cron Is Logging To Rsyslog", + "value": "The Chrony package is installed", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_cron_logging", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure cron Is Logging To Rsyslog", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "rsyslog_files_ownership", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_nolisten", + "value": "rsyslog_files_permissions", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_loghost", + "value": "rsyslog_nolisten", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Logs Sent To Remote Host", + "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_tls", + "value": "rsyslog_remote_loghost", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure TLS for rsyslog remote logging", + "value": "Ensure Logs Sent To Remote Host", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_tls_cacert", + "value": "rsyslog_remote_tls", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure CA certificate for rsyslog remote logging", + "value": "Configure TLS for rsyslog remote logging", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_chronyd_enabled", + "value": "rsyslog_remote_tls_cacert", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "The Chronyd service is enabled", + "value": "Configure CA certificate for rsyslog remote logging", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "service_chronyd_enabled", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "The Chronyd service is enabled", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_snmpd_disabled", + "value": "package_aide_installed", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable snmpd Service", + "value": "Install AIDE", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "snmpd_use_newer_protocol", + "value": "service_snmpd_disabled", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", + "value": "Disable snmpd Service", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_ipv6_static_address", + "value": "snmpd_use_newer_protocol", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Manually Assign Global IPv6 Address", + "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "network_ipv6_static_address", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Manually Assign Global IPv6 Address", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_opensc_card_drivers", + "value": "wireless_disable_interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure opensc Smart Card Drivers", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_opensc_installed", + "value": "configure_opensc_card_drivers", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the opensc Package For Multifactor Authentication", + "value": "Configure opensc Smart Card Drivers", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pcsc-lite_installed", + "value": "package_opensc_installed", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the pcsc-lite package", + "value": "Install the opensc Package For Multifactor Authentication", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pcsc-lite-ccid_installed", + "value": "package_pcsc-lite_installed", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the pcsc-lite-ccid package", + "value": "Install the pcsc-lite package", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "package_pcsc-lite-ccid_installed", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Install the pcsc-lite-ccid package", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_pcscd_enabled", + "value": "package_sudo_installed", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the pcscd Service", + "value": "Install sudo Package", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_firewalld_ports", + "value": "service_pcscd_enabled", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Firewalld Ports", + "value": "Enable the pcscd Service", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_firewalld_default_zone", + "value": "configure_firewalld_ports", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Default firewalld Zone for Incoming Packets", + "value": "Configure the Firewalld Ports", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_usbguard_installed", + "value": "set_firewalld_default_zone", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install usbguard Package", + "value": "Set Default firewalld Zone for Incoming Packets", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_usbguard_enabled", + "value": "package_usbguard_installed", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the USBGuard Service", + "value": "Install usbguard Package", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "system_booted_in_fips_mode", + "value": "service_usbguard_enabled", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that the system was booted with fips=1", + "value": "Enable the USBGuard Service", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "enable_fips_mode", + "value": "system_booted_in_fips_mode", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable FIPS Mode", + "value": "Verify that the system was booted with fips=1", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "enable_fips_mode", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Enable FIPS Mode", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_libdnf-plugin-subscription-manager_installed", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install libdnf-plugin-subscription-manager Package", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_subscription-manager_installed", + "value": "package_libdnf-plugin-subscription-manager_installed", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install subscription-manager Package", + "value": "Install libdnf-plugin-subscription-manager Package", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "package_subscription-manager_installed", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Install subscription-manager Package", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "secure_boot_enabled", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Secure Boot is enabled", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_170" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "secure_boot_enabled", + "remarks": "rule_set_171" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Ensure that Secure Boot is enabled", + "remarks": "rule_set_171" } ], "control-implementations": [ { - "uuid": "0ccce754-0771-4459-b5bb-71ae8bd44f59", + "uuid": "5dc505f5-806d-4a80-bf21-9d471f02ef27", "source": "trestle://profiles/rhel10-ism_o-base/profile.json", "description": "Control implementation for ism_o", "props": [ @@ -2371,7 +2383,7 @@ ], "implemented-requirements": [ { - "uuid": "628faa71-96f1-4656-a421-119e9b937b89", + "uuid": "751481dd-98f8-4b7a-a712-e38088c0e411", "control-id": "ism_o_0418", "description": "No notes for control-id 0418.", "props": [ @@ -2453,7 +2465,7 @@ ] }, { - "uuid": "7c7386a9-8742-45ed-8eea-4a874d16023c", + "uuid": "565ff6b3-7a5e-47bc-9ff3-f2cb9136dc82", "control-id": "ism_o_0421", "description": "No notes for control-id 0421.", "props": [ @@ -2555,7 +2567,7 @@ ] }, { - "uuid": "d207412a-1bb4-4234-9a17-93d24201f726", + "uuid": "db1d0e14-409f-471f-aaef-14533ad09a12", "control-id": "ism_o_0484", "description": "No notes for control-id 0484.", "props": [ @@ -2582,7 +2594,7 @@ ] }, { - "uuid": "ff06c0e2-9714-46f8-88b8-70839c1b989e", + "uuid": "2b9a8ae1-b01b-4c23-b146-27303cd09329", "control-id": "ism_o_0487", "description": "The description for control-id ism_o_0487.", "props": [ @@ -2595,7 +2607,7 @@ ] }, { - "uuid": "88b16101-33e2-4194-9b4b-503c1ce07554", + "uuid": "ccd04ca5-bf14-466e-9094-561ca86d85b2", "control-id": "ism_o_0582", "description": "No notes for control-id 0582.", "props": [ @@ -2847,7 +2859,7 @@ ] }, { - "uuid": "702486bf-e4d6-4f2b-988d-2b534dfc72bb", + "uuid": "a1398e10-9676-470d-a4df-e4679b497fb8", "control-id": "ism_o_0846", "description": "No notes for control-id 0846.", "props": [ @@ -2954,7 +2966,7 @@ ] }, { - "uuid": "06b4fa99-110c-4609-a04a-dec4fc60be51", + "uuid": "1556c6cd-ea70-4e5f-baf9-c922980987f0", "control-id": "ism_o_0974", "description": "This needs reevaluation.", "props": [ @@ -3056,7 +3068,7 @@ ] }, { - "uuid": "aca94006-f954-47b2-9111-7e2461f5e2a5", + "uuid": "020d0825-2580-425c-90e8-e6a821fe2d38", "control-id": "ism_o_0988", "description": "No notes for control-id 0988.", "props": [ @@ -3133,7 +3145,7 @@ ] }, { - "uuid": "d31abf22-e6b9-40e4-8c51-e5afc1339ce5", + "uuid": "b1764986-6943-4120-9706-3b39decd78a2", "control-id": "ism_o_1034", "description": "No notes for control-id 1034.", "props": [ @@ -3150,7 +3162,7 @@ ] }, { - "uuid": "c6d6f947-c8e1-4ed8-bb88-4dc06ba7bc42", + "uuid": "cc93b7ff-00c3-4d89-9e06-6f3b26e516d1", "control-id": "ism_o_1055", "description": "Needs reevaluation", "props": [ @@ -3227,7 +3239,7 @@ ] }, { - "uuid": "881ccef8-fa80-41ae-a68d-b8f52ffdf969", + "uuid": "e7d49ce6-7cac-4640-be86-04e2f853e22c", "control-id": "ism_o_1173", "description": "No notes for control-id 1173.", "props": [ @@ -3329,7 +3341,7 @@ ] }, { - "uuid": "a395ce8d-3ac1-4781-972c-7fc676a191aa", + "uuid": "3c716c41-2d3e-45b5-9b4d-d5f32e1a75d4", "control-id": "ism_o_1277", "description": "No notes for control-id 1277.", "props": [ @@ -3341,7 +3353,7 @@ ] }, { - "uuid": "d655b064-ffd4-4a4a-9ae9-33bf7732c88b", + "uuid": "633dafa1-2a80-4969-b375-b492f34014c7", "control-id": "ism_o_1288", "description": "No notes for control-id 1288.", "props": [ @@ -3358,7 +3370,7 @@ ] }, { - "uuid": "1e97aa98-fa42-4fd6-bac7-5cfefbb9e23a", + "uuid": "779c53f5-c629-434d-ae5c-ab80114aa7f9", "control-id": "ism_o_1311", "description": "No notes for control-id 1311.", "props": [ @@ -3380,7 +3392,7 @@ ] }, { - "uuid": "f79cb3dc-ff20-4439-b6fa-272c07a5a923", + "uuid": "a4436797-f63e-4617-9dd2-7fb8c6a2a23f", "control-id": "ism_o_1315", "description": "No notes for control-id 1315.", "props": [ @@ -3402,7 +3414,7 @@ ] }, { - "uuid": "5284c3a5-e9e0-4995-b069-3c3acb08a751", + "uuid": "67c17cce-1529-4c96-9ea2-77a250e56649", "control-id": "ism_o_1319", "description": "No notes for control-id 1319.", "props": [ @@ -3424,7 +3436,7 @@ ] }, { - "uuid": "06f6541c-0e01-4306-a44b-e0af77b3ea1a", + "uuid": "d20bdad9-e92d-49a2-b701-df534b634385", "control-id": "ism_o_1341", "description": "No notes for control-id 1341.", "props": [ @@ -3441,7 +3453,7 @@ ] }, { - "uuid": "f63861fd-bab4-4b5e-a903-486b4f9a3fcc", + "uuid": "655534bd-5b98-400a-b14e-bd73650bcb5f", "control-id": "ism_o_1386", "description": "This needs reevaluation.", "props": [ @@ -3483,7 +3495,7 @@ ] }, { - "uuid": "a64f2b0d-51fc-4807-94af-084081f80766", + "uuid": "2ae3603c-1b0f-4336-a4eb-51404ea93c43", "control-id": "ism_o_1401", "description": "No notes for control-id 1401.", "props": [ @@ -3585,7 +3597,7 @@ ] }, { - "uuid": "2af220e3-bc99-4303-b349-140d296fc6f7", + "uuid": "5d91ef5f-582d-4573-a77b-97286e7b77b9", "control-id": "ism_o_1402", "description": "No notes for control-id 1402.", "props": [ @@ -3662,7 +3674,7 @@ ] }, { - "uuid": "2a6a85ce-7e16-4bfb-a369-1ca5870c6186", + "uuid": "113c26c8-49e9-4fc5-9a2e-c8932dfe8ec8", "control-id": "ism_o_1405", "description": "No notes for control-id 1405.", "props": [ @@ -3739,7 +3751,7 @@ ] }, { - "uuid": "4837cfc0-afc3-409e-803a-7f9a42d65cfc", + "uuid": "9d53fb1b-f285-4ce6-8e9f-0f2e0bd55940", "control-id": "ism_o_1416", "description": "No notes for control-id 1416.", "props": [ @@ -3761,7 +3773,7 @@ ] }, { - "uuid": "47585b12-d398-48cf-a0f5-dc239ce83a54", + "uuid": "96b61751-6c1a-47b5-acde-a714bdd38b71", "control-id": "ism_o_1417", "description": "No notes for control-id 1417.", "props": [ @@ -3778,7 +3790,7 @@ ] }, { - "uuid": "1516018e-62d8-4578-9ca6-a63608109b00", + "uuid": "0d5634da-500a-44b6-aa24-0bfab1e51bfd", "control-id": "ism_o_1418", "description": "No notes for control-id 1418.", "props": [ @@ -3800,7 +3812,7 @@ ] }, { - "uuid": "701b9558-e2df-470e-b319-c8f2d80d50e9", + "uuid": "93f1a8dc-cbbe-4cfb-b6ec-17378d144a55", "control-id": "ism_o_1446", "description": "No notes for control-id 1446.", "props": [ @@ -3827,7 +3839,7 @@ ] }, { - "uuid": "50ada0bf-436d-433d-917d-ba73747fa31f", + "uuid": "53b7b760-7ced-4c66-8657-fb05f7b5fb1c", "control-id": "ism_o_1449", "description": "This needs more", "props": [ @@ -3844,7 +3856,7 @@ ] }, { - "uuid": "779b9353-5e2a-49ce-89c1-5a36460b9684", + "uuid": "7b48ddef-dc01-42fe-97ff-e8e79b94cb39", "control-id": "ism_o_1467", "description": "No notes for control-id 1467.", "props": [ @@ -3871,7 +3883,7 @@ ] }, { - "uuid": "36fae9c3-85da-49a7-a00c-da31bb4dff1e", + "uuid": "31adc1b6-f075-48ba-8e16-ae2ee5bfe1e2", "control-id": "ism_o_1483", "description": "No notes for control-id 1483.", "props": [ @@ -3898,7 +3910,7 @@ ] }, { - "uuid": "7000829d-2d54-422e-ac9e-0634282e6f49", + "uuid": "5044cb49-f3b8-441c-91a6-b0e77ac6f04a", "control-id": "ism_o_1491", "description": "No notes for control-id 1491.", "props": [ @@ -3915,7 +3927,7 @@ ] }, { - "uuid": "ee7f732c-7bb0-4dc0-8025-b78c4972c869", + "uuid": "77da8ddc-2288-4dd3-a325-7caf7fd0637d", "control-id": "ism_o_1493", "description": "No notes for control-id 1493.", "props": [ @@ -3959,6 +3971,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -3967,7 +3984,7 @@ ] }, { - "uuid": "b617a9e2-b452-4c30-9a1a-0cd9b6bc521d", + "uuid": "9d36cd9f-c802-47e4-9849-47b62dceee8c", "control-id": "ism_o_1504", "description": "No notes for control-id 1504.", "props": [ @@ -4069,7 +4086,7 @@ ] }, { - "uuid": "f060c957-75d7-4c1d-a29c-b90fea4119e7", + "uuid": "4e308b5e-5823-4411-a5e7-b581cceccf5e", "control-id": "ism_o_1505", "description": "No notes for control-id 1505.", "props": [ @@ -4171,7 +4188,7 @@ ] }, { - "uuid": "b1b28f18-fb69-4116-9b72-3870cb014303", + "uuid": "362d73df-4bda-42e4-b5b9-8708cd619d6f", "control-id": "ism_o_1506", "description": "As of OpenSSH 7.6, OpenSSH only supports SSH 2.", "props": [ @@ -4183,7 +4200,7 @@ ] }, { - "uuid": "5f52abf1-66e2-426e-b7d7-a4571ce9be16", + "uuid": "2beb6190-2c15-4c9e-82c6-9e24cfe35f62", "control-id": "ism_o_1546", "description": "No notes for control-id 1546.", "props": [ @@ -4340,7 +4357,7 @@ ] }, { - "uuid": "0466b7af-fd37-418f-88dd-e8e819761eb4", + "uuid": "5dd44e48-aa6e-4e84-a737-c6ca8aaa50e9", "control-id": "ism_o_1552", "description": "No notes for control-id 1552.", "props": [ @@ -4352,7 +4369,7 @@ ] }, { - "uuid": "f4522eea-769b-4ad7-b013-1b8bba5c3eaf", + "uuid": "fbefb493-7222-44bb-ba54-9d7f50bd3032", "control-id": "ism_o_1558", "description": "No notes for control-id 1558.", "props": [ @@ -4454,7 +4471,7 @@ ] }, { - "uuid": "5aebc986-5c23-4fb1-9564-cf68493c911e", + "uuid": "e18232ce-e80a-4ddb-9fac-87aca88f2c30", "control-id": "ism_o_1559", "description": "No notes for control-id 1559.", "props": [ @@ -4556,7 +4573,7 @@ ] }, { - "uuid": "6c009b0b-82f2-4c0b-ac40-974792590ece", + "uuid": "e0843205-e8f6-442c-baf5-921a52535faa", "control-id": "ism_o_1745", "description": "The description for control-id ism_o_1745.", "props": [ @@ -4748,7 +4765,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -4970,3943 +4987,3967 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_security_updates_only", + "remarks": "rule_set_011" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Only Security Updates", + "remarks": "rule_set_011" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_security_updates_only", + "remarks": "rule_set_011" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Only Security Updates", + "remarks": "rule_set_011" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_no_uid_except_zero", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Only Root Has UID 0", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_no_uid_except_zero", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Only Root Has UID 0", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_no_authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_no_authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_require_authentication", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_require_authentication", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_fapolicyd_installed", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install fapolicyd Package", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_fapolicyd_installed", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install fapolicyd Package", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_fapolicyd_enabled", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the File Access Policy Service", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_fapolicyd_enabled", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the File Access Policy Service", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_crypto_policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System Cryptography Policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_crypto_policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System Cryptography Policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_ssh_crypto_policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SSH to use System Crypto Policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_ssh_crypto_policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SSH to use System Crypto Policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_use_directory_configuration", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Distribute the SSH Server configuration to multiple files in a config directory.", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_use_directory_configuration", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Distribute the SSH Server configuration to multiple files in a config directory.", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_print_last_log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Print Last Log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_print_last_log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Print Last Log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_do_not_permit_user_env", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do Not Allow SSH Environment Options", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_do_not_permit_user_env", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do Not Allow SSH Environment Options", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_rhosts", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for .rhosts Files", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_rhosts", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for .rhosts Files", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_loglevel_info", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set LogLevel to INFO", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_loglevel_info", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set LogLevel to INFO", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_empty_passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Access via Empty Passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_empty_passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Access via Empty Passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_user_known_hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for User Known Hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_user_known_hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for User Known Hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_strictmodes", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Use of Strict Mode Checking", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_strictmodes", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Use of Strict Mode Checking", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog_installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog is Installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog_installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog is Installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_rsyslog_enabled", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable rsyslog Service", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_rsyslog_enabled", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable rsyslog Service", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_flush", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd flush priority", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_flush", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd flush priority", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_local_events", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Include Local Events in Audit Logs", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_local_events", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Include Local Events in Audit Logs", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_write_logs", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Write Audit Logs to the Disk", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_write_logs", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Write Audit Logs to the Disk", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_log_format", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Resolve information before writing to audit logs", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_log_format", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Resolve information before writing to audit logs", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_freq", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of records to cause an explicit flush to audit logs", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_freq", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of records to cause an explicit flush to audit logs", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_exec_shield", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable ExecShield via sysctl", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_exec_shield", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable ExecShield via sysctl", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kexec_load_disabled", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Image Loading", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kexec_load_disabled", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Image Loading", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_sgid", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SGID Executables Are Authorized", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_sgid", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SGID Executables Are Authorized", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_suid", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SUID Executables Are Authorized", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_suid", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SUID Executables Are Authorized", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_library_dirs", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Restrictive Permissions", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_library_dirs", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Restrictive Permissions", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_library_dirs", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Root Ownership", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_library_dirs", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Root Ownership", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Login to Accounts With Empty Password", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Login to Accounts With Empty Password", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nodev", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to /dev/shm", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nodev", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to /dev/shm", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nosuid", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /dev/shm", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nosuid", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /dev/shm", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_noexec", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /dev/shm", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_noexec", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /dev/shm", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_firewalld_installed", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install firewalld Package", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_firewalld_installed", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install firewalld Package", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_firewalld_enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify firewalld Enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_firewalld_enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify firewalld Enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_sniffer_disabled", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System is Not Acting as a Network Sniffer", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_sniffer_disabled", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System is Not Acting as a Network Sniffer", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_maximum_age_login_defs", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Maximum Age", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_maximum_age_login_defs", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Maximum Age", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_warn_age_login_defs", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Warning Age", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_warn_age_login_defs", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Warning Age", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_kerberos_crypto_policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kerberos to use System Crypto Policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_kerberos_crypto_policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kerberos to use System Crypto Policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_ldap_client", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the LDAP Client For Use in Authconfig", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_ldap_client", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the LDAP Client For Use in Authconfig", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kerberos_disable_no_keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos by removing host keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kerberos_disable_no_keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos by removing host keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_nmcli_permissions", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_nmcli_permissions", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_kerberos_enabled", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the kerberos_enabled SELinux Boolean", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_kerberos_enabled", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the kerberos_enabled SELinux Boolean", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_libuserconf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/libuser.conf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_libuserconf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/libuser.conf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_logindefs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/login.defs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_logindefs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/login.defs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_passwordauth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - password-auth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_passwordauth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - password-auth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_minlen_login_defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Length in login.defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_minlen_login_defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Length in login.defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_dcredit", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_dcredit", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_lcredit", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_lcredit", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minlen", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Length", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minlen", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Length", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ocredit", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ocredit", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ucredit", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ucredit", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Lock Accounts After Failed Password Attempts", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Lock Accounts After Failed Password Attempts", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_interval", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interval For Counting Failed Password Attempts", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_interval", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interval For Counting Failed Password Attempts", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_unlock_time", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Lockout Time for Failed Password Attempts", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_unlock_time", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Lockout Time for Failed Password Attempts", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_host_auth", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Host-Based Authentication", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_host_auth", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Host-Based Authentication", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "require_emergency_target_auth", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require Authentication for Emergency Systemd Target", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "require_emergency_target_auth", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require Authentication for Emergency Systemd Target", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_nsswitch_use_ldap", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_nsswitch_use_ldap", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_radius", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_radius SELinux Boolean", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_radius", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_radius SELinux Boolean", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_kerb_auth", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos Authentication", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_kerb_auth", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos Authentication", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_max_auth_tries", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set SSH authentication attempt limit", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_max_auth_tries", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set SSH authentication attempt limit", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sssd_enable_smartcards", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Smartcards in SSSD", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sssd_enable_smartcards", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Smartcards in SSSD", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_warning_banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Warning Banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_warning_banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Warning Banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_x11_forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable X11 Forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_x11_forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable X11 Forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_aarch64", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (AArch64)", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_aarch64", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (AArch64)", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_ppc64le", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (ppc64le)", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_ppc64le", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (ppc64le)", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_aarch64", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (AArch64)", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_aarch64", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (AArch64)", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_ppc64le", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (ppc64le)", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_ppc64le", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (ppc64le)", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_auditadm_exec_content", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the auditadm_exec_content SELinux Boolean", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_auditadm_exec_content", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the auditadm_exec_content SELinux Boolean", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_or_ntpd_specify_multiple_servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify Additional Remote NTP Servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_or_ntpd_specify_multiple_servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify Additional Remote NTP Servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_cron_logging", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure cron Is Logging To Rsyslog", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_cron_logging", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure cron Is Logging To Rsyslog", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_nolisten", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_nolisten", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_snmpd_disabled", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable snmpd Service", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_snmpd_disabled", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable snmpd Service", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "snmpd_use_newer_protocol", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "snmpd_use_newer_protocol", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_ipv6_static_address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Manually Assign Global IPv6 Address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_ipv6_static_address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Manually Assign Global IPv6 Address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "wireless_disable_interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Deactivate Wireless Network Interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "wireless_disable_interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Deactivate Wireless Network Interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_opensc_card_drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure opensc Smart Card Drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_opensc_card_drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure opensc Smart Card Drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_opensc_installed", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the opensc Package For Multifactor Authentication", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_opensc_installed", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the opensc Package For Multifactor Authentication", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite_installed", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite package", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite_installed", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite package", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite-ccid_installed", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite-ccid package", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite-ccid_installed", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite-ccid package", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_pcscd_enabled", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the pcscd Service", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_pcscd_enabled", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the pcscd Service", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_firewalld_ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the Firewalld Ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_firewalld_ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the Firewalld Ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_firewalld_default_zone", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Default firewalld Zone for Incoming Packets", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_firewalld_default_zone", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Default firewalld Zone for Incoming Packets", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_usbguard_installed", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install usbguard Package", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_usbguard_installed", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install usbguard Package", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_usbguard_enabled", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the USBGuard Service", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_usbguard_enabled", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the USBGuard Service", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "system_booted_in_fips_mode", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that the system was booted with fips=1", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "system_booted_in_fips_mode", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that the system was booted with fips=1", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_fips_mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable FIPS Mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_fips_mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable FIPS Mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_apply_updates", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Available Updates Automatically", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_apply_updates", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Available Updates Automatically", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_libdnf-plugin-subscription-manager_installed", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install libdnf-plugin-subscription-manager Package", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_libdnf-plugin-subscription-manager_installed", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install libdnf-plugin-subscription-manager Package", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_subscription-manager_installed", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install subscription-manager Package", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_subscription-manager_installed", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install subscription-manager Package", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_shelllogin_for_systemaccounts", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_shelllogin_for_systemaccounts", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "secure_boot_enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that Secure Boot is enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "secure_boot_enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that Secure Boot is enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" } ], "control-implementations": [ { - "uuid": "f78d5c35-0b80-4958-9ead-d6ea84f0bb55", + "uuid": "f6ecf497-e23f-4e47-8265-5c3232721890", "source": "trestle://profiles/rhel10-ism_o-base/profile.json", "description": "Control implementation for ism_o", "props": [ @@ -8992,7 +9033,7 @@ ], "implemented-requirements": [ { - "uuid": "0daed040-15c1-4d34-b628-4798c108f45d", + "uuid": "9176bc6b-3ca7-411b-ae38-65f44e1a817f", "control-id": "ism_o_0418", "description": "No notes for control-id 0418.", "props": [ @@ -9074,7 +9115,7 @@ ] }, { - "uuid": "187589db-72af-471b-bbf7-98d6669a43fe", + "uuid": "b4ac1e40-6a29-4fde-8a48-893fbbfdd9fd", "control-id": "ism_o_0421", "description": "No notes for control-id 0421.", "props": [ @@ -9176,7 +9217,7 @@ ] }, { - "uuid": "f1c9650c-cf41-4fdd-940f-f26fb24855c9", + "uuid": "fe5027e0-eb62-4653-8914-89f3d6c82dcf", "control-id": "ism_o_0484", "description": "No notes for control-id 0484.", "props": [ @@ -9203,7 +9244,7 @@ ] }, { - "uuid": "b9b4d707-b24b-4293-bb4e-314610249ed9", + "uuid": "8f6350ae-1a60-41c3-9eba-d3867cadb41f", "control-id": "ism_o_0487", "description": "The description for control-id ism_o_0487.", "props": [ @@ -9216,7 +9257,7 @@ ] }, { - "uuid": "06652fa2-96b1-450c-8d96-1dfe659e90e9", + "uuid": "e9326bb8-0072-4930-a507-b9ed54407030", "control-id": "ism_o_0582", "description": "No notes for control-id 0582.", "props": [ @@ -9468,7 +9509,7 @@ ] }, { - "uuid": "12a51727-1e80-48a1-a109-4eb32e04d34a", + "uuid": "97b08a96-addd-40d4-a7bc-5dfc37054885", "control-id": "ism_o_0846", "description": "No notes for control-id 0846.", "props": [ @@ -9575,7 +9616,7 @@ ] }, { - "uuid": "70918833-9654-4229-a5f0-371c2dac3bb3", + "uuid": "531f766f-47cf-46e9-a319-6c4d9c0938b7", "control-id": "ism_o_0974", "description": "This needs reevaluation.", "props": [ @@ -9677,7 +9718,7 @@ ] }, { - "uuid": "01bbe9e4-676d-40d3-9c19-94bdb5a3150a", + "uuid": "982dce55-9758-4e0a-8e71-c96357685e11", "control-id": "ism_o_0988", "description": "No notes for control-id 0988.", "props": [ @@ -9754,7 +9795,7 @@ ] }, { - "uuid": "c791431e-f66a-459f-8013-a63bca58f19a", + "uuid": "06ce4d6b-877e-4b83-88e5-2ca29486be96", "control-id": "ism_o_1034", "description": "No notes for control-id 1034.", "props": [ @@ -9771,7 +9812,7 @@ ] }, { - "uuid": "7a01524b-0cc0-43f2-b9a1-cecaaed92942", + "uuid": "9645ae5a-8b6d-4420-870b-fe25c4a03d50", "control-id": "ism_o_1055", "description": "Needs reevaluation", "props": [ @@ -9848,7 +9889,7 @@ ] }, { - "uuid": "c9e8b333-9e70-403e-b0d6-53977e2c3c2c", + "uuid": "cedb81d8-d418-40e9-a6af-ae2910e11f7e", "control-id": "ism_o_1173", "description": "No notes for control-id 1173.", "props": [ @@ -9950,7 +9991,7 @@ ] }, { - "uuid": "e0c2a21d-7977-4c15-86d9-f83adb5fb1fe", + "uuid": "116f383f-64a4-4921-8388-82958c33f856", "control-id": "ism_o_1277", "description": "No notes for control-id 1277.", "props": [ @@ -9962,7 +10003,7 @@ ] }, { - "uuid": "ea38b482-f469-45c5-ac04-5959895f56fe", + "uuid": "24b391a4-697c-4352-ba96-cb1b075e1ef0", "control-id": "ism_o_1288", "description": "No notes for control-id 1288.", "props": [ @@ -9979,7 +10020,7 @@ ] }, { - "uuid": "f4fa4795-2e22-48e7-9343-ed4bad3dd58f", + "uuid": "6ec77b3d-4dbc-4502-a6c5-8a0f027f438c", "control-id": "ism_o_1311", "description": "No notes for control-id 1311.", "props": [ @@ -10001,7 +10042,7 @@ ] }, { - "uuid": "bad05912-3c52-420a-a797-5226a91a4062", + "uuid": "eef76069-1272-40c8-a922-ec80fddbf244", "control-id": "ism_o_1315", "description": "No notes for control-id 1315.", "props": [ @@ -10023,7 +10064,7 @@ ] }, { - "uuid": "966c2135-08fc-4414-b69f-68c4f6461d7a", + "uuid": "4db909c8-762e-42e5-b4ce-fe7f53ba2c06", "control-id": "ism_o_1319", "description": "No notes for control-id 1319.", "props": [ @@ -10045,7 +10086,7 @@ ] }, { - "uuid": "bea91a89-603f-40b3-87ae-988edc28e987", + "uuid": "8ce0727d-5125-4411-aa8b-d54d2bff534a", "control-id": "ism_o_1341", "description": "No notes for control-id 1341.", "props": [ @@ -10062,7 +10103,7 @@ ] }, { - "uuid": "f3e1d6b6-9509-49d4-813b-f8a740f523db", + "uuid": "8ec5f965-3c59-42e4-9a9e-2844bd546979", "control-id": "ism_o_1386", "description": "This needs reevaluation.", "props": [ @@ -10104,7 +10145,7 @@ ] }, { - "uuid": "82a52ccd-748a-43a9-aafb-1d2413765552", + "uuid": "4059d981-ab0e-43ac-8c8e-86df6170f247", "control-id": "ism_o_1401", "description": "No notes for control-id 1401.", "props": [ @@ -10206,7 +10247,7 @@ ] }, { - "uuid": "ccf2513a-6869-4abc-998a-cbac86bc0686", + "uuid": "36299531-86fb-4182-b8d3-163f72a21697", "control-id": "ism_o_1402", "description": "No notes for control-id 1402.", "props": [ @@ -10283,7 +10324,7 @@ ] }, { - "uuid": "010d6b5b-2909-4ae4-a923-73cd46792ab8", + "uuid": "b97861e7-e010-42c4-ba54-0b1f349d764d", "control-id": "ism_o_1405", "description": "No notes for control-id 1405.", "props": [ @@ -10360,7 +10401,7 @@ ] }, { - "uuid": "031ffad7-d8a8-4c44-8a4f-ebfba49ee2c1", + "uuid": "a596b15c-59d4-44e7-9878-2b8ddf29f084", "control-id": "ism_o_1416", "description": "No notes for control-id 1416.", "props": [ @@ -10382,7 +10423,7 @@ ] }, { - "uuid": "19f27472-8645-480b-97e7-f69ae05a3b52", + "uuid": "a6653276-981a-4c5d-bb5c-99e47113efb9", "control-id": "ism_o_1417", "description": "No notes for control-id 1417.", "props": [ @@ -10399,7 +10440,7 @@ ] }, { - "uuid": "9d3ba222-253b-416c-b7ca-d3aba3e52c51", + "uuid": "4f0752da-2e7e-447b-8c21-e1a297984bbe", "control-id": "ism_o_1418", "description": "No notes for control-id 1418.", "props": [ @@ -10421,7 +10462,7 @@ ] }, { - "uuid": "dd7b5b6f-092a-480e-bc8a-f948cd6bc227", + "uuid": "e5ed10ab-8df7-447e-8854-9b9522f5a04f", "control-id": "ism_o_1446", "description": "No notes for control-id 1446.", "props": [ @@ -10448,7 +10489,7 @@ ] }, { - "uuid": "93f5c57c-f997-4377-8742-b8cba6e7a481", + "uuid": "cdc1505b-1321-46ab-907f-51c22eca42be", "control-id": "ism_o_1449", "description": "This needs more", "props": [ @@ -10465,7 +10506,7 @@ ] }, { - "uuid": "b31edbc4-480b-4bff-ad65-5b54338f2c2c", + "uuid": "766ba749-44d4-475c-9c33-b0680e8e7294", "control-id": "ism_o_1467", "description": "No notes for control-id 1467.", "props": [ @@ -10492,7 +10533,7 @@ ] }, { - "uuid": "3d5c4e41-d7b7-4b87-af11-76c4df19ff9f", + "uuid": "95d7688a-61f3-45cd-91c6-a68d37816ee8", "control-id": "ism_o_1483", "description": "No notes for control-id 1483.", "props": [ @@ -10519,7 +10560,7 @@ ] }, { - "uuid": "3ff6a06b-602e-469a-a245-ec38c60087da", + "uuid": "9da2014e-ab81-49e1-a2e9-51b7d3330434", "control-id": "ism_o_1491", "description": "No notes for control-id 1491.", "props": [ @@ -10536,7 +10577,7 @@ ] }, { - "uuid": "cbd65aae-e68f-4125-a3e6-0aea7e19b262", + "uuid": "181a832a-9c97-48c4-a09f-f695d5156454", "control-id": "ism_o_1493", "description": "No notes for control-id 1493.", "props": [ @@ -10580,6 +10621,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -10588,7 +10634,7 @@ ] }, { - "uuid": "144a8108-6ac6-448b-92bd-2d4b9bc33238", + "uuid": "5d51a354-8f1b-4e63-9c3a-275c385a2d22", "control-id": "ism_o_1504", "description": "No notes for control-id 1504.", "props": [ @@ -10690,7 +10736,7 @@ ] }, { - "uuid": "e1d23d1d-c4ec-4fb0-b8a8-73f3628b02e0", + "uuid": "e3c4ec1a-6470-464e-aae6-045a033aa148", "control-id": "ism_o_1505", "description": "No notes for control-id 1505.", "props": [ @@ -10792,7 +10838,7 @@ ] }, { - "uuid": "963121bb-0642-4915-b663-12cfb25600b1", + "uuid": "777e2e55-b1a0-443b-a900-cc8d4439da0d", "control-id": "ism_o_1506", "description": "As of OpenSSH 7.6, OpenSSH only supports SSH 2.", "props": [ @@ -10804,7 +10850,7 @@ ] }, { - "uuid": "e2989e3c-339c-4dff-a502-e8cb4884cb35", + "uuid": "e6a853e8-b433-4df2-85c4-aa3d8bf8e3a0", "control-id": "ism_o_1546", "description": "No notes for control-id 1546.", "props": [ @@ -10961,7 +11007,7 @@ ] }, { - "uuid": "74808339-fa03-49b1-b754-21aa8f862a0b", + "uuid": "1e9a461f-fe48-442b-bb3f-063340e57074", "control-id": "ism_o_1552", "description": "No notes for control-id 1552.", "props": [ @@ -10973,7 +11019,7 @@ ] }, { - "uuid": "c0caffa1-1e4f-4344-809b-112405970442", + "uuid": "ba35644a-5bb9-4b66-8f53-897cfa5c69d2", "control-id": "ism_o_1558", "description": "No notes for control-id 1558.", "props": [ @@ -11075,7 +11121,7 @@ ] }, { - "uuid": "2db62f6a-05c8-4e82-9625-db216c611918", + "uuid": "18e92bf9-8f8a-46e6-84de-9a1fbc81e70e", "control-id": "ism_o_1559", "description": "No notes for control-id 1559.", "props": [ @@ -11177,7 +11223,7 @@ ] }, { - "uuid": "32aacff8-0e3e-4b4c-b4f9-01c70fa858d2", + "uuid": "23297557-e4af-4ebc-a032-eacd25bb85d5", "control-id": "ism_o_1745", "description": "The description for control-id ism_o_1745.", "props": [ diff --git a/component-definitions/rhel10/rhel10-ism_o-secret/component-definition.json b/component-definitions/rhel10/rhel10-ism_o-secret/component-definition.json index 788c97947..114ce9eb8 100644 --- a/component-definitions/rhel10/rhel10-ism_o-secret/component-definition.json +++ b/component-definitions/rhel10/rhel10-ism_o-secret/component-definition.json @@ -3,8 +3,8 @@ "uuid": "673e9d3e-1259-437f-9893-b77522335217", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:28:32.667208+00:00", - "version": "1.3", + "last-modified": "2025-12-17T11:16:34.194164+00:00", + "version": "1.4", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -317,1975 +317,1987 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_011" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_011" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_nopasswd", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_012" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_012" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "sudo_remove_nopasswd", "remarks": "rule_set_013" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", "remarks": "rule_set_013" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_authentication", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_014" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_014" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_fapolicyd_installed", + "value": "sudo_require_authentication", "remarks": "rule_set_015" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install fapolicyd Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", "remarks": "rule_set_015" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_fapolicyd_enabled", + "value": "package_fapolicyd_installed", "remarks": "rule_set_016" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the File Access Policy Service", + "value": "Install fapolicyd Package", "remarks": "rule_set_016" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_crypto_policy", + "value": "service_fapolicyd_enabled", "remarks": "rule_set_017" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure System Cryptography Policy", + "value": "Enable the File Access Policy Service", "remarks": "rule_set_017" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_ssh_crypto_policy", + "value": "configure_crypto_policy", "remarks": "rule_set_018" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SSH to use System Crypto Policy", + "value": "Configure System Cryptography Policy", "remarks": "rule_set_018" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_directory_configuration", + "value": "configure_ssh_crypto_policy", "remarks": "rule_set_019" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Distribute the SSH Server configuration to multiple files in a config directory.", + "value": "Configure SSH to use System Crypto Policy", "remarks": "rule_set_019" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "sshd_use_directory_configuration", "remarks": "rule_set_020" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Distribute the SSH Server configuration to multiple files in a config directory.", "remarks": "rule_set_020" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_disable_root_login", "remarks": "rule_set_021" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Disable SSH Root Login", "remarks": "rule_set_021" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_print_last_log", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_022" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Print Last Log", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_022" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sshd_print_last_log", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Enable SSH Print Last Log", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_info", + "value": "sshd_disable_rhosts", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set LogLevel to INFO", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_set_loglevel_info", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Set LogLevel to INFO", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_user_known_hosts", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for User Known Hosts", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_strictmodes", + "value": "sshd_disable_user_known_hosts", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Use of Strict Mode Checking", + "value": "Disable SSH Support for User Known Hosts", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsyslog_installed", + "value": "sshd_enable_strictmodes", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure rsyslog is Installed", + "value": "Enable Use of Strict Mode Checking", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rsyslog_enabled", + "value": "package_rsyslog_installed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable rsyslog Service", + "value": "Ensure rsyslog is Installed", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "service_rsyslog_enabled", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Enable rsyslog Service", "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_flush", + "value": "service_auditd_enabled", "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd flush priority", + "value": "Enable auditd Service", "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_local_events", + "value": "auditd_data_retention_flush", "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Include Local Events in Audit Logs", + "value": "Configure auditd flush priority", "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_write_logs", + "value": "auditd_local_events", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Write Audit Logs to the Disk", + "value": "Include Local Events in Audit Logs", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_log_format", + "value": "auditd_write_logs", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Resolve information before writing to audit logs", + "value": "Write Audit Logs to the Disk", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_freq", + "value": "auditd_log_format", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of records to cause an explicit flush to audit logs", + "value": "Resolve information before writing to audit logs", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_name_format", + "value": "auditd_freq", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set type of computer node name logging in audit logs", + "value": "Set number of records to cause an explicit flush to audit logs", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "auditd_name_format", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Set type of computer node name logging in audit logs", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_adjtimex", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through adjtimex", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_clock_settime", + "value": "audit_rules_time_adjtimex", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through clock_settime", + "value": "Record attempts to alter time through adjtimex", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_watch_localtime", + "value": "audit_rules_time_clock_settime", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter the localtime File", + "value": "Record Attempts to Alter Time Through clock_settime", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_settimeofday", + "value": "audit_rules_time_watch_localtime", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through settimeofday", + "value": "Record Attempts to Alter the localtime File", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_stime", + "value": "audit_rules_time_settimeofday", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through stime", + "value": "Record attempts to alter time through settimeofday", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_restorecon", + "value": "audit_rules_time_stime", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run restorecon", + "value": "Record Attempts to Alter Time Through stime", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_chcon", + "value": "audit_rules_execution_restorecon", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run chcon", + "value": "Record Any Attempts to Run restorecon", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_semanage", + "value": "audit_rules_execution_chcon", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run semanage", + "value": "Record Any Attempts to Run chcon", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setsebool", + "value": "audit_rules_execution_semanage", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setsebool", + "value": "Record Any Attempts to Run semanage", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setfiles", + "value": "audit_rules_execution_setsebool", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setfiles", + "value": "Record Any Attempts to Run setsebool", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_seunshare", + "value": "audit_rules_execution_setfiles", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run seunshare", + "value": "Record Any Attempts to Run setfiles", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_sysadmin_actions", + "value": "audit_rules_execution_seunshare", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects System Administrator Actions", + "value": "Record Any Attempts to Run seunshare", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification", + "value": "audit_rules_sysadmin_actions", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment", + "value": "Ensure auditd Collects System Administrator Actions", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_group", + "value": "audit_rules_networkconfig_modification", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/group", + "value": "Record Events that Modify the System's Network Environment", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_gshadow", + "value": "audit_rules_usergroup_modification_group", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/gshadow", + "value": "Record Events that Modify User/Group Information - /etc/group", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_opasswd", + "value": "audit_rules_usergroup_modification_gshadow", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", + "value": "Record Events that Modify User/Group Information - /etc/gshadow", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_passwd", + "value": "audit_rules_usergroup_modification_opasswd", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/passwd", + "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_shadow", + "value": "audit_rules_usergroup_modification_passwd", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/shadow", + "value": "Record Events that Modify User/Group Information - /etc/passwd", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chmod", + "value": "audit_rules_usergroup_modification_shadow", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", + "value": "Record Events that Modify User/Group Information - /etc/shadow", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chown", + "value": "audit_rules_dac_modification_chmod", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chown", + "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading", + "value": "audit_rules_dac_modification_chown", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", + "value": "Record Events that Modify the System's Discretionary Access Controls - chown", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "audit_rules_kernel_module_loading", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_exec_shield", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable ExecShield via sysctl", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "sysctl_kernel_exec_shield", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Enable ExecShield via sysctl", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kexec_load_disabled", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Image Loading", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "sysctl_kernel_kexec_load_disabled", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable Kernel Image Loading", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_unprivileged_bpf_disabled", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_core_bpf_jit_harden", + "value": "sysctl_kernel_unprivileged_bpf_disabled", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Harden the operation of the BPF just-in-time compiler", + "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_state", + "value": "sysctl_net_core_bpf_jit_harden", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SELinux State is Enforcing", + "value": "Harden the operation of the BPF just-in-time compiler", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_policytype", + "value": "selinux_state", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SELinux Policy", + "value": "Ensure SELinux State is Enforcing", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_sgid", + "value": "selinux_policytype", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All SGID Executables Are Authorized", + "value": "Configure SELinux Policy", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_suid", + "value": "file_permissions_unauthorized_sgid", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All SUID Executables Are Authorized", + "value": "Ensure All SGID Executables Are Authorized", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_world_writable", + "value": "file_permissions_unauthorized_suid", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure No World-Writable Files Exist", + "value": "Ensure All SUID Executables Are Authorized", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_perms_world_writable_sticky_bits", + "value": "file_permissions_unauthorized_world_writable", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that All World-Writable Directories Have Sticky Bits Set", + "value": "Ensure No World-Writable Files Exist", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_library_dirs", + "value": "dir_perms_world_writable_sticky_bits", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that Shared Library Files Have Restrictive Permissions", + "value": "Verify that All World-Writable Directories Have Sticky Bits Set", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_binary_dirs", + "value": "file_permissions_library_dirs", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Root Ownership", + "value": "Verify that Shared Library Files Have Restrictive Permissions", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_binary_dirs", + "value": "file_ownership_binary_dirs", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Restrictive Permissions", + "value": "Verify that System Executables Have Root Ownership", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_library_dirs", + "value": "file_permissions_binary_dirs", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that Shared Library Files Have Root Ownership", + "value": "Verify that System Executables Have Restrictive Permissions", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "file_ownership_library_dirs", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Verify that Shared Library Files Have Root Ownership", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_nodev", + "value": "no_empty_passwords", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nodev Option to /dev/shm", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_nosuid", + "value": "mount_option_dev_shm_nodev", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /dev/shm", + "value": "Add nodev Option to /dev/shm", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_noexec", + "value": "mount_option_dev_shm_nosuid", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /dev/shm", + "value": "Add nosuid Option to /dev/shm", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "mount_option_dev_shm_noexec", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Add noexec Option to /dev/shm", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "package_firewalld_installed", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Install firewalld Package", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_sniffer_disabled", + "value": "service_firewalld_enabled", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System is Not Acting as a Network Sniffer", + "value": "Verify firewalld Enabled", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "network_sniffer_disabled", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Ensure System is Not Acting as a Network Sniffer", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_minimum_age_login_defs", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Age", + "value": "Set Password Maximum Age", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "accounts_minimum_age_login_defs", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Password Minimum Age", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_kerberos_crypto_policy", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kerberos to use System Crypto Policy", + "value": "Set Password Warning Age", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "enable_ldap_client", + "value": "configure_kerberos_crypto_policy", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the LDAP Client For Use in Authconfig", + "value": "Configure Kerberos to use System Crypto Policy", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kerberos_disable_no_keytab", + "value": "enable_ldap_client", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kerberos by removing host keytab", + "value": "Enable the LDAP Client For Use in Authconfig", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_nmcli_permissions", + "value": "kerberos_disable_no_keytab", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", + "value": "Disable Kerberos by removing host keytab", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_kerberos_enabled", + "value": "network_nmcli_permissions", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the kerberos_enabled SELinux Boolean", + "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "sebool_kerberos_enabled", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Enable the kerberos_enabled SELinux Boolean", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "set_password_hashing_algorithm_libuserconf", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Set Password Hashing Algorithm in /etc/libuser.conf", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_minlen_login_defs", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Length in login.defs", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dcredit", + "value": "accounts_password_minlen_login_defs", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", + "value": "Set Password Minimum Length in login.defs", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_lcredit", + "value": "accounts_password_pam_dcredit", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_lcredit", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_ocredit", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_ucredit", + "value": "accounts_password_pam_ocredit", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_ucredit", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny_root", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the root Account for Failed Password Attempts", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_interval", + "value": "accounts_passwords_pam_faillock_deny_root", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interval For Counting Failed Password Attempts", + "value": "Configure the root Account for Failed Password Attempts", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time", + "value": "accounts_passwords_pam_faillock_interval", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Set Interval For Counting Failed Password Attempts", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "accounts_passwords_pam_faillock_unlock_time", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "require_emergency_target_auth", + "value": "disable_host_auth", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Authentication for Emergency Systemd Target", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_authlogin_nsswitch_use_ldap", + "value": "require_emergency_target_auth", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", + "value": "Require Authentication for Emergency Systemd Target", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_authlogin_radius", + "value": "sebool_authlogin_nsswitch_use_ldap", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the authlogin_radius SELinux Boolean", + "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_kerb_auth", + "value": "sebool_authlogin_radius", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kerberos Authentication", + "value": "Disable the authlogin_radius SELinux Boolean", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_kerb_auth", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable Kerberos Authentication", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sssd_enable_smartcards", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Smartcards in SSSD", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner", + "value": "sssd_enable_smartcards", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Enable Smartcards in SSSD", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_x11_forwarding", + "value": "sshd_enable_warning_banner", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable X11 Forwarding", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed", + "value": "sshd_disable_x11_forwarding", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses", + "value": "Disable X11 Forwarding", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed_aarch64", + "value": "audit_access_failed", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses (AArch64)", + "value": "Configure auditing of unsuccessful file accesses", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed_ppc64le", + "value": "audit_access_failed_aarch64", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses (ppc64le)", + "value": "Configure auditing of unsuccessful file accesses (AArch64)", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success", + "value": "audit_access_failed_ppc64le", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses", + "value": "Configure auditing of unsuccessful file accesses (ppc64le)", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success_aarch64", + "value": "audit_access_success", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses (AArch64)", + "value": "Configure auditing of successful file accesses", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success_ppc64le", + "value": "audit_access_success_aarch64", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses (ppc64le)", + "value": "Configure auditing of successful file accesses (AArch64)", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands", + "value": "audit_access_success_ppc64le", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands", + "value": "Configure auditing of successful file accesses (ppc64le)", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_privileged_commands", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_creat", + "value": "audit_rules_session_events_wtmp", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - creat", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open", + "value": "audit_rules_unsuccessful_file_modification_creat", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open", + "value": "Record Unsuccessful Access Attempts to Files - creat", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_openat", + "value": "audit_rules_unsuccessful_file_modification_open", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - openat", + "value": "Record Unsuccessful Access Attempts to Files - open", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", + "value": "audit_rules_unsuccessful_file_modification_openat", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", + "value": "Record Unsuccessful Access Attempts to Files - openat", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_truncate", + "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - truncate", + "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_ftruncate", + "value": "audit_rules_unsuccessful_file_modification_truncate", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - ftruncate", + "value": "Record Unsuccessful Access Attempts to Files - truncate", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "audit_rules_unsuccessful_file_modification_ftruncate", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Record Unsuccessful Access Attempts to Files - ftruncate", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_auditadm_exec_content", + "value": "package_audit_installed", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the auditadm_exec_content SELinux Boolean", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_configure_pool_and_server", + "value": "sebool_auditadm_exec_content", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Chrony Configure Pool and Server", + "value": "Enable the auditadm_exec_content SELinux Boolean", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_or_ntpd_specify_multiple_servers", + "value": "chronyd_configure_pool_and_server", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Specify Additional Remote NTP Servers", + "value": "Chrony Configure Pool and Server", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "chronyd_or_ntpd_specify_multiple_servers", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Specify Additional Remote NTP Servers", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_chrony_installed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "The Chrony package is installed", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_cron_logging", + "value": "package_chrony_installed", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure cron Is Logging To Rsyslog", + "value": "The Chrony package is installed", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_cron_logging", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure cron Is Logging To Rsyslog", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "rsyslog_files_ownership", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_nolisten", + "value": "rsyslog_files_permissions", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_loghost", + "value": "rsyslog_nolisten", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Logs Sent To Remote Host", + "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_tls", + "value": "rsyslog_remote_loghost", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure TLS for rsyslog remote logging", + "value": "Ensure Logs Sent To Remote Host", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_tls_cacert", + "value": "rsyslog_remote_tls", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure CA certificate for rsyslog remote logging", + "value": "Configure TLS for rsyslog remote logging", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_chronyd_enabled", + "value": "rsyslog_remote_tls_cacert", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "The Chronyd service is enabled", + "value": "Configure CA certificate for rsyslog remote logging", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "service_chronyd_enabled", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "The Chronyd service is enabled", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_snmpd_disabled", + "value": "package_aide_installed", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable snmpd Service", + "value": "Install AIDE", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "snmpd_use_newer_protocol", + "value": "service_snmpd_disabled", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", + "value": "Disable snmpd Service", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_ipv6_static_address", + "value": "snmpd_use_newer_protocol", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Manually Assign Global IPv6 Address", + "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "network_ipv6_static_address", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Manually Assign Global IPv6 Address", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_opensc_card_drivers", + "value": "wireless_disable_interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure opensc Smart Card Drivers", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_opensc_installed", + "value": "configure_opensc_card_drivers", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the opensc Package For Multifactor Authentication", + "value": "Configure opensc Smart Card Drivers", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pcsc-lite_installed", + "value": "package_opensc_installed", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the pcsc-lite package", + "value": "Install the opensc Package For Multifactor Authentication", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pcsc-lite-ccid_installed", + "value": "package_pcsc-lite_installed", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the pcsc-lite-ccid package", + "value": "Install the pcsc-lite package", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "package_pcsc-lite-ccid_installed", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Install the pcsc-lite-ccid package", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_pcscd_enabled", + "value": "package_sudo_installed", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the pcscd Service", + "value": "Install sudo Package", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_firewalld_ports", + "value": "service_pcscd_enabled", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Firewalld Ports", + "value": "Enable the pcscd Service", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_firewalld_default_zone", + "value": "configure_firewalld_ports", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Default firewalld Zone for Incoming Packets", + "value": "Configure the Firewalld Ports", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_usbguard_installed", + "value": "set_firewalld_default_zone", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install usbguard Package", + "value": "Set Default firewalld Zone for Incoming Packets", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_usbguard_enabled", + "value": "package_usbguard_installed", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the USBGuard Service", + "value": "Install usbguard Package", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "system_booted_in_fips_mode", + "value": "service_usbguard_enabled", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that the system was booted with fips=1", + "value": "Enable the USBGuard Service", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "enable_fips_mode", + "value": "system_booted_in_fips_mode", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable FIPS Mode", + "value": "Verify that the system was booted with fips=1", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "enable_fips_mode", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Enable FIPS Mode", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_libdnf-plugin-subscription-manager_installed", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install libdnf-plugin-subscription-manager Package", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_subscription-manager_installed", + "value": "package_libdnf-plugin-subscription-manager_installed", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install subscription-manager Package", + "value": "Install libdnf-plugin-subscription-manager Package", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "package_subscription-manager_installed", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Install subscription-manager Package", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "secure_boot_enabled", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Secure Boot is enabled", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_170" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "secure_boot_enabled", + "remarks": "rule_set_171" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Ensure that Secure Boot is enabled", + "remarks": "rule_set_171" } ], "control-implementations": [ { - "uuid": "96ceb215-2935-446a-8845-fcab221161b1", + "uuid": "b893b83b-fa59-433a-bfff-d53213fc1011", "source": "trestle://profiles/rhel10-ism_o-secret/profile.json", "description": "Control implementation for ism_o_secret", "props": [ @@ -2371,7 +2383,7 @@ ], "implemented-requirements": [ { - "uuid": "077aebb4-b272-4175-a5bd-b35d68d3a683", + "uuid": "d396ab24-69e8-45f8-a926-f94717d71b08", "control-id": "ism_o_1557", "description": "No notes for control-id 1557.", "props": [ @@ -2473,7 +2485,7 @@ ] }, { - "uuid": "e8fb38d3-0789-4c60-a135-0d85f1b6033a", + "uuid": "cae2bd58-4a60-45d4-b59d-5b5027272a6c", "control-id": "ism_o_1560", "description": "No notes for control-id 1560.", "props": [ @@ -2575,7 +2587,7 @@ ] }, { - "uuid": "3fc6ad39-3212-4d06-89e7-43e8aeb31757", + "uuid": "b447c6cd-9e88-4302-a9f5-14ba6addcb5c", "control-id": "ism_o_0418", "description": "No notes for control-id 0418.", "props": [ @@ -2657,7 +2669,7 @@ ] }, { - "uuid": "618f960c-1f06-44c4-a451-8f0cbe5a3afd", + "uuid": "6aa74d53-35f8-40b3-b1e8-3b85ec7b6190", "control-id": "ism_o_0421", "description": "No notes for control-id 0421.", "props": [ @@ -2759,7 +2771,7 @@ ] }, { - "uuid": "8b1b61d9-72c0-4035-8a56-b339911f5fa6", + "uuid": "52210269-1914-47c1-af8e-4520142c1e3e", "control-id": "ism_o_0484", "description": "No notes for control-id 0484.", "props": [ @@ -2786,7 +2798,7 @@ ] }, { - "uuid": "e1939a5d-9b22-451e-894e-7b98686f8c79", + "uuid": "21eca22f-cc50-42df-8be8-67e9f0ac140b", "control-id": "ism_o_0487", "description": "The description for control-id ism_o_0487.", "props": [ @@ -2799,7 +2811,7 @@ ] }, { - "uuid": "ced72096-f253-4585-9032-690585437bf5", + "uuid": "fae4510b-7b27-4583-a286-c159a28165ac", "control-id": "ism_o_0582", "description": "No notes for control-id 0582.", "props": [ @@ -3051,7 +3063,7 @@ ] }, { - "uuid": "bfef4c50-8e4e-4a46-9dc6-b0707c9b640c", + "uuid": "a1c1597a-c548-4557-a0f1-55aaed034a23", "control-id": "ism_o_0846", "description": "No notes for control-id 0846.", "props": [ @@ -3158,7 +3170,7 @@ ] }, { - "uuid": "1e23399a-afa1-4059-ab24-d0be2a45de65", + "uuid": "edc5ba20-6ecf-4e59-aafc-04b9d362ed52", "control-id": "ism_o_0974", "description": "This needs reevaluation.", "props": [ @@ -3260,7 +3272,7 @@ ] }, { - "uuid": "9609c185-478b-42c6-92a2-b6a560700e89", + "uuid": "117d1024-3c05-4749-b48b-e4606b65b038", "control-id": "ism_o_0988", "description": "No notes for control-id 0988.", "props": [ @@ -3337,7 +3349,7 @@ ] }, { - "uuid": "b33d1389-2d5b-4361-9273-14dcbf87eb4f", + "uuid": "60a48852-0800-4eaa-8cc3-25b46179693f", "control-id": "ism_o_1034", "description": "No notes for control-id 1034.", "props": [ @@ -3354,7 +3366,7 @@ ] }, { - "uuid": "a9bae2f1-74d2-4daf-b7cc-d710fcdb98eb", + "uuid": "4ce592fe-24ab-4b5b-894c-4656d2059e6e", "control-id": "ism_o_1055", "description": "Needs reevaluation", "props": [ @@ -3431,7 +3443,7 @@ ] }, { - "uuid": "643cf6ee-6068-458a-af0f-b10862336dfc", + "uuid": "cb1010d1-6b25-45fe-8537-9420528f58f6", "control-id": "ism_o_1173", "description": "No notes for control-id 1173.", "props": [ @@ -3533,7 +3545,7 @@ ] }, { - "uuid": "48f7c242-a642-496a-87c4-a4d28e716243", + "uuid": "7a081f3d-040e-4af6-b93a-b70da5023bb5", "control-id": "ism_o_1277", "description": "No notes for control-id 1277.", "props": [ @@ -3545,7 +3557,7 @@ ] }, { - "uuid": "7a4f0fd4-7314-4748-8692-b6309f83efc4", + "uuid": "85b8c02e-e5f3-435a-a430-a7e72ac41492", "control-id": "ism_o_1288", "description": "No notes for control-id 1288.", "props": [ @@ -3562,7 +3574,7 @@ ] }, { - "uuid": "a2460a0a-1e22-4aa3-9a7d-ce28853da86b", + "uuid": "b978c830-3aec-4934-b6d3-9427e440c8e9", "control-id": "ism_o_1311", "description": "No notes for control-id 1311.", "props": [ @@ -3584,7 +3596,7 @@ ] }, { - "uuid": "b9c7f02a-8f39-4463-8b01-d78e43c185c6", + "uuid": "8ca51075-518b-43bc-af6c-f2a98b36cf51", "control-id": "ism_o_1315", "description": "No notes for control-id 1315.", "props": [ @@ -3606,7 +3618,7 @@ ] }, { - "uuid": "77a64d20-2751-4194-bf52-852ff13a2b1c", + "uuid": "75c6bcae-11a7-4867-af4a-67bf556030bf", "control-id": "ism_o_1319", "description": "No notes for control-id 1319.", "props": [ @@ -3628,7 +3640,7 @@ ] }, { - "uuid": "13588608-3ab7-4843-a651-b954199303ee", + "uuid": "710dd605-e0af-46a4-b076-f9f3fb435b38", "control-id": "ism_o_1341", "description": "No notes for control-id 1341.", "props": [ @@ -3645,7 +3657,7 @@ ] }, { - "uuid": "dafeb8c8-34f7-492f-99e7-6a7df5146ff8", + "uuid": "26134ae8-0ef1-4e9d-a189-0d1208beef7a", "control-id": "ism_o_1386", "description": "This needs reevaluation.", "props": [ @@ -3687,7 +3699,7 @@ ] }, { - "uuid": "f047657c-f99a-4f1a-a3c4-efda37352d1a", + "uuid": "708b7a4c-fb19-4024-8799-57b4f94b39b0", "control-id": "ism_o_1401", "description": "No notes for control-id 1401.", "props": [ @@ -3789,7 +3801,7 @@ ] }, { - "uuid": "b06df663-7c8f-4e60-b892-9bfcd4eb06b2", + "uuid": "00537b69-12c0-465d-a4ba-8802262fed7a", "control-id": "ism_o_1402", "description": "No notes for control-id 1402.", "props": [ @@ -3866,7 +3878,7 @@ ] }, { - "uuid": "f725bd2a-5fcb-46a3-9465-075c384d5d37", + "uuid": "78184ab0-056b-430e-bbc4-78b4900991a1", "control-id": "ism_o_1405", "description": "No notes for control-id 1405.", "props": [ @@ -3943,7 +3955,7 @@ ] }, { - "uuid": "3fff0959-d9af-45cf-9e5d-8b315eaf4e00", + "uuid": "aeb47103-3772-4baf-bb0a-6c47604f3763", "control-id": "ism_o_1416", "description": "No notes for control-id 1416.", "props": [ @@ -3965,7 +3977,7 @@ ] }, { - "uuid": "e8f96002-ce8e-4242-a7c5-025e25ff9931", + "uuid": "0649b40f-814a-44f7-b3a2-debfb8b53bbb", "control-id": "ism_o_1417", "description": "No notes for control-id 1417.", "props": [ @@ -3982,7 +3994,7 @@ ] }, { - "uuid": "a12a7011-4fcb-48cf-ae18-e84c0892fed0", + "uuid": "c07f8a10-71e5-47ba-99da-d484df4ee633", "control-id": "ism_o_1418", "description": "No notes for control-id 1418.", "props": [ @@ -4004,7 +4016,7 @@ ] }, { - "uuid": "d8a59708-2f7f-4778-bd2e-dc9624984a48", + "uuid": "f1c17fd1-8b90-4d1d-8e61-e53e460d691d", "control-id": "ism_o_1446", "description": "No notes for control-id 1446.", "props": [ @@ -4031,7 +4043,7 @@ ] }, { - "uuid": "01bdcaec-8dbb-418b-937e-39cc036f7936", + "uuid": "196bd980-c113-46e4-b89e-d8190c0640cd", "control-id": "ism_o_1449", "description": "This needs more", "props": [ @@ -4048,7 +4060,7 @@ ] }, { - "uuid": "221a2970-55b0-4cfd-b37b-281404ab34b1", + "uuid": "20c9045d-35b3-44a2-ae5e-75087a9961bb", "control-id": "ism_o_1467", "description": "No notes for control-id 1467.", "props": [ @@ -4075,7 +4087,7 @@ ] }, { - "uuid": "c2c0afc1-b503-4855-85e8-2fd2fa318db6", + "uuid": "24a9f936-7a03-4af3-9daf-81770b9b8fdd", "control-id": "ism_o_1483", "description": "No notes for control-id 1483.", "props": [ @@ -4102,7 +4114,7 @@ ] }, { - "uuid": "367e562d-69b7-4827-81ec-126eba3f8e10", + "uuid": "ef15cfed-529a-4f09-b9de-0d42acffe8ae", "control-id": "ism_o_1491", "description": "No notes for control-id 1491.", "props": [ @@ -4119,7 +4131,7 @@ ] }, { - "uuid": "96a273af-e632-4eb5-b030-8900b3e3cb70", + "uuid": "b64168e1-c524-4f7c-857f-cdc043763f47", "control-id": "ism_o_1493", "description": "No notes for control-id 1493.", "props": [ @@ -4163,6 +4175,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -4171,7 +4188,7 @@ ] }, { - "uuid": "d1f5d174-9f1b-4ce5-9715-623252ca5e18", + "uuid": "3945b7f0-59bb-49f9-bc24-e1db95a4963f", "control-id": "ism_o_1504", "description": "No notes for control-id 1504.", "props": [ @@ -4273,7 +4290,7 @@ ] }, { - "uuid": "fe6a414c-47f4-40df-b521-e855254d0917", + "uuid": "301f0352-212f-453b-a627-fe3898737772", "control-id": "ism_o_1505", "description": "No notes for control-id 1505.", "props": [ @@ -4375,7 +4392,7 @@ ] }, { - "uuid": "d1b36c30-8e98-486c-a4f5-dfe1a2d838fa", + "uuid": "6fd8dc97-9b11-4615-a7a1-c7cb2d656e0b", "control-id": "ism_o_1506", "description": "As of OpenSSH 7.6, OpenSSH only supports SSH 2.", "props": [ @@ -4387,7 +4404,7 @@ ] }, { - "uuid": "d7277ed3-a425-4b82-8552-ce7669644617", + "uuid": "b980fea9-e6c0-4c94-bbac-3518debc3a14", "control-id": "ism_o_1546", "description": "No notes for control-id 1546.", "props": [ @@ -4544,7 +4561,7 @@ ] }, { - "uuid": "187bd3ce-3903-4af9-be13-9512388d44a3", + "uuid": "6f30964b-0830-400e-a4f8-49f6200a79b0", "control-id": "ism_o_1552", "description": "No notes for control-id 1552.", "props": [ @@ -4556,7 +4573,7 @@ ] }, { - "uuid": "2f076675-6e0f-4ef6-897a-188ef0b8fe0e", + "uuid": "7f9c759d-1c08-4632-9835-676deda2368a", "control-id": "ism_o_1558", "description": "No notes for control-id 1558.", "props": [ @@ -4658,7 +4675,7 @@ ] }, { - "uuid": "29094c1d-aec8-486c-a86c-777c4e25357e", + "uuid": "d564c905-726f-4d14-a9c3-e2d7937bd6f5", "control-id": "ism_o_1559", "description": "No notes for control-id 1559.", "props": [ @@ -4760,7 +4777,7 @@ ] }, { - "uuid": "893cc097-7721-48ed-90ce-409d06484cf8", + "uuid": "250c77dd-c940-427f-99a7-791af2e9495f", "control-id": "ism_o_1745", "description": "The description for control-id ism_o_1745.", "props": [ @@ -4952,7 +4969,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -5174,3943 +5191,3967 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_security_updates_only", + "remarks": "rule_set_011" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Only Security Updates", + "remarks": "rule_set_011" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_security_updates_only", + "remarks": "rule_set_011" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Only Security Updates", + "remarks": "rule_set_011" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_no_uid_except_zero", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Only Root Has UID 0", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_no_uid_except_zero", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Only Root Has UID 0", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_no_authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_no_authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_require_authentication", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_require_authentication", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_fapolicyd_installed", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install fapolicyd Package", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_fapolicyd_installed", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install fapolicyd Package", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_fapolicyd_enabled", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the File Access Policy Service", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_fapolicyd_enabled", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the File Access Policy Service", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_crypto_policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System Cryptography Policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_crypto_policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System Cryptography Policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_ssh_crypto_policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SSH to use System Crypto Policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_ssh_crypto_policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SSH to use System Crypto Policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_use_directory_configuration", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Distribute the SSH Server configuration to multiple files in a config directory.", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_use_directory_configuration", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Distribute the SSH Server configuration to multiple files in a config directory.", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_print_last_log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Print Last Log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_print_last_log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Print Last Log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_do_not_permit_user_env", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do Not Allow SSH Environment Options", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_do_not_permit_user_env", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do Not Allow SSH Environment Options", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_rhosts", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for .rhosts Files", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_rhosts", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for .rhosts Files", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_loglevel_info", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set LogLevel to INFO", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_loglevel_info", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set LogLevel to INFO", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_empty_passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Access via Empty Passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_empty_passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Access via Empty Passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_user_known_hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for User Known Hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_user_known_hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for User Known Hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_strictmodes", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Use of Strict Mode Checking", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_strictmodes", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Use of Strict Mode Checking", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog_installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog is Installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog_installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog is Installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_rsyslog_enabled", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable rsyslog Service", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_rsyslog_enabled", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable rsyslog Service", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_flush", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd flush priority", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_flush", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd flush priority", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_local_events", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Include Local Events in Audit Logs", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_local_events", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Include Local Events in Audit Logs", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_write_logs", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Write Audit Logs to the Disk", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_write_logs", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Write Audit Logs to the Disk", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_log_format", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Resolve information before writing to audit logs", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_log_format", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Resolve information before writing to audit logs", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_freq", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of records to cause an explicit flush to audit logs", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_freq", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of records to cause an explicit flush to audit logs", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_exec_shield", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable ExecShield via sysctl", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_exec_shield", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable ExecShield via sysctl", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kexec_load_disabled", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Image Loading", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kexec_load_disabled", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Image Loading", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_sgid", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SGID Executables Are Authorized", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_sgid", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SGID Executables Are Authorized", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_suid", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SUID Executables Are Authorized", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_suid", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SUID Executables Are Authorized", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_library_dirs", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Restrictive Permissions", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_library_dirs", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Restrictive Permissions", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_library_dirs", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Root Ownership", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_library_dirs", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Root Ownership", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Login to Accounts With Empty Password", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Login to Accounts With Empty Password", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nodev", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to /dev/shm", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nodev", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to /dev/shm", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nosuid", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /dev/shm", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nosuid", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /dev/shm", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_noexec", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /dev/shm", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_noexec", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /dev/shm", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_firewalld_installed", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install firewalld Package", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_firewalld_installed", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install firewalld Package", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_firewalld_enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify firewalld Enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_firewalld_enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify firewalld Enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_sniffer_disabled", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System is Not Acting as a Network Sniffer", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_sniffer_disabled", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System is Not Acting as a Network Sniffer", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_maximum_age_login_defs", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Maximum Age", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_maximum_age_login_defs", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Maximum Age", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_warn_age_login_defs", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Warning Age", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_warn_age_login_defs", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Warning Age", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_kerberos_crypto_policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kerberos to use System Crypto Policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_kerberos_crypto_policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kerberos to use System Crypto Policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_ldap_client", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the LDAP Client For Use in Authconfig", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_ldap_client", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the LDAP Client For Use in Authconfig", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kerberos_disable_no_keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos by removing host keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kerberos_disable_no_keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos by removing host keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_nmcli_permissions", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_nmcli_permissions", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_kerberos_enabled", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the kerberos_enabled SELinux Boolean", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_kerberos_enabled", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the kerberos_enabled SELinux Boolean", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_libuserconf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/libuser.conf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_libuserconf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/libuser.conf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_logindefs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/login.defs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_logindefs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/login.defs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_passwordauth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - password-auth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_passwordauth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - password-auth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_minlen_login_defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Length in login.defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_minlen_login_defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Length in login.defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_dcredit", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_dcredit", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_lcredit", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_lcredit", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minlen", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Length", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minlen", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Length", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ocredit", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ocredit", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ucredit", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ucredit", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Lock Accounts After Failed Password Attempts", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Lock Accounts After Failed Password Attempts", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_interval", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interval For Counting Failed Password Attempts", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_interval", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interval For Counting Failed Password Attempts", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_unlock_time", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Lockout Time for Failed Password Attempts", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_unlock_time", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Lockout Time for Failed Password Attempts", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_host_auth", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Host-Based Authentication", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_host_auth", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Host-Based Authentication", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "require_emergency_target_auth", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require Authentication for Emergency Systemd Target", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "require_emergency_target_auth", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require Authentication for Emergency Systemd Target", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_nsswitch_use_ldap", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_nsswitch_use_ldap", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_radius", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_radius SELinux Boolean", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_radius", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_radius SELinux Boolean", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_kerb_auth", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos Authentication", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_kerb_auth", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos Authentication", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_max_auth_tries", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set SSH authentication attempt limit", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_max_auth_tries", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set SSH authentication attempt limit", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sssd_enable_smartcards", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Smartcards in SSSD", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sssd_enable_smartcards", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Smartcards in SSSD", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_warning_banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Warning Banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_warning_banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Warning Banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_x11_forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable X11 Forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_x11_forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable X11 Forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_aarch64", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (AArch64)", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_aarch64", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (AArch64)", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_ppc64le", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (ppc64le)", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_ppc64le", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (ppc64le)", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_aarch64", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (AArch64)", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_aarch64", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (AArch64)", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_ppc64le", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (ppc64le)", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_ppc64le", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (ppc64le)", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_auditadm_exec_content", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the auditadm_exec_content SELinux Boolean", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_auditadm_exec_content", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the auditadm_exec_content SELinux Boolean", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_or_ntpd_specify_multiple_servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify Additional Remote NTP Servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_or_ntpd_specify_multiple_servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify Additional Remote NTP Servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_cron_logging", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure cron Is Logging To Rsyslog", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_cron_logging", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure cron Is Logging To Rsyslog", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_nolisten", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_nolisten", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_snmpd_disabled", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable snmpd Service", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_snmpd_disabled", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable snmpd Service", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "snmpd_use_newer_protocol", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "snmpd_use_newer_protocol", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_ipv6_static_address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Manually Assign Global IPv6 Address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_ipv6_static_address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Manually Assign Global IPv6 Address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "wireless_disable_interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Deactivate Wireless Network Interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "wireless_disable_interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Deactivate Wireless Network Interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_opensc_card_drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure opensc Smart Card Drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_opensc_card_drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure opensc Smart Card Drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_opensc_installed", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the opensc Package For Multifactor Authentication", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_opensc_installed", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the opensc Package For Multifactor Authentication", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite_installed", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite package", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite_installed", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite package", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite-ccid_installed", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite-ccid package", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite-ccid_installed", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite-ccid package", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_pcscd_enabled", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the pcscd Service", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_pcscd_enabled", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the pcscd Service", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_firewalld_ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the Firewalld Ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_firewalld_ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the Firewalld Ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_firewalld_default_zone", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Default firewalld Zone for Incoming Packets", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_firewalld_default_zone", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Default firewalld Zone for Incoming Packets", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_usbguard_installed", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install usbguard Package", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_usbguard_installed", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install usbguard Package", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_usbguard_enabled", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the USBGuard Service", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_usbguard_enabled", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the USBGuard Service", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "system_booted_in_fips_mode", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that the system was booted with fips=1", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "system_booted_in_fips_mode", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that the system was booted with fips=1", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_fips_mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable FIPS Mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_fips_mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable FIPS Mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_apply_updates", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Available Updates Automatically", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_apply_updates", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Available Updates Automatically", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_libdnf-plugin-subscription-manager_installed", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install libdnf-plugin-subscription-manager Package", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_libdnf-plugin-subscription-manager_installed", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install libdnf-plugin-subscription-manager Package", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_subscription-manager_installed", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install subscription-manager Package", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_subscription-manager_installed", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install subscription-manager Package", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_shelllogin_for_systemaccounts", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_shelllogin_for_systemaccounts", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "secure_boot_enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that Secure Boot is enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "secure_boot_enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that Secure Boot is enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" } ], "control-implementations": [ { - "uuid": "ab08d6a6-d5ce-4126-aecd-e3466d3d1c79", + "uuid": "193e8321-d556-41e5-babc-abb4a5981b91", "source": "trestle://profiles/rhel10-ism_o-secret/profile.json", "description": "Control implementation for ism_o_secret", "props": [ @@ -9196,7 +9237,7 @@ ], "implemented-requirements": [ { - "uuid": "fc1efe41-f20f-47bc-b6ac-cdd6961f0cd4", + "uuid": "5c9d6857-0e4b-4efa-9a3a-b3b8122c9942", "control-id": "ism_o_1557", "description": "No notes for control-id 1557.", "props": [ @@ -9298,7 +9339,7 @@ ] }, { - "uuid": "76c79edf-7bc0-43c6-9abf-7deb8d477b4e", + "uuid": "853bfac8-2d70-4d88-8fff-c67271fe3b33", "control-id": "ism_o_1560", "description": "No notes for control-id 1560.", "props": [ @@ -9400,7 +9441,7 @@ ] }, { - "uuid": "2a934db1-d655-4618-a560-eddc45c5d039", + "uuid": "a7b34f98-350e-4035-b0fc-9aea970146b4", "control-id": "ism_o_0418", "description": "No notes for control-id 0418.", "props": [ @@ -9482,7 +9523,7 @@ ] }, { - "uuid": "1b073df7-02ba-48e2-9d3e-c942f86690fb", + "uuid": "dc52994b-e159-4d0a-9dfd-b48576400f12", "control-id": "ism_o_0421", "description": "No notes for control-id 0421.", "props": [ @@ -9584,7 +9625,7 @@ ] }, { - "uuid": "7ae78c2b-8571-40a9-a427-cc09403d4083", + "uuid": "7895dd3e-9965-45ed-ad4d-d5f7df1efd97", "control-id": "ism_o_0484", "description": "No notes for control-id 0484.", "props": [ @@ -9611,7 +9652,7 @@ ] }, { - "uuid": "23cab23c-9e56-4cc6-bddf-8170502407e1", + "uuid": "4cc75712-f972-48b5-894a-87ca545dd004", "control-id": "ism_o_0487", "description": "The description for control-id ism_o_0487.", "props": [ @@ -9624,7 +9665,7 @@ ] }, { - "uuid": "892a0361-c5bf-442f-8d9e-76847bed4839", + "uuid": "b7006321-c33c-4d40-9218-33b0922312ba", "control-id": "ism_o_0582", "description": "No notes for control-id 0582.", "props": [ @@ -9876,7 +9917,7 @@ ] }, { - "uuid": "91842d56-8969-4bb2-9372-620de0cdcb80", + "uuid": "72c8a655-7aff-472d-a5d9-49527eca1818", "control-id": "ism_o_0846", "description": "No notes for control-id 0846.", "props": [ @@ -9983,7 +10024,7 @@ ] }, { - "uuid": "a512f0df-3e70-4247-a78c-819f6d912efa", + "uuid": "50b100ff-2d52-47f4-8297-912282271cd0", "control-id": "ism_o_0974", "description": "This needs reevaluation.", "props": [ @@ -10085,7 +10126,7 @@ ] }, { - "uuid": "cf99d618-e1ec-4753-93d1-c039fa00fbf3", + "uuid": "5c91bc0a-91e9-4561-97b9-dea7c1004e86", "control-id": "ism_o_0988", "description": "No notes for control-id 0988.", "props": [ @@ -10162,7 +10203,7 @@ ] }, { - "uuid": "804d4dc5-2eb6-4a81-b99e-47a6bf5ee9b7", + "uuid": "a52400ac-f25e-438a-9387-04bb1e76af10", "control-id": "ism_o_1034", "description": "No notes for control-id 1034.", "props": [ @@ -10179,7 +10220,7 @@ ] }, { - "uuid": "53681e20-1a56-4e85-a740-3b822fa9fec2", + "uuid": "cf960649-e5fd-4ae2-a6c6-f5c75307a5e8", "control-id": "ism_o_1055", "description": "Needs reevaluation", "props": [ @@ -10256,7 +10297,7 @@ ] }, { - "uuid": "31582521-39f0-49a8-aac8-9ad9831e0268", + "uuid": "6a4e6b88-c1a4-4f1e-9a8c-94e752e06270", "control-id": "ism_o_1173", "description": "No notes for control-id 1173.", "props": [ @@ -10358,7 +10399,7 @@ ] }, { - "uuid": "3668ecbd-1169-46da-b8ce-42bd069c7e82", + "uuid": "a6de81f1-d641-41f9-95e9-9b5097a041a9", "control-id": "ism_o_1277", "description": "No notes for control-id 1277.", "props": [ @@ -10370,7 +10411,7 @@ ] }, { - "uuid": "328c4095-9871-4f7a-8170-c3977a5ff0cb", + "uuid": "12efd63b-f206-4c7f-ab77-4f6ec9e12384", "control-id": "ism_o_1288", "description": "No notes for control-id 1288.", "props": [ @@ -10387,7 +10428,7 @@ ] }, { - "uuid": "e005e9e0-56cf-430f-9bcb-80a292d02712", + "uuid": "67dbb61c-41ff-4002-a6fb-bb4318c12a1b", "control-id": "ism_o_1311", "description": "No notes for control-id 1311.", "props": [ @@ -10409,7 +10450,7 @@ ] }, { - "uuid": "945893ea-3b16-44cf-ab42-6a918c433610", + "uuid": "97ec7d61-0eed-4b44-8ffc-3659a105ed18", "control-id": "ism_o_1315", "description": "No notes for control-id 1315.", "props": [ @@ -10431,7 +10472,7 @@ ] }, { - "uuid": "010d0484-9e93-479c-bf98-1cd6a509f8db", + "uuid": "3d26df2a-7382-47d1-bb63-3861a5d9ea91", "control-id": "ism_o_1319", "description": "No notes for control-id 1319.", "props": [ @@ -10453,7 +10494,7 @@ ] }, { - "uuid": "c5c908fc-1fba-4b5e-b95a-b4c32af6481c", + "uuid": "8cb05474-f36d-4183-bfe4-a9af6c571ddd", "control-id": "ism_o_1341", "description": "No notes for control-id 1341.", "props": [ @@ -10470,7 +10511,7 @@ ] }, { - "uuid": "d92840fe-1490-4f92-9047-b5da492d1800", + "uuid": "f931f87d-edec-4b55-b91d-23fcab73ec58", "control-id": "ism_o_1386", "description": "This needs reevaluation.", "props": [ @@ -10512,7 +10553,7 @@ ] }, { - "uuid": "8069fd7b-b27e-4a0c-928b-39015a656cc7", + "uuid": "d9cdc03c-305a-4ad1-90b2-5722739717bc", "control-id": "ism_o_1401", "description": "No notes for control-id 1401.", "props": [ @@ -10614,7 +10655,7 @@ ] }, { - "uuid": "c2687160-24ff-4ce2-ab84-983905317352", + "uuid": "3f383890-9b04-4808-b8f7-aedb04fb67f9", "control-id": "ism_o_1402", "description": "No notes for control-id 1402.", "props": [ @@ -10691,7 +10732,7 @@ ] }, { - "uuid": "e33428fb-b4a1-45b3-8d18-4240da066760", + "uuid": "7c2f7f80-76e4-4723-9967-076ea7bfe1ed", "control-id": "ism_o_1405", "description": "No notes for control-id 1405.", "props": [ @@ -10768,7 +10809,7 @@ ] }, { - "uuid": "9c091a05-2b32-4ce0-9af8-03e16e217b46", + "uuid": "11925089-6311-4994-afd8-f2030620a2f1", "control-id": "ism_o_1416", "description": "No notes for control-id 1416.", "props": [ @@ -10790,7 +10831,7 @@ ] }, { - "uuid": "69ed0dc2-ea48-4aea-9c9c-47004eb68c89", + "uuid": "d28c99a2-7cbb-4ea1-b2c7-f7655ed37aaa", "control-id": "ism_o_1417", "description": "No notes for control-id 1417.", "props": [ @@ -10807,7 +10848,7 @@ ] }, { - "uuid": "43d1d21b-a13a-4de3-bc81-23c0d309be96", + "uuid": "0a570691-1c73-4c6c-8f9d-5bd26314b85f", "control-id": "ism_o_1418", "description": "No notes for control-id 1418.", "props": [ @@ -10829,7 +10870,7 @@ ] }, { - "uuid": "1f13f92a-1c91-4914-a65a-238e182870f9", + "uuid": "1680da3b-f745-4ab7-a90a-4c627a1d6303", "control-id": "ism_o_1446", "description": "No notes for control-id 1446.", "props": [ @@ -10856,7 +10897,7 @@ ] }, { - "uuid": "272bcd82-b559-40ba-869b-da7a502813b4", + "uuid": "7853aa52-ec09-476e-b94b-d84c4174e919", "control-id": "ism_o_1449", "description": "This needs more", "props": [ @@ -10873,7 +10914,7 @@ ] }, { - "uuid": "a4de75e0-01ce-40e3-b67c-86d0585ef7ab", + "uuid": "300de444-db2e-4ded-a923-4597580c977a", "control-id": "ism_o_1467", "description": "No notes for control-id 1467.", "props": [ @@ -10900,7 +10941,7 @@ ] }, { - "uuid": "533ca3ff-8132-405f-acdf-67cbf7c05500", + "uuid": "ffc35925-7323-404c-94d6-f2837033b1f2", "control-id": "ism_o_1483", "description": "No notes for control-id 1483.", "props": [ @@ -10927,7 +10968,7 @@ ] }, { - "uuid": "d2da86b4-d0a9-4e3a-840e-060e1ac13a81", + "uuid": "483a23d6-a8fd-4920-8093-a2f7032f9786", "control-id": "ism_o_1491", "description": "No notes for control-id 1491.", "props": [ @@ -10944,7 +10985,7 @@ ] }, { - "uuid": "a5bd4481-6183-4fd1-9c6c-206e095037b5", + "uuid": "addc3469-34f7-49c9-a6b7-400af8807c05", "control-id": "ism_o_1493", "description": "No notes for control-id 1493.", "props": [ @@ -10988,6 +11029,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -10996,7 +11042,7 @@ ] }, { - "uuid": "d63a2f5e-bd6e-4149-bd10-b08ce97e542f", + "uuid": "6ffe29cc-ccfa-465d-a4ca-f55d350cd045", "control-id": "ism_o_1504", "description": "No notes for control-id 1504.", "props": [ @@ -11098,7 +11144,7 @@ ] }, { - "uuid": "803099ec-e60f-4532-81b4-0dd20a50ae91", + "uuid": "73f2053f-44d3-4780-882d-cd01f0e20ffe", "control-id": "ism_o_1505", "description": "No notes for control-id 1505.", "props": [ @@ -11200,7 +11246,7 @@ ] }, { - "uuid": "93f38392-7b29-410d-b89e-b698e5d243c0", + "uuid": "22cbb624-cbb8-4d65-802a-59f6819f0fc8", "control-id": "ism_o_1506", "description": "As of OpenSSH 7.6, OpenSSH only supports SSH 2.", "props": [ @@ -11212,7 +11258,7 @@ ] }, { - "uuid": "86dc2772-6bb6-4e98-bd68-0ae1419c81d2", + "uuid": "06e3e826-53de-42d5-98bd-e3acf92ca096", "control-id": "ism_o_1546", "description": "No notes for control-id 1546.", "props": [ @@ -11369,7 +11415,7 @@ ] }, { - "uuid": "b95ec5b4-241e-4dfa-9e7f-fdcb9fa29365", + "uuid": "00e0ce5a-add0-4fcb-a56e-7013151ca6a8", "control-id": "ism_o_1552", "description": "No notes for control-id 1552.", "props": [ @@ -11381,7 +11427,7 @@ ] }, { - "uuid": "fcd52e3e-5add-458e-bd31-036e15314ad8", + "uuid": "2b9d3bab-2672-4212-a815-2faa62d1b531", "control-id": "ism_o_1558", "description": "No notes for control-id 1558.", "props": [ @@ -11483,7 +11529,7 @@ ] }, { - "uuid": "54ffcbbd-4eca-4e6c-925c-f516efbb72ee", + "uuid": "8040ab1e-7726-4dd2-ac2f-da9d05628781", "control-id": "ism_o_1559", "description": "No notes for control-id 1559.", "props": [ @@ -11585,7 +11631,7 @@ ] }, { - "uuid": "bbd98af4-ba9e-49bb-b3c6-7880cc42638d", + "uuid": "d3fa92cb-9561-4e52-85b0-d3e2f03be698", "control-id": "ism_o_1745", "description": "The description for control-id ism_o_1745.", "props": [ diff --git a/component-definitions/rhel10/rhel10-ism_o-top_secret/component-definition.json b/component-definitions/rhel10/rhel10-ism_o-top_secret/component-definition.json index 7e2d38733..7947a54a9 100644 --- a/component-definitions/rhel10/rhel10-ism_o-top_secret/component-definition.json +++ b/component-definitions/rhel10/rhel10-ism_o-top_secret/component-definition.json @@ -3,8 +3,8 @@ "uuid": "6ca8c4fe-f75b-4070-a178-188a41fecbf0", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:29:11.692013+00:00", - "version": "1.3", + "last-modified": "2025-12-17T11:17:19.541237+00:00", + "version": "1.4", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -317,1975 +317,1987 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "dnf-automatic_security_updates_only", "remarks": "rule_set_011" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Configure dnf-automatic to Install Only Security Updates", "remarks": "rule_set_011" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_nopasswd", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_012" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_012" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_remove_no_authenticate", + "value": "sudo_remove_nopasswd", "remarks": "rule_set_013" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", "remarks": "rule_set_013" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sudo_require_authentication", + "value": "sudo_remove_no_authenticate", "remarks": "rule_set_014" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", "remarks": "rule_set_014" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_fapolicyd_installed", + "value": "sudo_require_authentication", "remarks": "rule_set_015" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install fapolicyd Package", + "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", "remarks": "rule_set_015" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_fapolicyd_enabled", + "value": "package_fapolicyd_installed", "remarks": "rule_set_016" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the File Access Policy Service", + "value": "Install fapolicyd Package", "remarks": "rule_set_016" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_crypto_policy", + "value": "service_fapolicyd_enabled", "remarks": "rule_set_017" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure System Cryptography Policy", + "value": "Enable the File Access Policy Service", "remarks": "rule_set_017" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_ssh_crypto_policy", + "value": "configure_crypto_policy", "remarks": "rule_set_018" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SSH to use System Crypto Policy", + "value": "Configure System Cryptography Policy", "remarks": "rule_set_018" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_use_directory_configuration", + "value": "configure_ssh_crypto_policy", "remarks": "rule_set_019" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Distribute the SSH Server configuration to multiple files in a config directory.", + "value": "Configure SSH to use System Crypto Policy", "remarks": "rule_set_019" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_root_login", + "value": "sshd_use_directory_configuration", "remarks": "rule_set_020" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Root Login", + "value": "Distribute the SSH Server configuration to multiple files in a config directory.", "remarks": "rule_set_020" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_gssapi_auth", + "value": "sshd_disable_root_login", "remarks": "rule_set_021" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GSSAPI Authentication", + "value": "Disable SSH Root Login", "remarks": "rule_set_021" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_print_last_log", + "value": "sshd_disable_gssapi_auth", "remarks": "rule_set_022" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Print Last Log", + "value": "Disable GSSAPI Authentication", "remarks": "rule_set_022" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_do_not_permit_user_env", + "value": "sshd_print_last_log", "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Do Not Allow SSH Environment Options", + "value": "Enable SSH Print Last Log", "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_rhosts", + "value": "sshd_do_not_permit_user_env", "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for .rhosts Files", + "value": "Do Not Allow SSH Environment Options", "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_loglevel_info", + "value": "sshd_disable_rhosts", "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set LogLevel to INFO", + "value": "Disable SSH Support for .rhosts Files", "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_empty_passwords", + "value": "sshd_set_loglevel_info", "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Access via Empty Passwords", + "value": "Set LogLevel to INFO", "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_user_known_hosts", + "value": "sshd_disable_empty_passwords", "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable SSH Support for User Known Hosts", + "value": "Disable SSH Access via Empty Passwords", "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_strictmodes", + "value": "sshd_disable_user_known_hosts", "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Use of Strict Mode Checking", + "value": "Disable SSH Support for User Known Hosts", "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_rsyslog_installed", + "value": "sshd_enable_strictmodes", "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure rsyslog is Installed", + "value": "Enable Use of Strict Mode Checking", "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_rsyslog_enabled", + "value": "package_rsyslog_installed", "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable rsyslog Service", + "value": "Ensure rsyslog is Installed", "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "service_rsyslog_enabled", "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Enable rsyslog Service", "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_flush", + "value": "service_auditd_enabled", "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd flush priority", + "value": "Enable auditd Service", "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_local_events", + "value": "auditd_data_retention_flush", "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Include Local Events in Audit Logs", + "value": "Configure auditd flush priority", "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_write_logs", + "value": "auditd_local_events", "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Write Audit Logs to the Disk", + "value": "Include Local Events in Audit Logs", "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_log_format", + "value": "auditd_write_logs", "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Resolve information before writing to audit logs", + "value": "Write Audit Logs to the Disk", "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_freq", + "value": "auditd_log_format", "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set number of records to cause an explicit flush to audit logs", + "value": "Resolve information before writing to audit logs", "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_name_format", + "value": "auditd_freq", "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set type of computer node name logging in audit logs", + "value": "Set number of records to cause an explicit flush to audit logs", "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "auditd_name_format", "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Set type of computer node name logging in audit logs", "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_adjtimex", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through adjtimex", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_clock_settime", + "value": "audit_rules_time_adjtimex", "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through clock_settime", + "value": "Record attempts to alter time through adjtimex", "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_watch_localtime", + "value": "audit_rules_time_clock_settime", "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter the localtime File", + "value": "Record Attempts to Alter Time Through clock_settime", "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_settimeofday", + "value": "audit_rules_time_watch_localtime", "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through settimeofday", + "value": "Record Attempts to Alter the localtime File", "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_stime", + "value": "audit_rules_time_settimeofday", "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through stime", + "value": "Record attempts to alter time through settimeofday", "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_restorecon", + "value": "audit_rules_time_stime", "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run restorecon", + "value": "Record Attempts to Alter Time Through stime", "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_chcon", + "value": "audit_rules_execution_restorecon", "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run chcon", + "value": "Record Any Attempts to Run restorecon", "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_semanage", + "value": "audit_rules_execution_chcon", "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run semanage", + "value": "Record Any Attempts to Run chcon", "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setsebool", + "value": "audit_rules_execution_semanage", "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setsebool", + "value": "Record Any Attempts to Run semanage", "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_setfiles", + "value": "audit_rules_execution_setsebool", "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run setfiles", + "value": "Record Any Attempts to Run setsebool", "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_execution_seunshare", + "value": "audit_rules_execution_setfiles", "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Any Attempts to Run seunshare", + "value": "Record Any Attempts to Run setfiles", "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_sysadmin_actions", + "value": "audit_rules_execution_seunshare", "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects System Administrator Actions", + "value": "Record Any Attempts to Run seunshare", "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification", + "value": "audit_rules_sysadmin_actions", "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment", + "value": "Ensure auditd Collects System Administrator Actions", "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_group", + "value": "audit_rules_networkconfig_modification", "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/group", + "value": "Record Events that Modify the System's Network Environment", "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_gshadow", + "value": "audit_rules_usergroup_modification_group", "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/gshadow", + "value": "Record Events that Modify User/Group Information - /etc/group", "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_opasswd", + "value": "audit_rules_usergroup_modification_gshadow", "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", + "value": "Record Events that Modify User/Group Information - /etc/gshadow", "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_passwd", + "value": "audit_rules_usergroup_modification_opasswd", "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/passwd", + "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_shadow", + "value": "audit_rules_usergroup_modification_passwd", "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/shadow", + "value": "Record Events that Modify User/Group Information - /etc/passwd", "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chmod", + "value": "audit_rules_usergroup_modification_shadow", "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", + "value": "Record Events that Modify User/Group Information - /etc/shadow", "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chown", + "value": "audit_rules_dac_modification_chmod", "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chown", + "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_kernel_module_loading", + "value": "audit_rules_dac_modification_chown", "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", + "value": "Record Events that Modify the System's Discretionary Access Controls - chown", "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_randomize_va_space", + "value": "audit_rules_kernel_module_loading", "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Randomized Layout of Virtual Address Space", + "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_exec_shield", + "value": "sysctl_kernel_randomize_va_space", "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable ExecShield via sysctl", + "value": "Enable Randomized Layout of Virtual Address Space", "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kptr_restrict", + "value": "sysctl_kernel_exec_shield", "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Exposed Kernel Pointer Addresses Access", + "value": "Enable ExecShield via sysctl", "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_dmesg_restrict", + "value": "sysctl_kernel_kptr_restrict", "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Access to Kernel Message Buffer", + "value": "Restrict Exposed Kernel Pointer Addresses Access", "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_kexec_load_disabled", + "value": "sysctl_kernel_dmesg_restrict", "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kernel Image Loading", + "value": "Restrict Access to Kernel Message Buffer", "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_yama_ptrace_scope", + "value": "sysctl_kernel_kexec_load_disabled", "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict usage of ptrace to descendant processes", + "value": "Disable Kernel Image Loading", "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_kernel_unprivileged_bpf_disabled", + "value": "sysctl_kernel_yama_ptrace_scope", "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", + "value": "Restrict usage of ptrace to descendant processes", "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sysctl_net_core_bpf_jit_harden", + "value": "sysctl_kernel_unprivileged_bpf_disabled", "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Harden the operation of the BPF just-in-time compiler", + "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_state", + "value": "sysctl_net_core_bpf_jit_harden", "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure SELinux State is Enforcing", + "value": "Harden the operation of the BPF just-in-time compiler", "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "selinux_policytype", + "value": "selinux_state", "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SELinux Policy", + "value": "Ensure SELinux State is Enforcing", "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_sgid", + "value": "selinux_policytype", "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All SGID Executables Are Authorized", + "value": "Configure SELinux Policy", "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_suid", + "value": "file_permissions_unauthorized_sgid", "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All SUID Executables Are Authorized", + "value": "Ensure All SGID Executables Are Authorized", "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_unauthorized_world_writable", + "value": "file_permissions_unauthorized_suid", "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure No World-Writable Files Exist", + "value": "Ensure All SUID Executables Are Authorized", "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dir_perms_world_writable_sticky_bits", + "value": "file_permissions_unauthorized_world_writable", "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that All World-Writable Directories Have Sticky Bits Set", + "value": "Ensure No World-Writable Files Exist", "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_library_dirs", + "value": "dir_perms_world_writable_sticky_bits", "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that Shared Library Files Have Restrictive Permissions", + "value": "Verify that All World-Writable Directories Have Sticky Bits Set", "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_binary_dirs", + "value": "file_permissions_library_dirs", "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Root Ownership", + "value": "Verify that Shared Library Files Have Restrictive Permissions", "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_binary_dirs", + "value": "file_ownership_binary_dirs", "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that System Executables Have Restrictive Permissions", + "value": "Verify that System Executables Have Root Ownership", "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_library_dirs", + "value": "file_permissions_binary_dirs", "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that Shared Library Files Have Root Ownership", + "value": "Verify that System Executables Have Restrictive Permissions", "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "file_ownership_library_dirs", "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Verify that Shared Library Files Have Root Ownership", "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_nodev", + "value": "no_empty_passwords", "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nodev Option to /dev/shm", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_nosuid", + "value": "mount_option_dev_shm_nodev", "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add nosuid Option to /dev/shm", + "value": "Add nodev Option to /dev/shm", "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "mount_option_dev_shm_noexec", + "value": "mount_option_dev_shm_nosuid", "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Add noexec Option to /dev/shm", + "value": "Add nosuid Option to /dev/shm", "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_firewalld_installed", + "value": "mount_option_dev_shm_noexec", "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install firewalld Package", + "value": "Add noexec Option to /dev/shm", "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_firewalld_enabled", + "value": "package_firewalld_installed", "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify firewalld Enabled", + "value": "Install firewalld Package", "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_sniffer_disabled", + "value": "service_firewalld_enabled", "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System is Not Acting as a Network Sniffer", + "value": "Verify firewalld Enabled", "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "network_sniffer_disabled", "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Ensure System is Not Acting as a Network Sniffer", "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_minimum_age_login_defs", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Age", + "value": "Set Password Maximum Age", "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "accounts_minimum_age_login_defs", "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Password Minimum Age", "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_kerberos_crypto_policy", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Kerberos to use System Crypto Policy", + "value": "Set Password Warning Age", "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "enable_ldap_client", + "value": "configure_kerberos_crypto_policy", "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the LDAP Client For Use in Authconfig", + "value": "Configure Kerberos to use System Crypto Policy", "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "kerberos_disable_no_keytab", + "value": "enable_ldap_client", "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kerberos by removing host keytab", + "value": "Enable the LDAP Client For Use in Authconfig", "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_nmcli_permissions", + "value": "kerberos_disable_no_keytab", "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", + "value": "Disable Kerberos by removing host keytab", "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_kerberos_enabled", + "value": "network_nmcli_permissions", "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the kerberos_enabled SELinux Boolean", + "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "sebool_kerberos_enabled", "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Enable the kerberos_enabled SELinux Boolean", "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "set_password_hashing_algorithm_libuserconf", "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Set Password Hashing Algorithm in /etc/libuser.conf", "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_passwordauth", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - password-auth", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "set_password_hashing_algorithm_passwordauth", "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set PAM Password Hashing Algorithm - password-auth", "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_minlen_login_defs", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Minimum Length in login.defs", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dcredit", + "value": "accounts_password_minlen_login_defs", "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", + "value": "Set Password Minimum Length in login.defs", "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_lcredit", + "value": "accounts_password_pam_dcredit", "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minclass", + "value": "accounts_password_pam_lcredit", "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", + "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_minclass", "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_ocredit", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_ucredit", + "value": "accounts_password_pam_ocredit", "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "accounts_password_pam_ucredit", "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny_root", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the root Account for Failed Password Attempts", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_interval", + "value": "accounts_passwords_pam_faillock_deny_root", "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interval For Counting Failed Password Attempts", + "value": "Configure the root Account for Failed Password Attempts", "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time", + "value": "accounts_passwords_pam_faillock_interval", "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Set Interval For Counting Failed Password Attempts", "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "accounts_passwords_pam_faillock_unlock_time", "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "require_emergency_target_auth", + "value": "disable_host_auth", "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Require Authentication for Emergency Systemd Target", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_authlogin_nsswitch_use_ldap", + "value": "require_emergency_target_auth", "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", + "value": "Require Authentication for Emergency Systemd Target", "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_authlogin_radius", + "value": "sebool_authlogin_nsswitch_use_ldap", "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable the authlogin_radius SELinux Boolean", + "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_kerb_auth", + "value": "sebool_authlogin_radius", "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Kerberos Authentication", + "value": "Disable the authlogin_radius SELinux Boolean", "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_max_auth_tries", + "value": "sshd_disable_kerb_auth", "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH authentication attempt limit", + "value": "Disable Kerberos Authentication", "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sssd_enable_smartcards", + "value": "sshd_set_max_auth_tries", "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Smartcards in SSSD", + "value": "Set SSH authentication attempt limit", "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_enable_warning_banner", + "value": "sssd_enable_smartcards", "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable SSH Warning Banner", + "value": "Enable Smartcards in SSSD", "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_disable_x11_forwarding", + "value": "sshd_enable_warning_banner", "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable X11 Forwarding", + "value": "Enable SSH Warning Banner", "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed", + "value": "sshd_disable_x11_forwarding", "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses", + "value": "Disable X11 Forwarding", "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed_aarch64", + "value": "audit_access_failed", "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses (AArch64)", + "value": "Configure auditing of unsuccessful file accesses", "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_failed_ppc64le", + "value": "audit_access_failed_aarch64", "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of unsuccessful file accesses (ppc64le)", + "value": "Configure auditing of unsuccessful file accesses (AArch64)", "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success", + "value": "audit_access_failed_ppc64le", "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses", + "value": "Configure auditing of unsuccessful file accesses (ppc64le)", "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success_aarch64", + "value": "audit_access_success", "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses (AArch64)", + "value": "Configure auditing of successful file accesses", "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_access_success_ppc64le", + "value": "audit_access_success_aarch64", "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditing of successful file accesses (ppc64le)", + "value": "Configure auditing of successful file accesses (AArch64)", "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_privileged_commands", + "value": "audit_access_success_ppc64le", "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on the Use of Privileged Commands", + "value": "Configure auditing of successful file accesses (ppc64le)", "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_privileged_commands", "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Ensure auditd Collects Information on the Use of Privileged Commands", "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_creat", + "value": "audit_rules_session_events_wtmp", "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - creat", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open", + "value": "audit_rules_unsuccessful_file_modification_creat", "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open", + "value": "Record Unsuccessful Access Attempts to Files - creat", "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_openat", + "value": "audit_rules_unsuccessful_file_modification_open", "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - openat", + "value": "Record Unsuccessful Access Attempts to Files - open", "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", + "value": "audit_rules_unsuccessful_file_modification_openat", "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", + "value": "Record Unsuccessful Access Attempts to Files - openat", "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_truncate", + "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - truncate", + "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_unsuccessful_file_modification_ftruncate", + "value": "audit_rules_unsuccessful_file_modification_truncate", "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Unsuccessful Access Attempts to Files - ftruncate", + "value": "Record Unsuccessful Access Attempts to Files - truncate", "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "audit_rules_unsuccessful_file_modification_ftruncate", "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Record Unsuccessful Access Attempts to Files - ftruncate", "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sebool_auditadm_exec_content", + "value": "package_audit_installed", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the auditadm_exec_content SELinux Boolean", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_configure_pool_and_server", + "value": "sebool_auditadm_exec_content", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Chrony Configure Pool and Server", + "value": "Enable the auditadm_exec_content SELinux Boolean", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_or_ntpd_specify_multiple_servers", + "value": "chronyd_configure_pool_and_server", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Specify Additional Remote NTP Servers", + "value": "Chrony Configure Pool and Server", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "chronyd_or_ntpd_specify_multiple_servers", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "Specify Additional Remote NTP Servers", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_chrony_installed", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "The Chrony package is installed", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_cron_logging", + "value": "package_chrony_installed", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure cron Is Logging To Rsyslog", + "value": "The Chrony package is installed", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_cron_logging", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure cron Is Logging To Rsyslog", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "rsyslog_files_ownership", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_nolisten", + "value": "rsyslog_files_permissions", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_loghost", + "value": "rsyslog_nolisten", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Logs Sent To Remote Host", + "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_tls", + "value": "rsyslog_remote_loghost", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure TLS for rsyslog remote logging", + "value": "Ensure Logs Sent To Remote Host", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_remote_tls_cacert", + "value": "rsyslog_remote_tls", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure CA certificate for rsyslog remote logging", + "value": "Configure TLS for rsyslog remote logging", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_chronyd_enabled", + "value": "rsyslog_remote_tls_cacert", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "The Chronyd service is enabled", + "value": "Configure CA certificate for rsyslog remote logging", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "service_chronyd_enabled", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "The Chronyd service is enabled", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_snmpd_disabled", + "value": "package_aide_installed", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable snmpd Service", + "value": "Install AIDE", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "snmpd_use_newer_protocol", + "value": "service_snmpd_disabled", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", + "value": "Disable snmpd Service", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "network_ipv6_static_address", + "value": "snmpd_use_newer_protocol", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Manually Assign Global IPv6 Address", + "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "wireless_disable_interfaces", + "value": "network_ipv6_static_address", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Deactivate Wireless Network Interfaces", + "value": "Manually Assign Global IPv6 Address", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_opensc_card_drivers", + "value": "wireless_disable_interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure opensc Smart Card Drivers", + "value": "Deactivate Wireless Network Interfaces", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_opensc_installed", + "value": "configure_opensc_card_drivers", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the opensc Package For Multifactor Authentication", + "value": "Configure opensc Smart Card Drivers", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pcsc-lite_installed", + "value": "package_opensc_installed", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the pcsc-lite package", + "value": "Install the opensc Package For Multifactor Authentication", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_pcsc-lite-ccid_installed", + "value": "package_pcsc-lite_installed", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install the pcsc-lite-ccid package", + "value": "Install the pcsc-lite package", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_sudo_installed", + "value": "package_pcsc-lite-ccid_installed", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install sudo Package", + "value": "Install the pcsc-lite-ccid package", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_pcscd_enabled", + "value": "package_sudo_installed", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the pcscd Service", + "value": "Install sudo Package", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "configure_firewalld_ports", + "value": "service_pcscd_enabled", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure the Firewalld Ports", + "value": "Enable the pcscd Service", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_firewalld_default_zone", + "value": "configure_firewalld_ports", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Default firewalld Zone for Incoming Packets", + "value": "Configure the Firewalld Ports", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_usbguard_installed", + "value": "set_firewalld_default_zone", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install usbguard Package", + "value": "Set Default firewalld Zone for Incoming Packets", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_usbguard_enabled", + "value": "package_usbguard_installed", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable the USBGuard Service", + "value": "Install usbguard Package", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "system_booted_in_fips_mode", + "value": "service_usbguard_enabled", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify that the system was booted with fips=1", + "value": "Enable the USBGuard Service", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "enable_fips_mode", + "value": "system_booted_in_fips_mode", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable FIPS Mode", + "value": "Verify that the system was booted with fips=1", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_sshd_private_key", + "value": "enable_fips_mode", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Permissions on SSH Server Private *_key Key Files", + "value": "Enable FIPS Mode", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_apply_updates", + "value": "file_permissions_sshd_private_key", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Available Updates Automatically", + "value": "Verify Permissions on SSH Server Private *_key Key Files", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_libdnf-plugin-subscription-manager_installed", + "value": "dnf-automatic_apply_updates", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install libdnf-plugin-subscription-manager Package", + "value": "Configure dnf-automatic to Install Available Updates Automatically", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_subscription-manager_installed", + "value": "package_libdnf-plugin-subscription-manager_installed", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install subscription-manager Package", + "value": "Install libdnf-plugin-subscription-manager Package", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "package_subscription-manager_installed", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Install subscription-manager Package", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "secure_boot_enabled", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that Secure Boot is enabled", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_170" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "secure_boot_enabled", + "remarks": "rule_set_171" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Ensure that Secure Boot is enabled", + "remarks": "rule_set_171" } ], "control-implementations": [ { - "uuid": "b40ba9c2-ff53-4768-85ac-684f8cf811e5", + "uuid": "3ea285c1-3c0c-42a8-9d12-4f6801fceb86", "source": "trestle://profiles/rhel10-ism_o-top_secret/profile.json", "description": "Control implementation for ism_o_top_secret", "props": [ @@ -2371,7 +2383,7 @@ ], "implemented-requirements": [ { - "uuid": "4aff10fa-309d-4b6b-8b97-73ca34446edc", + "uuid": "266091db-3abd-4208-8790-dad8e16704bc", "control-id": "ism_o_0422", "description": "No notes for control-id 0422.", "props": [ @@ -2473,7 +2485,7 @@ ] }, { - "uuid": "ce2cbb67-a2a4-47c8-a54c-769fb53a0df3", + "uuid": "d6300952-a2ab-4afc-ac74-09e2905061ed", "control-id": "ism_o_1561", "description": "No notes for control-id 1561.", "props": [ @@ -2575,7 +2587,7 @@ ] }, { - "uuid": "e6237997-523b-453c-9382-df26b8d28a5d", + "uuid": "2fd35f8a-08f7-4438-b575-8ae72ee3cb76", "control-id": "ism_o_1557", "description": "No notes for control-id 1557.", "props": [ @@ -2677,7 +2689,7 @@ ] }, { - "uuid": "af522e6b-c9c8-49bc-9544-2549a7ec1b81", + "uuid": "ac1b0660-3563-4425-9aad-1ada0fb76634", "control-id": "ism_o_1560", "description": "No notes for control-id 1560.", "props": [ @@ -2779,7 +2791,7 @@ ] }, { - "uuid": "9102ae07-d45d-4633-b6a6-0d8c5716e0ad", + "uuid": "f1a86fcb-0b0b-4e3d-a620-bcffb6b3c999", "control-id": "ism_o_0418", "description": "No notes for control-id 0418.", "props": [ @@ -2861,7 +2873,7 @@ ] }, { - "uuid": "4648b35e-c002-4f4b-a4e3-b3a06c4b5ab5", + "uuid": "f00f4240-dd86-48d4-87f6-025f1ed09794", "control-id": "ism_o_0421", "description": "No notes for control-id 0421.", "props": [ @@ -2963,7 +2975,7 @@ ] }, { - "uuid": "7091642f-d19f-44f0-ac3f-a79e103bcc6f", + "uuid": "e75cdeb6-3ef7-4300-81d5-ed6714f35cb2", "control-id": "ism_o_0484", "description": "No notes for control-id 0484.", "props": [ @@ -2990,7 +3002,7 @@ ] }, { - "uuid": "8d3539fa-cfd4-4e03-a600-0caa88f9f6fc", + "uuid": "76cee3b4-7b92-455a-a219-0551cfff6c69", "control-id": "ism_o_0487", "description": "The description for control-id ism_o_0487.", "props": [ @@ -3003,7 +3015,7 @@ ] }, { - "uuid": "1b856f09-b00b-4491-ba54-8416244f18a0", + "uuid": "ab847d4e-d8d7-4b08-81cf-aefd1ba92399", "control-id": "ism_o_0582", "description": "No notes for control-id 0582.", "props": [ @@ -3255,7 +3267,7 @@ ] }, { - "uuid": "6e9b6dce-4744-4d01-ae24-52443b184c64", + "uuid": "8e3285ad-9e11-4cd3-8d38-47fbfb6727fe", "control-id": "ism_o_0846", "description": "No notes for control-id 0846.", "props": [ @@ -3362,7 +3374,7 @@ ] }, { - "uuid": "0510ceaf-bef9-4ec4-9e72-081d50906b90", + "uuid": "845b0378-7632-400c-b2e0-f3acbeeaa60b", "control-id": "ism_o_0974", "description": "This needs reevaluation.", "props": [ @@ -3464,7 +3476,7 @@ ] }, { - "uuid": "38798124-2214-4784-beab-bc630e312df6", + "uuid": "14fbc9fa-d3b8-4ed2-9948-ef02ccd74432", "control-id": "ism_o_0988", "description": "No notes for control-id 0988.", "props": [ @@ -3541,7 +3553,7 @@ ] }, { - "uuid": "e1c9475d-ac9b-408b-92e6-af9a970fed8b", + "uuid": "ebbdad84-e581-4fba-8505-205c33362752", "control-id": "ism_o_1034", "description": "No notes for control-id 1034.", "props": [ @@ -3558,7 +3570,7 @@ ] }, { - "uuid": "bc3d5642-f306-476d-88fc-0f859cba68fe", + "uuid": "8b44642d-77ef-42ee-a7eb-7619c8390074", "control-id": "ism_o_1055", "description": "Needs reevaluation", "props": [ @@ -3635,7 +3647,7 @@ ] }, { - "uuid": "ecfb1966-d589-4d90-9ebb-3f4378c49d15", + "uuid": "fe05b1f0-7c58-49b8-b2df-79b70de75651", "control-id": "ism_o_1173", "description": "No notes for control-id 1173.", "props": [ @@ -3737,7 +3749,7 @@ ] }, { - "uuid": "545b9301-6aab-4c1b-8cce-fa27e33e369a", + "uuid": "06f2fb1d-5f93-49b2-aec7-6c491c6b2f0c", "control-id": "ism_o_1277", "description": "No notes for control-id 1277.", "props": [ @@ -3749,7 +3761,7 @@ ] }, { - "uuid": "cf8e51f3-fa5f-4122-b82a-4598ab0fbe07", + "uuid": "c7c73395-ab03-417a-8b8f-58aa030da82d", "control-id": "ism_o_1288", "description": "No notes for control-id 1288.", "props": [ @@ -3766,7 +3778,7 @@ ] }, { - "uuid": "8d767382-d4f0-49ac-aa6b-ec0393637eb8", + "uuid": "03a7d777-ee0f-4054-9e2a-556f3a654721", "control-id": "ism_o_1311", "description": "No notes for control-id 1311.", "props": [ @@ -3788,7 +3800,7 @@ ] }, { - "uuid": "81e78d21-5c23-4580-bae2-724037f97800", + "uuid": "780575a7-3995-4c79-a1dc-4ab3176cae43", "control-id": "ism_o_1315", "description": "No notes for control-id 1315.", "props": [ @@ -3810,7 +3822,7 @@ ] }, { - "uuid": "69466acc-45c3-406b-9d9a-9529ad364140", + "uuid": "3da087ee-7029-4d10-a936-a766143681e3", "control-id": "ism_o_1319", "description": "No notes for control-id 1319.", "props": [ @@ -3832,7 +3844,7 @@ ] }, { - "uuid": "1309a46d-690f-4d16-9496-e7b120c753e5", + "uuid": "219ac004-1334-4096-b802-467d8ea871f7", "control-id": "ism_o_1341", "description": "No notes for control-id 1341.", "props": [ @@ -3849,7 +3861,7 @@ ] }, { - "uuid": "52f48397-7871-4439-a1af-5a07f0aee92b", + "uuid": "e2e3452c-b6bd-4d4b-a7ea-ab239cbe78b0", "control-id": "ism_o_1386", "description": "This needs reevaluation.", "props": [ @@ -3891,7 +3903,7 @@ ] }, { - "uuid": "331ad53c-142a-4d02-a689-818d804c74fc", + "uuid": "2106aa84-44c7-45ad-b609-7249fac89454", "control-id": "ism_o_1401", "description": "No notes for control-id 1401.", "props": [ @@ -3993,7 +4005,7 @@ ] }, { - "uuid": "ca3f693d-a170-4d58-beab-e5be00378e1c", + "uuid": "b9a74594-e655-4f22-8c40-fef1177540a1", "control-id": "ism_o_1402", "description": "No notes for control-id 1402.", "props": [ @@ -4070,7 +4082,7 @@ ] }, { - "uuid": "f8e36b68-3e03-4634-88f4-130acb64594f", + "uuid": "7385e9fe-1e15-4855-a21a-45ed8b3773e5", "control-id": "ism_o_1405", "description": "No notes for control-id 1405.", "props": [ @@ -4147,7 +4159,7 @@ ] }, { - "uuid": "5d6785a5-0e80-4023-b691-049511b46a7f", + "uuid": "6284921a-79ee-40ed-ad15-3a6905c4b979", "control-id": "ism_o_1416", "description": "No notes for control-id 1416.", "props": [ @@ -4169,7 +4181,7 @@ ] }, { - "uuid": "6a86aca0-0ef6-4049-9ee7-a678ee63dd34", + "uuid": "f0ad7509-716e-4d8e-a65b-a558b171e1dc", "control-id": "ism_o_1417", "description": "No notes for control-id 1417.", "props": [ @@ -4186,7 +4198,7 @@ ] }, { - "uuid": "7bf33a7d-5003-44c6-a08a-325883589d45", + "uuid": "249d39b6-471d-4008-9691-4bf710d69b2e", "control-id": "ism_o_1418", "description": "No notes for control-id 1418.", "props": [ @@ -4208,7 +4220,7 @@ ] }, { - "uuid": "e51d4b8b-4276-4e84-8bac-6694fe7a0fff", + "uuid": "17f6ecdd-8831-489f-b611-daee64382588", "control-id": "ism_o_1446", "description": "No notes for control-id 1446.", "props": [ @@ -4235,7 +4247,7 @@ ] }, { - "uuid": "b315b496-de81-46f1-99fa-993dc872345f", + "uuid": "5f005a57-fd97-402b-a5ec-82a3e1e7648d", "control-id": "ism_o_1449", "description": "This needs more", "props": [ @@ -4252,7 +4264,7 @@ ] }, { - "uuid": "5574772e-79c3-4d2d-a803-4a24108a85fa", + "uuid": "b4d2bbb3-3b74-4d3e-94f2-8d05950e31d2", "control-id": "ism_o_1467", "description": "No notes for control-id 1467.", "props": [ @@ -4279,7 +4291,7 @@ ] }, { - "uuid": "a6904d0e-b8d3-42c6-99f9-60a70ea8a3f3", + "uuid": "e7fe1966-de53-44c1-8eb0-4d2f94988056", "control-id": "ism_o_1483", "description": "No notes for control-id 1483.", "props": [ @@ -4306,7 +4318,7 @@ ] }, { - "uuid": "f2f16e5a-89fa-4ded-89a7-5f3725174c91", + "uuid": "d1c84448-c477-489b-bc4b-e743c15168fc", "control-id": "ism_o_1491", "description": "No notes for control-id 1491.", "props": [ @@ -4323,7 +4335,7 @@ ] }, { - "uuid": "a0ac1ee5-7630-4cb7-8bd1-9e91f2caff20", + "uuid": "c0771038-691f-4b30-a72a-b95b8a4146bc", "control-id": "ism_o_1493", "description": "No notes for control-id 1493.", "props": [ @@ -4367,6 +4379,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -4375,7 +4392,7 @@ ] }, { - "uuid": "87383a85-b4e8-40af-93cd-2f6760c91106", + "uuid": "c88047b7-b56e-4035-9610-a7195cc73277", "control-id": "ism_o_1504", "description": "No notes for control-id 1504.", "props": [ @@ -4477,7 +4494,7 @@ ] }, { - "uuid": "7f1e5a9e-c3fd-49d4-99aa-4b44bc0e5f2f", + "uuid": "407ba320-65d6-4944-af13-2eb6371804a3", "control-id": "ism_o_1505", "description": "No notes for control-id 1505.", "props": [ @@ -4579,7 +4596,7 @@ ] }, { - "uuid": "3ecc932e-79f4-48fd-bd55-e66447771dd7", + "uuid": "f5f3b3c5-052d-456e-8092-a333ed04e18b", "control-id": "ism_o_1506", "description": "As of OpenSSH 7.6, OpenSSH only supports SSH 2.", "props": [ @@ -4591,7 +4608,7 @@ ] }, { - "uuid": "9204dcc7-6a5f-4836-9c5a-62a2c2ca241e", + "uuid": "4963fd69-d261-487e-97d1-f80203c04e7e", "control-id": "ism_o_1546", "description": "No notes for control-id 1546.", "props": [ @@ -4748,7 +4765,7 @@ ] }, { - "uuid": "38a87dba-f4d1-4109-afc2-e856b429d225", + "uuid": "a824b069-9360-4e80-b3eb-de6d7125a7b5", "control-id": "ism_o_1552", "description": "No notes for control-id 1552.", "props": [ @@ -4760,7 +4777,7 @@ ] }, { - "uuid": "5f5640c8-b4fe-4641-9f6d-8122506b7821", + "uuid": "219be049-762e-4615-80df-9b3dc922a95e", "control-id": "ism_o_1558", "description": "No notes for control-id 1558.", "props": [ @@ -4862,7 +4879,7 @@ ] }, { - "uuid": "67763694-6dae-4ccc-9f95-ea34cc985341", + "uuid": "28b30fd3-22f3-4499-8f4f-af714484b119", "control-id": "ism_o_1559", "description": "No notes for control-id 1559.", "props": [ @@ -4964,7 +4981,7 @@ ] }, { - "uuid": "98b2144b-9a1d-4037-839e-3e40c899c079", + "uuid": "ec420e77-b367-4277-b099-cfc546b42944", "control-id": "ism_o_1745", "description": "The description for control-id ism_o_1745.", "props": [ @@ -5156,7 +5173,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -5378,3943 +5395,3967 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_007" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Install sequoia-sq Package", "remarks": "rule_set_007" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_local_packages", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_008" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for Local Packages", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_008" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "ensure_gpgcheck_local_packages", "remarks": "rule_set_009" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Ensure gpgcheck Enabled for Local Packages", "remarks": "rule_set_009" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dnf-automatic_security_updates_only", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_010" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure dnf-automatic to Install Only Security Updates", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_010" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_security_updates_only", + "remarks": "rule_set_011" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Only Security Updates", + "remarks": "rule_set_011" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "dnf-automatic_security_updates_only", + "remarks": "rule_set_011" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Configure dnf-automatic to Install Only Security Updates", + "remarks": "rule_set_011" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_no_uid_except_zero", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Only Root Has UID 0", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_no_uid_except_zero", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Only Root Has UID 0", - "remarks": "rule_set_011" + "remarks": "rule_set_012" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_nopasswd", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD", - "remarks": "rule_set_012" + "remarks": "rule_set_013" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_no_authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_remove_no_authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate", - "remarks": "rule_set_013" + "remarks": "rule_set_014" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_require_authentication", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sudo_require_authentication", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", - "remarks": "rule_set_014" + "remarks": "rule_set_015" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_fapolicyd_installed", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install fapolicyd Package", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_fapolicyd_installed", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install fapolicyd Package", - "remarks": "rule_set_015" + "remarks": "rule_set_016" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_fapolicyd_enabled", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the File Access Policy Service", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_fapolicyd_enabled", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the File Access Policy Service", - "remarks": "rule_set_016" + "remarks": "rule_set_017" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_crypto_policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System Cryptography Policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_crypto_policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure System Cryptography Policy", - "remarks": "rule_set_017" + "remarks": "rule_set_018" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_ssh_crypto_policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SSH to use System Crypto Policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_ssh_crypto_policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SSH to use System Crypto Policy", - "remarks": "rule_set_018" + "remarks": "rule_set_019" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_use_directory_configuration", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Distribute the SSH Server configuration to multiple files in a config directory.", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_use_directory_configuration", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Distribute the SSH Server configuration to multiple files in a config directory.", - "remarks": "rule_set_019" + "remarks": "rule_set_020" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_root_login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Root Login", - "remarks": "rule_set_020" + "remarks": "rule_set_021" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_gssapi_auth", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable GSSAPI Authentication", - "remarks": "rule_set_021" + "remarks": "rule_set_022" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_print_last_log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Print Last Log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_print_last_log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Print Last Log", - "remarks": "rule_set_022" + "remarks": "rule_set_023" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_do_not_permit_user_env", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do Not Allow SSH Environment Options", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_do_not_permit_user_env", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Do Not Allow SSH Environment Options", - "remarks": "rule_set_023" + "remarks": "rule_set_024" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_rhosts", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for .rhosts Files", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_rhosts", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for .rhosts Files", - "remarks": "rule_set_024" + "remarks": "rule_set_025" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_loglevel_info", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set LogLevel to INFO", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_loglevel_info", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set LogLevel to INFO", - "remarks": "rule_set_025" + "remarks": "rule_set_026" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_empty_passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Access via Empty Passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_empty_passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Access via Empty Passwords", - "remarks": "rule_set_026" + "remarks": "rule_set_027" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_user_known_hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for User Known Hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_user_known_hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable SSH Support for User Known Hosts", - "remarks": "rule_set_027" + "remarks": "rule_set_028" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_strictmodes", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Use of Strict Mode Checking", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_strictmodes", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Use of Strict Mode Checking", - "remarks": "rule_set_028" + "remarks": "rule_set_029" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog_installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog is Installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_rsyslog_installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog is Installed", - "remarks": "rule_set_029" + "remarks": "rule_set_030" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_rsyslog_enabled", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable rsyslog Service", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_rsyslog_enabled", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable rsyslog Service", - "remarks": "rule_set_030" + "remarks": "rule_set_031" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_031" + "remarks": "rule_set_032" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_flush", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd flush priority", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_flush", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd flush priority", - "remarks": "rule_set_032" + "remarks": "rule_set_033" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_local_events", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Include Local Events in Audit Logs", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_local_events", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Include Local Events in Audit Logs", - "remarks": "rule_set_033" + "remarks": "rule_set_034" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_write_logs", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Write Audit Logs to the Disk", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_write_logs", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Write Audit Logs to the Disk", - "remarks": "rule_set_034" + "remarks": "rule_set_035" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_log_format", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Resolve information before writing to audit logs", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_log_format", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Resolve information before writing to audit logs", - "remarks": "rule_set_035" + "remarks": "rule_set_036" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_freq", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of records to cause an explicit flush to audit logs", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_freq", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set number of records to cause an explicit flush to audit logs", - "remarks": "rule_set_036" + "remarks": "rule_set_037" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_037" + "remarks": "rule_set_038" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_login_events_faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Logon and Logout Events - faillock", - "remarks": "rule_set_038" + "remarks": "rule_set_039" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_039" + "remarks": "rule_set_040" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_040" + "remarks": "rule_set_041" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_041" + "remarks": "rule_set_042" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_042" + "remarks": "rule_set_043" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_043" + "remarks": "rule_set_044" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run restorecon", - "remarks": "rule_set_044" + "remarks": "rule_set_045" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run chcon", - "remarks": "rule_set_045" + "remarks": "rule_set_046" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run semanage", - "remarks": "rule_set_046" + "remarks": "rule_set_047" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setsebool", - "remarks": "rule_set_047" + "remarks": "rule_set_048" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run setfiles", - "remarks": "rule_set_048" + "remarks": "rule_set_049" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_execution_seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Any Attempts to Run seunshare", - "remarks": "rule_set_049" + "remarks": "rule_set_050" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_050" + "remarks": "rule_set_051" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_051" + "remarks": "rule_set_052" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_052" + "remarks": "rule_set_053" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_053" + "remarks": "rule_set_054" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_054" + "remarks": "rule_set_055" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_055" + "remarks": "rule_set_056" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_056" + "remarks": "rule_set_057" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_057" + "remarks": "rule_set_058" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_058" + "remarks": "rule_set_059" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_kernel_module_loading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Kernel Module Loading and Unloading", - "remarks": "rule_set_059" + "remarks": "rule_set_060" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_randomize_va_space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Randomized Layout of Virtual Address Space", - "remarks": "rule_set_060" + "remarks": "rule_set_061" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_exec_shield", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable ExecShield via sysctl", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_exec_shield", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable ExecShield via sysctl", - "remarks": "rule_set_061" + "remarks": "rule_set_062" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kptr_restrict", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Exposed Kernel Pointer Addresses Access", - "remarks": "rule_set_062" + "remarks": "rule_set_063" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_dmesg_restrict", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict Access to Kernel Message Buffer", - "remarks": "rule_set_063" + "remarks": "rule_set_064" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kexec_load_disabled", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Image Loading", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_kexec_load_disabled", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kernel Image Loading", - "remarks": "rule_set_064" + "remarks": "rule_set_065" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_yama_ptrace_scope", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Restrict usage of ptrace to descendant processes", - "remarks": "rule_set_065" + "remarks": "rule_set_066" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_kernel_unprivileged_bpf_disabled", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Access to Network bpf() Syscall From Unprivileged Processes", - "remarks": "rule_set_066" + "remarks": "rule_set_067" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sysctl_net_core_bpf_jit_harden", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Harden the operation of the BPF just-in-time compiler", - "remarks": "rule_set_067" + "remarks": "rule_set_068" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_state", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure SELinux State is Enforcing", - "remarks": "rule_set_068" + "remarks": "rule_set_069" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "selinux_policytype", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SELinux Policy", - "remarks": "rule_set_069" + "remarks": "rule_set_070" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_sgid", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SGID Executables Are Authorized", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_sgid", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SGID Executables Are Authorized", - "remarks": "rule_set_070" + "remarks": "rule_set_071" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_suid", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SUID Executables Are Authorized", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_suid", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure All SUID Executables Are Authorized", - "remarks": "rule_set_071" + "remarks": "rule_set_072" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_unauthorized_world_writable", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure No World-Writable Files Exist", - "remarks": "rule_set_072" + "remarks": "rule_set_073" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dir_perms_world_writable_sticky_bits", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that All World-Writable Directories Have Sticky Bits Set", - "remarks": "rule_set_073" + "remarks": "rule_set_074" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_library_dirs", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Restrictive Permissions", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_library_dirs", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Restrictive Permissions", - "remarks": "rule_set_074" + "remarks": "rule_set_075" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_binary_dirs", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Root Ownership", - "remarks": "rule_set_075" + "remarks": "rule_set_076" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_binary_dirs", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that System Executables Have Restrictive Permissions", - "remarks": "rule_set_076" + "remarks": "rule_set_077" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_library_dirs", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Root Ownership", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_library_dirs", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that Shared Library Files Have Root Ownership", - "remarks": "rule_set_077" + "remarks": "rule_set_078" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Login to Accounts With Empty Password", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_empty_passwords", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent Login to Accounts With Empty Password", - "remarks": "rule_set_078" + "remarks": "rule_set_079" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nodev", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to /dev/shm", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nodev", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nodev Option to /dev/shm", - "remarks": "rule_set_079" + "remarks": "rule_set_080" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nosuid", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /dev/shm", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_nosuid", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add nosuid Option to /dev/shm", - "remarks": "rule_set_080" + "remarks": "rule_set_081" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_noexec", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /dev/shm", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "mount_option_dev_shm_noexec", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Add noexec Option to /dev/shm", - "remarks": "rule_set_081" + "remarks": "rule_set_082" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_firewalld_installed", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install firewalld Package", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_firewalld_installed", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install firewalld Package", - "remarks": "rule_set_082" + "remarks": "rule_set_083" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_firewalld_enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify firewalld Enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_firewalld_enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify firewalld Enabled", - "remarks": "rule_set_083" + "remarks": "rule_set_084" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_sniffer_disabled", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System is Not Acting as a Network Sniffer", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_sniffer_disabled", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System is Not Acting as a Network Sniffer", - "remarks": "rule_set_084" + "remarks": "rule_set_085" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_maximum_age_login_defs", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Maximum Age", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_maximum_age_login_defs", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Maximum Age", - "remarks": "rule_set_085" + "remarks": "rule_set_086" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_minimum_age_login_defs", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Age", - "remarks": "rule_set_086" + "remarks": "rule_set_087" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_warn_age_login_defs", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Warning Age", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_warn_age_login_defs", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Warning Age", - "remarks": "rule_set_087" + "remarks": "rule_set_088" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_kerberos_crypto_policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kerberos to use System Crypto Policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_kerberos_crypto_policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Kerberos to use System Crypto Policy", - "remarks": "rule_set_088" + "remarks": "rule_set_089" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_ldap_client", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the LDAP Client For Use in Authconfig", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_ldap_client", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the LDAP Client For Use in Authconfig", - "remarks": "rule_set_089" + "remarks": "rule_set_090" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kerberos_disable_no_keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos by removing host keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "kerberos_disable_no_keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos by removing host keytab", - "remarks": "rule_set_090" + "remarks": "rule_set_091" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_nmcli_permissions", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_nmcli_permissions", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Prevent non-Privileged Users from Modifying Network Interfaces using nmcli", - "remarks": "rule_set_091" + "remarks": "rule_set_092" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_kerberos_enabled", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the kerberos_enabled SELinux Boolean", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_kerberos_enabled", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the kerberos_enabled SELinux Boolean", - "remarks": "rule_set_092" + "remarks": "rule_set_093" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_libuserconf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/libuser.conf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_libuserconf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/libuser.conf", - "remarks": "rule_set_093" + "remarks": "rule_set_094" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_logindefs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/login.defs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_logindefs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Hashing Algorithm in /etc/login.defs", - "remarks": "rule_set_094" + "remarks": "rule_set_095" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_passwordauth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - password-auth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_passwordauth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - password-auth", - "remarks": "rule_set_095" + "remarks": "rule_set_096" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_password_hashing_algorithm_systemauth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set PAM Password Hashing Algorithm - system-auth", - "remarks": "rule_set_096" + "remarks": "rule_set_097" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_minlen_login_defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Length in login.defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_minlen_login_defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Password Minimum Length in login.defs", - "remarks": "rule_set_097" + "remarks": "rule_set_098" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_dcredit", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_dcredit", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", - "remarks": "rule_set_098" + "remarks": "rule_set_099" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_lcredit", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_lcredit", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", - "remarks": "rule_set_099" + "remarks": "rule_set_100" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minclass", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Different Categories", - "remarks": "rule_set_100" + "remarks": "rule_set_101" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minlen", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Length", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_minlen", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Length", - "remarks": "rule_set_101" + "remarks": "rule_set_102" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ocredit", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ocredit", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Special Characters", - "remarks": "rule_set_102" + "remarks": "rule_set_103" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ucredit", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_password_pam_ucredit", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters", - "remarks": "rule_set_103" + "remarks": "rule_set_104" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Lock Accounts After Failed Password Attempts", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Lock Accounts After Failed Password Attempts", - "remarks": "rule_set_104" + "remarks": "rule_set_105" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_deny_root", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the root Account for Failed Password Attempts", - "remarks": "rule_set_105" + "remarks": "rule_set_106" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_interval", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interval For Counting Failed Password Attempts", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_interval", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Interval For Counting Failed Password Attempts", - "remarks": "rule_set_106" + "remarks": "rule_set_107" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_unlock_time", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Lockout Time for Failed Password Attempts", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "accounts_passwords_pam_faillock_unlock_time", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Lockout Time for Failed Password Attempts", - "remarks": "rule_set_107" + "remarks": "rule_set_108" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_host_auth", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Host-Based Authentication", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "disable_host_auth", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Host-Based Authentication", - "remarks": "rule_set_108" + "remarks": "rule_set_109" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "require_emergency_target_auth", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require Authentication for Emergency Systemd Target", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "require_emergency_target_auth", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Require Authentication for Emergency Systemd Target", - "remarks": "rule_set_109" + "remarks": "rule_set_110" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_nsswitch_use_ldap", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_nsswitch_use_ldap", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_nsswitch_use_ldap SELinux Boolean", - "remarks": "rule_set_110" + "remarks": "rule_set_111" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_radius", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_radius SELinux Boolean", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_authlogin_radius", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable the authlogin_radius SELinux Boolean", - "remarks": "rule_set_111" + "remarks": "rule_set_112" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_kerb_auth", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos Authentication", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_kerb_auth", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable Kerberos Authentication", - "remarks": "rule_set_112" + "remarks": "rule_set_113" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_max_auth_tries", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set SSH authentication attempt limit", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_set_max_auth_tries", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set SSH authentication attempt limit", - "remarks": "rule_set_113" + "remarks": "rule_set_114" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sssd_enable_smartcards", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Smartcards in SSSD", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sssd_enable_smartcards", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Smartcards in SSSD", - "remarks": "rule_set_114" + "remarks": "rule_set_115" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_warning_banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Warning Banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_enable_warning_banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable SSH Warning Banner", - "remarks": "rule_set_115" + "remarks": "rule_set_116" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_x11_forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable X11 Forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sshd_disable_x11_forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable X11 Forwarding", - "remarks": "rule_set_116" + "remarks": "rule_set_117" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses", - "remarks": "rule_set_117" + "remarks": "rule_set_118" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_aarch64", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (AArch64)", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_aarch64", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (AArch64)", - "remarks": "rule_set_118" + "remarks": "rule_set_119" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_ppc64le", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (ppc64le)", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_failed_ppc64le", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of unsuccessful file accesses (ppc64le)", - "remarks": "rule_set_119" + "remarks": "rule_set_120" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses", - "remarks": "rule_set_120" + "remarks": "rule_set_121" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_aarch64", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (AArch64)", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_aarch64", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (AArch64)", - "remarks": "rule_set_121" + "remarks": "rule_set_122" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_ppc64le", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (ppc64le)", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_access_success_ppc64le", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditing of successful file accesses (ppc64le)", - "remarks": "rule_set_122" + "remarks": "rule_set_123" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_privileged_commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on the Use of Privileged Commands", - "remarks": "rule_set_123" + "remarks": "rule_set_124" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information utmp", - "remarks": "rule_set_124" + "remarks": "rule_set_125" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information btmp", - "remarks": "rule_set_125" + "remarks": "rule_set_126" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_session_events_wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", - "remarks": "rule_set_126" + "remarks": "rule_set_127" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - creat", - "remarks": "rule_set_127" + "remarks": "rule_set_128" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open", - "remarks": "rule_set_128" + "remarks": "rule_set_129" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - openat", - "remarks": "rule_set_129" + "remarks": "rule_set_130" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - open_by_handle_at", - "remarks": "rule_set_130" + "remarks": "rule_set_131" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - truncate", - "remarks": "rule_set_131" + "remarks": "rule_set_132" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_unsuccessful_file_modification_ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Unsuccessful Access Attempts to Files - ftruncate", - "remarks": "rule_set_132" + "remarks": "rule_set_133" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_133" + "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_auditadm_exec_content", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the auditadm_exec_content SELinux Boolean", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "sebool_auditadm_exec_content", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the auditadm_exec_content SELinux Boolean", - "remarks": "rule_set_134" + "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_configure_pool_and_server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Chrony Configure Pool and Server", - "remarks": "rule_set_135" + "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_or_ntpd_specify_multiple_servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify Additional Remote NTP Servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_or_ntpd_specify_multiple_servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Specify Additional Remote NTP Servers", - "remarks": "rule_set_136" + "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_137" + "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_138" + "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_cron_logging", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure cron Is Logging To Rsyslog", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_cron_logging", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure cron Is Logging To Rsyslog", - "remarks": "rule_set_139" + "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_140" + "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_141" + "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_142" + "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_nolisten", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_nolisten", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", - "remarks": "rule_set_143" + "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_loghost", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Logs Sent To Remote Host", - "remarks": "rule_set_144" + "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure TLS for rsyslog remote logging", - "remarks": "rule_set_145" + "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_remote_tls_cacert", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure CA certificate for rsyslog remote logging", - "remarks": "rule_set_146" + "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_chronyd_enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chronyd service is enabled", - "remarks": "rule_set_147" + "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_148" + "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_snmpd_disabled", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable snmpd Service", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_snmpd_disabled", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Disable snmpd Service", - "remarks": "rule_set_149" + "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "snmpd_use_newer_protocol", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "snmpd_use_newer_protocol", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure SNMP Service to Use Only SNMPv3 or Newer", - "remarks": "rule_set_150" + "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_ipv6_static_address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Manually Assign Global IPv6 Address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "network_ipv6_static_address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Manually Assign Global IPv6 Address", - "remarks": "rule_set_151" + "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "wireless_disable_interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Deactivate Wireless Network Interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "wireless_disable_interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Deactivate Wireless Network Interfaces", - "remarks": "rule_set_152" + "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_opensc_card_drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure opensc Smart Card Drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_opensc_card_drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure opensc Smart Card Drivers", - "remarks": "rule_set_153" + "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_opensc_installed", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the opensc Package For Multifactor Authentication", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_opensc_installed", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the opensc Package For Multifactor Authentication", - "remarks": "rule_set_154" + "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite_installed", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite package", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite_installed", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite package", - "remarks": "rule_set_155" + "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite-ccid_installed", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite-ccid package", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_pcsc-lite-ccid_installed", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install the pcsc-lite-ccid package", - "remarks": "rule_set_156" + "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_sudo_installed", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install sudo Package", - "remarks": "rule_set_157" + "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_pcscd_enabled", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the pcscd Service", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_pcscd_enabled", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the pcscd Service", - "remarks": "rule_set_158" + "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_firewalld_ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the Firewalld Ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "configure_firewalld_ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure the Firewalld Ports", - "remarks": "rule_set_159" + "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_firewalld_default_zone", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Default firewalld Zone for Incoming Packets", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "set_firewalld_default_zone", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set Default firewalld Zone for Incoming Packets", - "remarks": "rule_set_160" + "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_usbguard_installed", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install usbguard Package", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_usbguard_installed", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install usbguard Package", - "remarks": "rule_set_161" + "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_usbguard_enabled", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the USBGuard Service", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_usbguard_enabled", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable the USBGuard Service", - "remarks": "rule_set_162" + "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "system_booted_in_fips_mode", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that the system was booted with fips=1", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "system_booted_in_fips_mode", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify that the system was booted with fips=1", - "remarks": "rule_set_163" + "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_fips_mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable FIPS Mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "enable_fips_mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable FIPS Mode", - "remarks": "rule_set_164" + "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_sshd_private_key", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify Permissions on SSH Server Private *_key Key Files", - "remarks": "rule_set_165" + "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_apply_updates", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Available Updates Automatically", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "dnf-automatic_apply_updates", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure dnf-automatic to Install Available Updates Automatically", - "remarks": "rule_set_166" + "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_libdnf-plugin-subscription-manager_installed", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install libdnf-plugin-subscription-manager Package", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_libdnf-plugin-subscription-manager_installed", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install libdnf-plugin-subscription-manager Package", - "remarks": "rule_set_167" + "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_subscription-manager_installed", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install subscription-manager Package", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_subscription-manager_installed", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install subscription-manager Package", - "remarks": "rule_set_168" + "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_shelllogin_for_systemaccounts", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "no_shelllogin_for_systemaccounts", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", - "remarks": "rule_set_169" + "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "secure_boot_enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that Secure Boot is enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "secure_boot_enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that Secure Boot is enabled", - "remarks": "rule_set_170" + "remarks": "rule_set_171" } ], "control-implementations": [ { - "uuid": "702b4091-e7b9-4442-aeca-dcb21eeabc52", + "uuid": "5c38eab1-6288-44d5-862e-2d578847c193", "source": "trestle://profiles/rhel10-ism_o-top_secret/profile.json", "description": "Control implementation for ism_o_top_secret", "props": [ @@ -9400,7 +9441,7 @@ ], "implemented-requirements": [ { - "uuid": "d50c72b4-41c7-4dd5-8b90-4544c4d1ac83", + "uuid": "45501830-5f67-4fa4-8026-1641055bde68", "control-id": "ism_o_0422", "description": "No notes for control-id 0422.", "props": [ @@ -9502,7 +9543,7 @@ ] }, { - "uuid": "5e9294a2-2216-4d9d-bac5-158d5cc298f6", + "uuid": "67725bdd-7591-42c3-a7e6-0666e0e5c9c9", "control-id": "ism_o_1561", "description": "No notes for control-id 1561.", "props": [ @@ -9604,7 +9645,7 @@ ] }, { - "uuid": "d2495034-a4e4-4153-9027-60ad5aa36b3b", + "uuid": "cce93eee-1e00-49b8-9926-eb4ec44c66b8", "control-id": "ism_o_1557", "description": "No notes for control-id 1557.", "props": [ @@ -9706,7 +9747,7 @@ ] }, { - "uuid": "6b67c0af-a363-42de-9b54-d7f49beea285", + "uuid": "add7fa48-facc-4037-bf61-da79f3191305", "control-id": "ism_o_1560", "description": "No notes for control-id 1560.", "props": [ @@ -9808,7 +9849,7 @@ ] }, { - "uuid": "a0bd6f11-7ef4-471a-8297-9d08724a9df2", + "uuid": "951a6a78-005a-4237-a3e6-e31a3d3fe350", "control-id": "ism_o_0418", "description": "No notes for control-id 0418.", "props": [ @@ -9890,7 +9931,7 @@ ] }, { - "uuid": "e0687fa4-cd9d-48d6-94d8-4d3145909e46", + "uuid": "4b02e796-decd-41e7-a03d-29474b23835f", "control-id": "ism_o_0421", "description": "No notes for control-id 0421.", "props": [ @@ -9992,7 +10033,7 @@ ] }, { - "uuid": "0f8c398d-8985-4b94-a7e9-3b4ed8d9cdda", + "uuid": "7b6c0480-6651-4f3c-94a7-2a6fa768934c", "control-id": "ism_o_0484", "description": "No notes for control-id 0484.", "props": [ @@ -10019,7 +10060,7 @@ ] }, { - "uuid": "a15033d6-5692-419f-a614-228eec19ce9c", + "uuid": "aa04dbed-3ae5-4add-bd9e-7d5cb2e50520", "control-id": "ism_o_0487", "description": "The description for control-id ism_o_0487.", "props": [ @@ -10032,7 +10073,7 @@ ] }, { - "uuid": "b0b98f89-9493-40e4-b08d-629151b90cf4", + "uuid": "823e284e-9a75-43a3-9bff-a41501cd99cc", "control-id": "ism_o_0582", "description": "No notes for control-id 0582.", "props": [ @@ -10284,7 +10325,7 @@ ] }, { - "uuid": "8b3bda62-8132-4118-958a-33777785d082", + "uuid": "4d055935-3c6d-4d71-9312-aaa76469e478", "control-id": "ism_o_0846", "description": "No notes for control-id 0846.", "props": [ @@ -10391,7 +10432,7 @@ ] }, { - "uuid": "0f022236-13e8-4743-8c61-ce6f0be160af", + "uuid": "d14b4270-9437-4b70-8b18-f37748fe3342", "control-id": "ism_o_0974", "description": "This needs reevaluation.", "props": [ @@ -10493,7 +10534,7 @@ ] }, { - "uuid": "7424af2c-a854-47ce-8931-36748059d339", + "uuid": "a16ab81b-8df0-45ee-8733-c03af103cc17", "control-id": "ism_o_0988", "description": "No notes for control-id 0988.", "props": [ @@ -10570,7 +10611,7 @@ ] }, { - "uuid": "f1eb2887-45d6-4fad-b30b-cf61d0f681ff", + "uuid": "655c3aef-01b5-4afe-b24c-70d1f2b4c9b1", "control-id": "ism_o_1034", "description": "No notes for control-id 1034.", "props": [ @@ -10587,7 +10628,7 @@ ] }, { - "uuid": "8f16fd21-f9e6-417e-92b9-7e8a54901f98", + "uuid": "172bd056-eb87-4934-a74a-3fa3674c5a02", "control-id": "ism_o_1055", "description": "Needs reevaluation", "props": [ @@ -10664,7 +10705,7 @@ ] }, { - "uuid": "24713f9c-9925-4b77-9d0a-616d53633015", + "uuid": "91b108cf-0c06-41bf-8425-7845b1279e04", "control-id": "ism_o_1173", "description": "No notes for control-id 1173.", "props": [ @@ -10766,7 +10807,7 @@ ] }, { - "uuid": "1f543656-1cba-4063-bfbb-97c30906ec95", + "uuid": "0eb2e411-f78c-491c-b371-5be07ac65572", "control-id": "ism_o_1277", "description": "No notes for control-id 1277.", "props": [ @@ -10778,7 +10819,7 @@ ] }, { - "uuid": "c772c61a-71ae-4938-b5e9-6ebf18b28ff4", + "uuid": "27358c8b-bf13-4dc8-9b34-ab5cdcc8884c", "control-id": "ism_o_1288", "description": "No notes for control-id 1288.", "props": [ @@ -10795,7 +10836,7 @@ ] }, { - "uuid": "1659ec66-b7b0-466f-a09b-8f0962142f83", + "uuid": "add59c32-c899-4dfb-8d97-823e03351507", "control-id": "ism_o_1311", "description": "No notes for control-id 1311.", "props": [ @@ -10817,7 +10858,7 @@ ] }, { - "uuid": "7a0742b4-a9d0-4465-81de-a5b675bbbda9", + "uuid": "bb7291eb-27c3-4b98-859b-f81bb8dcf1bd", "control-id": "ism_o_1315", "description": "No notes for control-id 1315.", "props": [ @@ -10839,7 +10880,7 @@ ] }, { - "uuid": "380ccca6-19bf-4f3d-9ed4-536bd1613fe6", + "uuid": "fa8d0969-301c-4564-ad19-5670f7a781a4", "control-id": "ism_o_1319", "description": "No notes for control-id 1319.", "props": [ @@ -10861,7 +10902,7 @@ ] }, { - "uuid": "5763a26d-3631-4aea-b8ce-0242f0b1e7b4", + "uuid": "11e9ccfc-b2ec-48c5-96ad-6996139f4fa6", "control-id": "ism_o_1341", "description": "No notes for control-id 1341.", "props": [ @@ -10878,7 +10919,7 @@ ] }, { - "uuid": "2e9a0f6d-9f7a-4fd1-9b20-0ecf6a6c30ff", + "uuid": "b7aeb85c-138c-4f92-873e-50c40b12e428", "control-id": "ism_o_1386", "description": "This needs reevaluation.", "props": [ @@ -10920,7 +10961,7 @@ ] }, { - "uuid": "f95ecbc1-57f4-4559-a2fc-d61d0fe4fcb2", + "uuid": "416ebe87-24ca-4946-81a2-7f5e50cb1248", "control-id": "ism_o_1401", "description": "No notes for control-id 1401.", "props": [ @@ -11022,7 +11063,7 @@ ] }, { - "uuid": "3243ca11-4495-49c5-9c40-68f02e4c90af", + "uuid": "5475b649-f8b0-4d2c-b56b-5e772d97f5fc", "control-id": "ism_o_1402", "description": "No notes for control-id 1402.", "props": [ @@ -11099,7 +11140,7 @@ ] }, { - "uuid": "be90006a-3fa8-4f5f-aa1e-b1fa17afcbce", + "uuid": "47e1ac6b-e6bc-4347-8673-22c37bf1d968", "control-id": "ism_o_1405", "description": "No notes for control-id 1405.", "props": [ @@ -11176,7 +11217,7 @@ ] }, { - "uuid": "ceb73ba6-8ff4-4c44-98ea-a1f0d997cdb5", + "uuid": "27188705-1a54-4461-9e75-8cb5642cf4dc", "control-id": "ism_o_1416", "description": "No notes for control-id 1416.", "props": [ @@ -11198,7 +11239,7 @@ ] }, { - "uuid": "47c8d5be-5c7b-4b28-82f5-49f8156f5a26", + "uuid": "150ef267-eb82-4c36-9309-d15f50ddf0b1", "control-id": "ism_o_1417", "description": "No notes for control-id 1417.", "props": [ @@ -11215,7 +11256,7 @@ ] }, { - "uuid": "0083de94-ed0b-40a1-9638-148440ab0532", + "uuid": "fd05c9dc-065a-4776-add5-92a738de0d26", "control-id": "ism_o_1418", "description": "No notes for control-id 1418.", "props": [ @@ -11237,7 +11278,7 @@ ] }, { - "uuid": "76fb6931-1298-490a-9805-cf8a1838abba", + "uuid": "6475f424-0782-4b8b-8a6c-65ffa8165273", "control-id": "ism_o_1446", "description": "No notes for control-id 1446.", "props": [ @@ -11264,7 +11305,7 @@ ] }, { - "uuid": "738ae396-fd61-46fb-9e88-dabfaf9e0feb", + "uuid": "d91efdfb-2249-4485-b27a-99009e473b5b", "control-id": "ism_o_1449", "description": "This needs more", "props": [ @@ -11281,7 +11322,7 @@ ] }, { - "uuid": "07b5963b-5b2c-45a2-9996-1eb82c368104", + "uuid": "9b1185d0-57c5-4346-bb35-7d3595e26a4e", "control-id": "ism_o_1467", "description": "No notes for control-id 1467.", "props": [ @@ -11308,7 +11349,7 @@ ] }, { - "uuid": "5395c7ce-9a70-4452-bc0f-655d2b9ede8c", + "uuid": "d6a1e08c-793a-4443-85ee-b95b6c9c2ff5", "control-id": "ism_o_1483", "description": "No notes for control-id 1483.", "props": [ @@ -11335,7 +11376,7 @@ ] }, { - "uuid": "242bf033-227f-42ec-819b-b1d20c55060d", + "uuid": "74f6a485-caa1-48ef-a7e9-70c394d7e209", "control-id": "ism_o_1491", "description": "No notes for control-id 1491.", "props": [ @@ -11352,7 +11393,7 @@ ] }, { - "uuid": "7244a6fb-5329-41a2-824d-36a0cf76ef7b", + "uuid": "1ee40db5-814b-4653-a7e9-324dfb7dc801", "control-id": "ism_o_1493", "description": "No notes for control-id 1493.", "props": [ @@ -11396,6 +11437,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -11404,7 +11450,7 @@ ] }, { - "uuid": "0de82ae4-c583-4d23-899e-49ca31c7ad07", + "uuid": "b20d5778-de2d-4905-94d8-39e57c3d4c35", "control-id": "ism_o_1504", "description": "No notes for control-id 1504.", "props": [ @@ -11506,7 +11552,7 @@ ] }, { - "uuid": "e1e58200-3985-431e-8b9f-b10931262d14", + "uuid": "2dc4ced9-005e-4cb3-b761-6819d822ffff", "control-id": "ism_o_1505", "description": "No notes for control-id 1505.", "props": [ @@ -11608,7 +11654,7 @@ ] }, { - "uuid": "4e0c1dd6-5c93-4225-8ec0-6da89ad8e70c", + "uuid": "75bbda51-64b5-4957-a140-4b354bbe9854", "control-id": "ism_o_1506", "description": "As of OpenSSH 7.6, OpenSSH only supports SSH 2.", "props": [ @@ -11620,7 +11666,7 @@ ] }, { - "uuid": "85f19927-2e59-4037-89c9-1f9be6aaf003", + "uuid": "2427baae-b748-4992-9ded-3f98dff321f6", "control-id": "ism_o_1546", "description": "No notes for control-id 1546.", "props": [ @@ -11777,7 +11823,7 @@ ] }, { - "uuid": "9e534e5d-9408-4572-a3f0-c7e7f3f0756a", + "uuid": "ae44a4e9-f2ae-490a-9aa2-dfeedaff0dfc", "control-id": "ism_o_1552", "description": "No notes for control-id 1552.", "props": [ @@ -11789,7 +11835,7 @@ ] }, { - "uuid": "aebd7527-0f53-47cc-a98d-6d3ae47c3f79", + "uuid": "111ec0ec-20b3-4add-9216-4d523504e923", "control-id": "ism_o_1558", "description": "No notes for control-id 1558.", "props": [ @@ -11891,7 +11937,7 @@ ] }, { - "uuid": "8c0c1b46-1836-4d15-8f7d-c0d298c4f46d", + "uuid": "9671f6a5-d969-473c-97db-ef0bfc891df9", "control-id": "ism_o_1559", "description": "No notes for control-id 1559.", "props": [ @@ -11993,7 +12039,7 @@ ] }, { - "uuid": "df96d163-9d0c-4c8f-a2ee-2dbe421a65f8", + "uuid": "00c596a4-89ad-42c3-9684-5001edb76a90", "control-id": "ism_o_1745", "description": "The description for control-id ism_o_1745.", "props": [ diff --git a/component-definitions/rhel10/rhel10-pcidss_4-base/component-definition.json b/component-definitions/rhel10/rhel10-pcidss_4-base/component-definition.json index a611b1dc3..364a46f6a 100644 --- a/component-definitions/rhel10/rhel10-pcidss_4-base/component-definition.json +++ b/component-definitions/rhel10/rhel10-pcidss_4-base/component-definition.json @@ -3,8 +3,8 @@ "uuid": "e263ec70-49b2-459f-bfae-283464b2cdcb", "metadata": { "title": "Component definition for rhel10", - "last-modified": "2025-12-11T18:29:55.666458+00:00", - "version": "1.5", + "last-modified": "2025-12-17T11:18:09.672940+00:00", + "version": "1.6", "oscal-version": "1.1.3" }, "components": [ @@ -311,7 +311,7 @@ { "name": "Parameter_Value_Alternatives_15", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -329,7 +329,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -2183,1411 +2183,1423 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Install sequoia-sq Package", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_id", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique User IDs", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_name", + "value": "account_unique_id", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique Names", + "value": "Ensure All Accounts on the System Have Unique User IDs", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "account_unique_name", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure All Accounts on the System Have Unique Names", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_id", + "value": "accounts_root_gid_zero", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group ID", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_name", + "value": "group_unique_id", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group Names", + "value": "Ensure All Groups on the System Have Unique Group ID", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gid_passwd_group_same", + "value": "group_unique_name", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", + "value": "Ensure All Groups on the System Have Unique Group Names", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "gid_passwd_group_same", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_db_up_to_date", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Make sure that the dconf databases are up-to-date with regards to respective keyfiles", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_db_up_to_date", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Make sure that the dconf databases are up-to-date with regards to respective keyfiles", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_activation_enabled", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Screensaver Idle Activation", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_idle_activation_enabled", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Enable GNOME3 Screensaver Idle Activation", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_enabled", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Screensaver Lock After Idle Period", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_mode_blank", + "value": "dconf_gnome_screensaver_lock_enabled", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Blank Screensaver", + "value": "Enable GNOME3 Screensaver Lock After Idle Period", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "dconf_gnome_screensaver_mode_blank", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Implement Blank Screensaver", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_keepalive", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gnome_gdm_disable_automatic_login", + "value": "disable_host_auth", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GDM Automatic Login", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gnome_gdm_disable_guest_login", + "value": "gnome_gdm_disable_automatic_login", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GDM Guest Login", + "value": "Disable GDM Automatic Login", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "gnome_gdm_disable_guest_login", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Disable GDM Guest Login", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_all_shadowed", + "value": "no_empty_passwords", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify All Account Password Hashes are Shadowed", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_all_shadowed", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Verify All Account Password Hashes are Shadowed", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "set_password_hashing_algorithm_libuserconf", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Set Password Hashing Algorithm in /etc/libuser.conf", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "accounts_passwords_pam_faillock_unlock_time", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dcredit", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_lcredit", + "value": "accounts_password_pam_dcredit", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_lcredit", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_remember", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_unix_remember", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Limit Password Reuse", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Maximum Age", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set Password Warning Age", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_direct_root_logins", + "value": "accounts_tmout", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Direct root Logins Not Allowed", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "securetty_root_login_console_only", + "value": "no_direct_root_logins", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Virtual Console Root Logins", + "value": "Direct root Logins Not Allowed", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_suid_privilege_function", + "value": "securetty_root_login_console_only", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events When Privileged Executables Are Run", + "value": "Restrict Virtual Console Root Logins", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "audit_rules_suid_privilege_function", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Record Events When Privileged Executables Are Run", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_lastlog", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - lastlog", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_tallylog", + "value": "audit_rules_login_events_lastlog", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - tallylog", + "value": "Record Attempts to Alter Logon and Logout Events - lastlog", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_login_events_tallylog", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Record Attempts to Alter Logon and Logout Events - tallylog", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_186" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_sudo_log_events", + "value": "audit_rules_session_events_wtmp", "remarks": "rule_set_187" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to perform maintenance activities", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", "remarks": "rule_set_187" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "display_login_attempts", + "value": "audit_sudo_log_events", "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Displays Last Logon/Access Notification", + "value": "Record Attempts to perform maintenance activities", "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_group", + "value": "display_login_attempts", "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/group", + "value": "Ensure PAM Displays Last Logon/Access Notification", "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_gshadow", + "value": "audit_rules_usergroup_modification_group", "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/gshadow", + "value": "Record Events that Modify User/Group Information - /etc/group", "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_opasswd", + "value": "audit_rules_usergroup_modification_gshadow", "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", + "value": "Record Events that Modify User/Group Information - /etc/gshadow", "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_passwd", + "value": "audit_rules_usergroup_modification_opasswd", "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/passwd", + "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_usergroup_modification_shadow", + "value": "audit_rules_usergroup_modification_passwd", "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify User/Group Information - /etc/shadow", + "value": "Record Events that Modify User/Group Information - /etc/passwd", "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_sysadmin_actions", + "value": "audit_rules_usergroup_modification_shadow", "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects System Administrator Actions", + "value": "Record Events that Modify User/Group Information - /etc/shadow", "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_rename", + "value": "audit_rules_sysadmin_actions", "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - rename", + "value": "Ensure auditd Collects System Administrator Actions", "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_renameat", + "value": "audit_rules_file_deletion_events_rename", "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - renameat", + "value": "Ensure auditd Collects File Deletion Events by User - rename", "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_renameat2", + "value": "audit_rules_file_deletion_events_renameat", "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - renameat2", + "value": "Ensure auditd Collects File Deletion Events by User - renameat", "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_rmdir", + "value": "audit_rules_file_deletion_events_renameat2", "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - rmdir", + "value": "Ensure auditd Collects File Deletion Events by User - renameat2", "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_unlink", + "value": "audit_rules_file_deletion_events_rmdir", "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - unlink", + "value": "Ensure auditd Collects File Deletion Events by User - rmdir", "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_file_deletion_events_unlinkat", + "value": "audit_rules_file_deletion_events_unlink", "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", + "value": "Ensure auditd Collects File Deletion Events by User - unlink", "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_media_export", + "value": "audit_rules_file_deletion_events_unlinkat", "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure auditd Collects Information on Exporting to Media (successful)", + "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audit_installed", + "value": "audit_rules_media_export", "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure the audit Subsystem is Installed", + "value": "Ensure auditd Collects Information on Exporting to Media (successful)", "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "service_auditd_enabled", + "value": "package_audit_installed", "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable auditd Service", + "value": "Ensure the audit Subsystem is Installed", "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_name_format", + "value": "service_auditd_enabled", "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set type of computer node name logging in audit logs", + "value": "Enable auditd Service", "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "directory_access_var_log_audit", + "value": "auditd_name_format", "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Access Events to Audit Log Directory", + "value": "Set type of computer node name logging in audit logs", "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_permissions_var_log_audit", + "value": "directory_access_var_log_audit", "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", + "value": "Record Access Events to Audit Log Directory", "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_permissions", + "value": "file_permissions_var_log_audit", "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure System Log Files Have Correct Permissions", + "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_group_ownership_var_log_audit", + "value": "rsyslog_files_permissions", "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Be Group Owned By Root", + "value": "Ensure System Log Files Have Correct Permissions", "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "file_ownership_var_log_audit", + "value": "file_group_ownership_var_log_audit", "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "System Audit Logs Must Be Owned By Root", + "value": "System Audit Logs Must Be Group Owned By Root", "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_ownership", + "value": "file_ownership_var_log_audit", "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate User", + "value": "System Audit Logs Must Be Owned By Root", "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rsyslog_files_groupownership", + "value": "rsyslog_files_ownership", "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Log Files Are Owned By Appropriate Group", + "value": "Ensure Log Files Are Owned By Appropriate User", "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_immutable", + "value": "rsyslog_files_groupownership", "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Make the auditd Configuration Immutable", + "value": "Ensure Log Files Are Owned By Appropriate Group", "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_audispd_syslog_plugin_activated", + "value": "audit_rules_immutable", "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd to use audispd's syslog plugin", + "value": "Make the auditd Configuration Immutable", "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_audispd-plugins_installed", + "value": "auditd_audispd_syslog_plugin_activated", "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install audispd-plugins Package", + "value": "Configure auditd to use audispd's syslog plugin", "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chmod", + "value": "package_audispd-plugins_installed", "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", + "value": "Install audispd-plugins Package", "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_chown", + "value": "audit_rules_dac_modification_chmod", "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - chown", + "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmod", + "value": "audit_rules_dac_modification_chown", "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", + "value": "Record Events that Modify the System's Discretionary Access Controls - chown", "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmodat", + "value": "audit_rules_dac_modification_fchmod", "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchmodat2", + "value": "audit_rules_dac_modification_fchmodat", "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchown", + "value": "audit_rules_dac_modification_fchmodat2", "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fchownat", + "value": "audit_rules_dac_modification_fchown", "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fremovexattr", + "value": "audit_rules_dac_modification_fchownat", "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_fsetxattr", + "value": "audit_rules_dac_modification_fremovexattr", "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lremovexattr", + "value": "audit_rules_dac_modification_fsetxattr", "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lchown", + "value": "audit_rules_dac_modification_lremovexattr", "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", + "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_lsetxattr", + "value": "audit_rules_dac_modification_lchown", "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_removexattr", + "value": "audit_rules_dac_modification_lsetxattr", "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_dac_modification_setxattr", + "value": "audit_rules_dac_modification_removexattr", "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", + "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_networkconfig_modification", + "value": "audit_rules_dac_modification_setxattr", "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Network Environment", + "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_mac_modification_etc_selinux", + "value": "audit_rules_networkconfig_modification", "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", + "value": "Record Events that Modify the System's Network Environment", "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_admin_space_left_action", + "value": "audit_rules_mac_modification_etc_selinux", "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd admin_space_left Action on Low Disk Space", + "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_space_left", + "value": "auditd_data_retention_admin_space_left_action", "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd space_left on Low Disk Space", + "value": "Configure auditd admin_space_left Action on Low Disk Space", "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "auditd_data_retention_space_left_action", + "value": "auditd_data_retention_space_left", "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure auditd space_left Action on Low Disk Space", + "value": "Configure auditd space_left on Low Disk Space", "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_logrotate_installed", + "value": "auditd_data_retention_space_left_action", "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure logrotate is Installed", + "value": "Configure auditd space_left Action on Low Disk Space", "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "timer_logrotate_enabled", + "value": "package_logrotate_installed", "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable logrotate Timer", + "value": "Ensure logrotate is Installed", "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_chrony_installed", + "value": "timer_logrotate_enabled", "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "The Chrony package is installed", + "value": "Enable logrotate Timer", "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_specify_remote_server", + "value": "package_chrony_installed", "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "A remote time server for Chrony is configured", + "value": "The Chrony package is installed", "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_watch_localtime", + "value": "chronyd_specify_remote_server", "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter the localtime File", + "value": "A remote time server for Chrony is configured", "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_settimeofday", + "value": "audit_rules_time_watch_localtime", "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through settimeofday", + "value": "Record Attempts to Alter the localtime File", "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_clock_settime", + "value": "audit_rules_time_settimeofday", "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through clock_settime", + "value": "Record attempts to alter time through settimeofday", "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_stime", + "value": "audit_rules_time_clock_settime", "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Time Through stime", + "value": "Record Attempts to Alter Time Through clock_settime", "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_time_adjtimex", + "value": "audit_rules_time_stime", "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record attempts to alter time through adjtimex", + "value": "Record Attempts to Alter Time Through stime", "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "chronyd_run_as_chrony_user", + "value": "audit_rules_time_adjtimex", "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that chronyd is running under chrony user account", + "value": "Record attempts to alter time through adjtimex", "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_audit_argument", + "value": "chronyd_run_as_chrony_user", "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", + "value": "Ensure that chronyd is running under chrony user account", "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "grub2_audit_backlog_limit_argument", + "value": "grub2_audit_argument", "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Extend Audit Backlog Limit for the Audit Daemon", + "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_build_database", + "value": "grub2_audit_backlog_limit_argument", "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Build and Test AIDE Database", + "value": "Extend Audit Backlog Limit for the Audit Daemon", "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "aide_periodic_cron_checking", + "value": "aide_build_database", "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Configure Periodic Execution of AIDE", + "value": "Build and Test AIDE Database", "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "package_aide_installed", + "value": "aide_periodic_cron_checking", "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Install AIDE", + "value": "Configure Periodic Execution of AIDE", "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rpm_verify_hashes", + "value": "package_aide_installed", "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify File Hashes with RPM", + "value": "Install AIDE", "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "rpm_verify_ownership", + "value": "rpm_verify_hashes", "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify and Correct Ownership with RPM", + "value": "Verify File Hashes with RPM", "remarks": "rule_set_250" + }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "rpm_verify_ownership", + "remarks": "rule_set_251" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Verify and Correct Ownership with RPM", + "remarks": "rule_set_251" } ], "control-implementations": [ { - "uuid": "727a1cf4-0ff4-49d8-8db5-f4223f5bab85", + "uuid": "4779a6da-6150-4929-8109-06b753a76fca", "source": "trestle://profiles/rhel10-pcidss_4-base/profile.json", "description": "Control implementation for pci-dss", "props": [ @@ -3787,7 +3799,7 @@ ], "implemented-requirements": [ { - "uuid": "29f81c65-1f5c-4453-9b82-ded8f4d095dc", + "uuid": "09b34302-3303-455b-b753-e4c6e03e572b", "control-id": "pcidss_4_1-1.1", "description": "The description for control-id pcidss_4_1-1.1.", "props": [ @@ -3800,7 +3812,7 @@ ] }, { - "uuid": "bff9a16b-297b-4a39-834c-974f529238ac", + "uuid": "26bb7bae-8100-4c0f-9d49-bebecd9a7e69", "control-id": "pcidss_4_1-1.2", "description": "The description for control-id pcidss_4_1-1.2.", "props": [ @@ -3813,7 +3825,7 @@ ] }, { - "uuid": "f9d85c91-74dd-4435-ae72-332968b638f0", + "uuid": "465e0763-da72-466d-b52f-dfacc0ac538e", "control-id": "pcidss_4_1-2.1", "description": "Examples of NSCs covered by these configuration standards include, but are not limited to,\nfirewalls, routers configured with access control lists, and cloud virtual networks. The\nobjective of this requirement is to ensure the way that NSCs are configured and operate\nare defined and consistently applied. While the tooling and standards can be automated,\nthe review of allowed accesses should be manual as different sites may have different\npolicies.", "props": [ @@ -3845,7 +3857,7 @@ ] }, { - "uuid": "01cbb26c-8712-4de8-878f-2c013ceb1c2e", + "uuid": "b69fa2b1-3bb7-4bef-adf8-040b08cc6239", "control-id": "pcidss_4_1-2.2", "description": "The description for control-id pcidss_4_1-2.2.", "props": [ @@ -3858,7 +3870,7 @@ ] }, { - "uuid": "ead54f5e-79f2-41e4-9ca4-ba883a4701f5", + "uuid": "45da60f8-f894-42b4-bb6a-dd08bf5e0446", "control-id": "pcidss_4_1-2.3", "description": "The description for control-id pcidss_4_1-2.3.", "props": [ @@ -3871,7 +3883,7 @@ ] }, { - "uuid": "2de5155b-2d13-408f-90f4-22d5e5a712cb", + "uuid": "8630de18-1c14-4625-b0d7-431175526c75", "control-id": "pcidss_4_1-2.4", "description": "The description for control-id pcidss_4_1-2.4.", "props": [ @@ -3884,7 +3896,7 @@ ] }, { - "uuid": "4c793423-c2e1-4955-a52c-5c83f1d071cb", + "uuid": "020e0b13-a298-488f-bfe0-6bf42da71843", "control-id": "pcidss_4_1-2.5", "description": "The description for control-id pcidss_4_1-2.5.", "props": [ @@ -3897,7 +3909,7 @@ ] }, { - "uuid": "36e05a94-4b5f-4008-a7a5-f0793582e79e", + "uuid": "42d2ae87-4d76-4824-99ce-002bad579fef", "control-id": "pcidss_4_1-2.6", "description": "The specific risks associated with the use of insecure services, protocols, and ports are\nunderstood, assessed, and appropriately mitigated. The selected rules here basically\nremove services without encryption and restricted some common services.", "props": [ @@ -3934,7 +3946,7 @@ ] }, { - "uuid": "bce264b1-b6c7-4a8d-8900-388a70101fce", + "uuid": "74142d39-c48c-4ea5-a171-e7f6790026a9", "control-id": "pcidss_4_1-2.7", "description": "The description for control-id pcidss_4_1-2.7.", "props": [ @@ -3947,7 +3959,7 @@ ] }, { - "uuid": "960bb30d-bbc8-4be5-9ff0-87180270f1e9", + "uuid": "7ee51e07-8a1a-4368-bf33-ea2d66a75601", "control-id": "pcidss_4_1-2.8", "description": "No notes for control-id 1.2.8.", "props": [ @@ -3979,7 +3991,7 @@ ] }, { - "uuid": "61de84b8-b751-4d39-ab20-bf0143fe8532", + "uuid": "52cfefd0-9f3f-4210-b938-d850e1d892bc", "control-id": "pcidss_4_1-3.1", "description": "No notes for control-id 1.3.1.", "props": [ @@ -4001,7 +4013,7 @@ ] }, { - "uuid": "82abd6e6-3e94-44e2-abf8-7759f6502306", + "uuid": "48f6144c-752e-4bce-828f-26ffba93116a", "control-id": "pcidss_4_1-3.2", "description": "The description for control-id pcidss_4_1-3.2.", "props": [ @@ -4014,7 +4026,7 @@ ] }, { - "uuid": "850cba27-c263-492e-b633-d138e27b850d", + "uuid": "900ae6ed-bd01-4e44-8457-c3d2ae528e91", "control-id": "pcidss_4_1-3.3", "description": "Wireless interfaces are not expected in servers so they are disabled by default in this\npolicy.", "props": [ @@ -4031,7 +4043,7 @@ ] }, { - "uuid": "bdde9517-173e-4f8b-9c5e-e362670b97d3", + "uuid": "c79cb6d9-b2e6-47e1-81bb-9c7e2ce891d1", "control-id": "pcidss_4_1-4.1", "description": "Trusted and untrusted networks are expected to be different for each environment.\nBut loopback traffic is assumed to be trusted and even necessary for some services.\nThis requirement is complements 1.2.1 and 1.3.1 requirements.", "props": [ @@ -4053,7 +4065,7 @@ ] }, { - "uuid": "c96b45e3-f2a8-4cee-8d97-6d7b1aa8dfd0", + "uuid": "5cb1be33-e5d7-4b03-a8da-0d46bc1d8108", "control-id": "pcidss_4_1-4.2", "description": "Probably missing some relevant IPv6 related rules. Needs to be investigated.", "props": [ @@ -4090,7 +4102,7 @@ ] }, { - "uuid": "0adf7505-01ee-41be-9058-66a8b7fb0f9f", + "uuid": "40b09b2b-99b1-45f6-af89-0aa2ce300b33", "control-id": "pcidss_4_1-4.3", "description": "Probably missing some relevant IPv6 related rules. Needs to be investigated.", "props": [ @@ -4127,7 +4139,7 @@ ] }, { - "uuid": "b77c5836-289d-4ff0-ab34-8f78813607ad", + "uuid": "4a0d4934-d510-4418-b179-85e4b2a6be52", "control-id": "pcidss_4_1-4.4", "description": "The description for control-id pcidss_4_1-4.4.", "props": [ @@ -4140,7 +4152,7 @@ ] }, { - "uuid": "eee73722-8c0a-416d-ba1e-e23bfca3f98d", + "uuid": "7e0681d2-f4e9-4a92-9aba-aed06cc6db23", "control-id": "pcidss_4_1-4.5", "description": "No notes for control-id 1.4.5.", "props": [ @@ -4167,7 +4179,7 @@ ] }, { - "uuid": "e6ed1bcd-35e5-4ba9-97ae-a6016c1fbeb3", + "uuid": "30932674-b2e3-4b6d-be0d-121774862e4b", "control-id": "pcidss_4_1-5.1", "description": "To ensure this requirement, a manual analysis of site policy and topology is inevitable.\nFrom the technical perspective, previous requirements should already cover this\nrequirement at some level.", "props": [ @@ -4179,7 +4191,7 @@ ] }, { - "uuid": "d45d613a-6b62-48d7-bc88-bd52f780569a", + "uuid": "a103140b-cb2e-4d5c-b8d2-9abc07f8efce", "control-id": "pcidss_4_2-1.1", "description": "The description for control-id pcidss_4_2-1.1.", "props": [ @@ -4192,7 +4204,7 @@ ] }, { - "uuid": "c6d9e243-f3c5-42d4-b70d-55134f834faf", + "uuid": "8df47bf8-d610-497d-ac6c-2835c0e50bb2", "control-id": "pcidss_4_2-1.2", "description": "The description for control-id pcidss_4_2-1.2.", "props": [ @@ -4205,7 +4217,7 @@ ] }, { - "uuid": "b10303de-6e67-4aa3-b8fd-369a0d1d8a55", + "uuid": "cb85f7a9-05dd-4b72-8862-fbb1b09de910", "control-id": "pcidss_4_2-2.1", "description": "Interestingly this requirement recommends other standards, such as Center for Internet\nSecurity (CIS), International Organization for Standardization (ISO), National Institute\nof Standards and Technology (NIST), Cloud Security Alliance, and product vendors. So, the\nrules included here are very generic in terms of hardening.", "props": [ @@ -4222,7 +4234,7 @@ ] }, { - "uuid": "886b69fd-0555-4726-8ef9-f6e456aa3bc9", + "uuid": "b92ff121-9a73-4b27-80ee-3e4af67c2ad9", "control-id": "pcidss_4_2-2.2", "description": "Also related to requirement 8.2.6 and 8.3.5.", "props": [ @@ -4244,7 +4256,7 @@ ] }, { - "uuid": "e76c1b37-1c1f-470f-8793-a92cf47de1a8", + "uuid": "1d1e3829-44e1-4420-8eec-9cc424977c30", "control-id": "pcidss_4_2-2.3", "description": "The description for control-id pcidss_4_2-2.3.", "props": [ @@ -4257,7 +4269,7 @@ ] }, { - "uuid": "8f30557e-868f-4b31-a4c1-88d97b825fde", + "uuid": "b6646005-1a9c-4523-878d-c78f9c426176", "control-id": "pcidss_4_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -4314,7 +4326,7 @@ ] }, { - "uuid": "92258432-310a-4591-884d-c2c146b6099f", + "uuid": "47ecfb75-1af9-458d-9363-d220a388ffa3", "control-id": "pcidss_4_2-2.5", "description": "The description for control-id pcidss_4_2-2.5.", "props": [ @@ -4327,7 +4339,7 @@ ] }, { - "uuid": "ab235deb-3014-49ee-8af7-2a7943191471", + "uuid": "632c3492-ebb6-4201-85a8-245400a2d23b", "control-id": "pcidss_4_2-2.6", "description": "This requirement is not specific but also points to 2.2.1, where other policies are\nreferenced. Therefore, the most common rules related to system configuration in order to\nprevent misuse and selected in main profiles are also selected here.", "props": [ @@ -4729,7 +4741,7 @@ ] }, { - "uuid": "0661bdd9-e175-495f-b1e0-baadeaf30863", + "uuid": "3f933195-12ad-4f0f-8903-744e80edfa7e", "control-id": "pcidss_4_2-2.7", "description": "Related to requirement 12.3.3.", "props": [ @@ -4751,7 +4763,7 @@ ] }, { - "uuid": "7af7a465-a612-41a1-80d8-39ee03e6028c", + "uuid": "ceb70ffc-571c-4bfc-b20f-274c3f769b19", "control-id": "pcidss_4_2-3.1", "description": "Wireless interfaces are disabled by 1.3.3.", "props": [ @@ -4763,7 +4775,7 @@ ] }, { - "uuid": "36de20f1-c8ab-4209-9f7e-a845e6fbea0b", + "uuid": "0973befc-e335-4852-a27b-661cf909e1d0", "control-id": "pcidss_4_2-3.2", "description": "Wireless interfaces are disabled by 1.3.3.", "props": [ @@ -4775,7 +4787,7 @@ ] }, { - "uuid": "2668d34e-5dc8-4fd3-8dcf-0d0fb659a383", + "uuid": "d2b4dc97-8b0a-4a90-b867-fd003e86c18e", "control-id": "pcidss_4_3-1.1", "description": "The description for control-id pcidss_4_3-1.1.", "props": [ @@ -4788,7 +4800,7 @@ ] }, { - "uuid": "5400b8b1-e8a1-4d94-adbb-f8ff6991a7fd", + "uuid": "d522ad70-09c8-4369-a8a4-f0e7bcefe1c7", "control-id": "pcidss_4_3-1.2", "description": "The description for control-id pcidss_4_3-1.2.", "props": [ @@ -4801,7 +4813,7 @@ ] }, { - "uuid": "b56ce8b8-144b-4b46-9eef-02c13317a275", + "uuid": "a0d404f8-5eab-45c6-bdc8-defcd241fc02", "control-id": "pcidss_4_3-2.1", "description": "The description for control-id pcidss_4_3-2.1.", "props": [ @@ -4814,7 +4826,7 @@ ] }, { - "uuid": "48f1210b-4603-4718-89f6-679dd6a044d2", + "uuid": "3f28624c-6ee0-4f02-a5d3-a03515362d17", "control-id": "pcidss_4_3-3.1.1", "description": "This requirement consists in auditing files, databases and memory to make sure the full\ncontent of any track is not unnecessarily stored. It involves manual auditing but some\nautomated rules fit this requirement in order to reduce the chances if this data be\nunintentionally stored in memory.", "props": [ @@ -4856,7 +4868,7 @@ ] }, { - "uuid": "ca078aaf-bec6-4c0f-9b06-60b7c8c4a992", + "uuid": "c7c3e795-634d-4f59-9322-7b9acf6e4c64", "control-id": "pcidss_4_3-3.1.2", "description": "Same rules already selected in 3.3.1.1 are valid here, but they are not repeated.", "props": [ @@ -4868,7 +4880,7 @@ ] }, { - "uuid": "811eb658-3616-4c7c-b538-f8477378dc32", + "uuid": "4fe6df5f-c572-4b62-bdcb-e6e2b1f9f5fd", "control-id": "pcidss_4_3-3.1.3", "description": "Same rules already selected in 3.3.1.1 are valid here, but they are not repeated.", "props": [ @@ -4880,7 +4892,7 @@ ] }, { - "uuid": "2e97d984-aa66-4a2d-8a5c-ff6abd859eec", + "uuid": "2b97ff47-a592-46bc-b3b9-625fd48f8ca1", "control-id": "pcidss_4_3-3.2", "description": "The description for control-id pcidss_4_3-3.2.", "props": [ @@ -4893,7 +4905,7 @@ ] }, { - "uuid": "e0d39466-df0d-4e44-89d5-3372ea8a2814", + "uuid": "31802b14-6fba-4fcd-ae09-98f90291e143", "control-id": "pcidss_4_3-3.3", "description": "The description for control-id pcidss_4_3-3.3.", "props": [ @@ -4906,7 +4918,7 @@ ] }, { - "uuid": "04722979-c0d9-4b71-bd19-8ae6b974cd53", + "uuid": "9b4d9003-7416-4c71-96a7-f06dcf820b5c", "control-id": "pcidss_4_3-4.1", "description": "The description for control-id pcidss_4_3-4.1.", "props": [ @@ -4919,7 +4931,7 @@ ] }, { - "uuid": "ae1ecb2f-17fb-43d2-9572-9b661e0bcf15", + "uuid": "eaa65782-4ca5-4877-b6fc-4ada1375f023", "control-id": "pcidss_4_3-4.2", "description": "There are technical rules to disable removable storage devices. However, this requirement\nstill demand some manual auditing in documentation and eventual exceptions.", "props": [ @@ -4946,7 +4958,7 @@ ] }, { - "uuid": "3652d652-a2c8-4d75-b12e-854c1b9e5fd5", + "uuid": "f5dbc0ce-933c-4132-ad98-3142ddfb7bb2", "control-id": "pcidss_4_3-5.1.1", "description": "The description for control-id pcidss_4_3-5.1.1.", "props": [ @@ -4959,7 +4971,7 @@ ] }, { - "uuid": "71ca8c67-a214-4d3a-a460-93e43448d47e", + "uuid": "2b36f7ad-1144-44bf-870b-dc4c47d5a599", "control-id": "pcidss_4_3-5.1.2", "description": "No notes for control-id 3.5.1.2.", "props": [ @@ -4976,7 +4988,7 @@ ] }, { - "uuid": "0586481f-4bc2-4430-9552-066a1aa92704", + "uuid": "9f4a700b-42bb-4555-8d78-e8c05239387d", "control-id": "pcidss_4_3-5.1.3", "description": "The description for control-id pcidss_4_3-5.1.3.", "props": [ @@ -4989,7 +5001,7 @@ ] }, { - "uuid": "c4078050-ec58-44d6-8c37-7ea76fbde711", + "uuid": "71757b85-193c-4055-b209-d63d9f20e682", "control-id": "pcidss_4_3-6.1.1", "description": "The description for control-id pcidss_4_3-6.1.1.", "props": [ @@ -5002,7 +5014,7 @@ ] }, { - "uuid": "988a8612-7544-4a84-90c3-5829ef5d40b3", + "uuid": "b2158d4c-34d8-4995-b3fd-4f3fe784bca5", "control-id": "pcidss_4_3-6.1.2", "description": "The description for control-id pcidss_4_3-6.1.2.", "props": [ @@ -5015,7 +5027,7 @@ ] }, { - "uuid": "855d1866-89cb-41ba-9ed7-0fe96c5e7c91", + "uuid": "667b6cf5-e131-4eac-aec5-bceb3f554b97", "control-id": "pcidss_4_3-6.1.3", "description": "The description for control-id pcidss_4_3-6.1.3.", "props": [ @@ -5028,7 +5040,7 @@ ] }, { - "uuid": "1ecc542b-fa19-478a-a2a7-76d5a65807d9", + "uuid": "ec9c6862-cc89-4cc8-8330-ed41090b0d7e", "control-id": "pcidss_4_3-6.1.4", "description": "The description for control-id pcidss_4_3-6.1.4.", "props": [ @@ -5041,7 +5053,7 @@ ] }, { - "uuid": "43bd4659-83af-4b02-9ec0-a1788c608625", + "uuid": "ec34d477-b131-491a-a179-d4eb15261e5c", "control-id": "pcidss_4_3-7.1", "description": "The description for control-id pcidss_4_3-7.1.", "props": [ @@ -5054,7 +5066,7 @@ ] }, { - "uuid": "ed70ea11-782d-4e88-a26c-eea734890f81", + "uuid": "3b1322fc-6a64-46ba-a25b-7668b0f9322f", "control-id": "pcidss_4_3-7.2", "description": "The description for control-id pcidss_4_3-7.2.", "props": [ @@ -5067,7 +5079,7 @@ ] }, { - "uuid": "8d1924ba-8aa3-4984-8ba6-ecf84c6fd6ce", + "uuid": "d379ad8e-b14a-4dae-8cc8-5b33d8dbc8e3", "control-id": "pcidss_4_3-7.3", "description": "The description for control-id pcidss_4_3-7.3.", "props": [ @@ -5080,7 +5092,7 @@ ] }, { - "uuid": "9045a72c-5a72-424c-8920-327edfbc460d", + "uuid": "49f9482f-8c86-40be-a67e-3228a85eb39f", "control-id": "pcidss_4_3-7.4", "description": "The description for control-id pcidss_4_3-7.4.", "props": [ @@ -5093,7 +5105,7 @@ ] }, { - "uuid": "60288641-124f-4ef9-aec6-61068c9f1a54", + "uuid": "2efc6811-38bd-467f-af9c-b7130fa295a4", "control-id": "pcidss_4_3-7.5", "description": "The description for control-id pcidss_4_3-7.5.", "props": [ @@ -5106,7 +5118,7 @@ ] }, { - "uuid": "e3a74562-de53-4493-9917-e8565609cdd5", + "uuid": "055d258a-5d8e-48eb-8886-deeb51d5a712", "control-id": "pcidss_4_3-7.6", "description": "The description for control-id pcidss_4_3-7.6.", "props": [ @@ -5119,7 +5131,7 @@ ] }, { - "uuid": "818311ec-9543-4998-8dc2-82ac6ffdd8f6", + "uuid": "aed9eae8-17f7-4ea7-8506-5430ab9e75d0", "control-id": "pcidss_4_3-7.7", "description": "The description for control-id pcidss_4_3-7.7.", "props": [ @@ -5132,7 +5144,7 @@ ] }, { - "uuid": "e72e8508-662d-42cd-a75a-6ebe380d8a70", + "uuid": "1d062fb0-519e-48b8-b3cf-57a917a00245", "control-id": "pcidss_4_3-7.8", "description": "The description for control-id pcidss_4_3-7.8.", "props": [ @@ -5145,7 +5157,7 @@ ] }, { - "uuid": "3e3cb974-941e-4c02-8a26-fb7d05fca0c8", + "uuid": "61c17fc7-8193-4055-b68f-0aa33c2f4be4", "control-id": "pcidss_4_3-7.9", "description": "The description for control-id pcidss_4_3-7.9.", "props": [ @@ -5158,7 +5170,7 @@ ] }, { - "uuid": "fc7836b1-b919-4416-93eb-aab03c1ef437", + "uuid": "39361890-8b3a-482e-8525-17f8a7208700", "control-id": "pcidss_4_4-1.1", "description": "The description for control-id pcidss_4_4-1.1.", "props": [ @@ -5171,7 +5183,7 @@ ] }, { - "uuid": "bf57f218-496d-46b8-aa8d-fac010ace742", + "uuid": "be801bff-6e92-4357-a104-64468ac87c62", "control-id": "pcidss_4_4-1.2", "description": "The description for control-id pcidss_4_4-1.2.", "props": [ @@ -5184,7 +5196,7 @@ ] }, { - "uuid": "1c6b8af1-4c3d-4b3a-a032-adaadc20fe64", + "uuid": "494499f9-a161-47a1-9163-52463ab40808", "control-id": "pcidss_4_4-2.1.1", "description": "The description for control-id pcidss_4_4-2.1.1.", "props": [ @@ -5197,7 +5209,7 @@ ] }, { - "uuid": "ee3abdc5-a0f5-45e2-a83e-4de0599d579d", + "uuid": "ee1578f2-7886-4fc4-981f-eabab90a59e9", "control-id": "pcidss_4_4-2.1.2", "description": "The description for control-id pcidss_4_4-2.1.2.", "props": [ @@ -5210,7 +5222,7 @@ ] }, { - "uuid": "2e4f8e9e-40f0-4384-8721-6a686016fd22", + "uuid": "3b4f50bc-50a8-484c-a0cd-371dfc9447c2", "control-id": "pcidss_4_4-2.2", "description": "The description for control-id pcidss_4_4-2.2.", "props": [ @@ -5223,7 +5235,7 @@ ] }, { - "uuid": "709d1f99-55e4-454d-a2b0-8d1b4123aa47", + "uuid": "a22f7414-05cc-4435-8710-d6ca1319e45d", "control-id": "pcidss_4_5-1.1", "description": "The description for control-id pcidss_4_5-1.1.", "props": [ @@ -5236,7 +5248,7 @@ ] }, { - "uuid": "de7ce4a9-b41c-4d89-a850-6ddf55fbce48", + "uuid": "31858cb9-9e7f-45ad-8a1f-6225b6bd4afd", "control-id": "pcidss_4_5-1.2", "description": "The description for control-id pcidss_4_5-1.2.", "props": [ @@ -5249,7 +5261,7 @@ ] }, { - "uuid": "7e97c10b-112b-4329-bcb4-de7cfd403a5a", + "uuid": "d7ceff20-03e5-4e1b-8334-f8d625cfefbb", "control-id": "pcidss_4_5-2.1", "description": "There are many options of anti-malware and the criteria for any adopted solution or\napproach relies on each site policy. Technologies are supported but manual assessment is\nrequired.", "props": [ @@ -5261,7 +5273,7 @@ ] }, { - "uuid": "95bbee71-df56-4447-964f-f778d73f72e6", + "uuid": "710c0473-e64e-449a-8393-7e9f01e121d0", "control-id": "pcidss_4_5-2.2", "description": "The description for control-id pcidss_4_5-2.2.", "props": [ @@ -5274,7 +5286,7 @@ ] }, { - "uuid": "51e18fd8-a2d4-4da4-a643-55497b760a60", + "uuid": "6d50cafb-4ad0-42be-87c4-f616eee84647", "control-id": "pcidss_4_5-2.3.1", "description": "The description for control-id pcidss_4_5-2.3.1.", "props": [ @@ -5287,7 +5299,7 @@ ] }, { - "uuid": "0cf3368e-ec75-453c-bbcd-170e8351cd67", + "uuid": "ef7f7b61-d83f-4a09-9d50-14d064c669ab", "control-id": "pcidss_4_5-3.1", "description": "The description for control-id pcidss_4_5-3.1.", "props": [ @@ -5300,7 +5312,7 @@ ] }, { - "uuid": "aaf58f8e-640b-4780-835a-6100df1b26c0", + "uuid": "9b5f606b-b061-4b54-8302-fe09ee417204", "control-id": "pcidss_4_5-3.2.1", "description": "The description for control-id pcidss_4_5-3.2.1.", "props": [ @@ -5313,7 +5325,7 @@ ] }, { - "uuid": "6a039b59-eb92-4a6b-bbd0-c82393f8f6ce", + "uuid": "71366f05-eb6a-4c66-ba77-9cf6b03dab90", "control-id": "pcidss_4_5-3.3", "description": "The description for control-id pcidss_4_5-3.3.", "props": [ @@ -5326,7 +5338,7 @@ ] }, { - "uuid": "e828f5dc-d429-44f7-85a2-6cf7e0e59d4b", + "uuid": "ea7a54da-6fd0-4fd1-9843-353cb219959b", "control-id": "pcidss_4_5-3.4", "description": "The description for control-id pcidss_4_5-3.4.", "props": [ @@ -5339,7 +5351,7 @@ ] }, { - "uuid": "3847a29d-300e-4117-bea8-e69543973952", + "uuid": "30552798-8021-4029-8502-fbf5d1e68791", "control-id": "pcidss_4_5-3.5", "description": "The description for control-id pcidss_4_5-3.5.", "props": [ @@ -5352,7 +5364,7 @@ ] }, { - "uuid": "6e8e1cbf-cb09-4fcc-bcb3-e168f7d83814", + "uuid": "4858287c-2c42-4b36-82c5-55de505922b6", "control-id": "pcidss_4_5-4.1", "description": "The description for control-id pcidss_4_5-4.1.", "props": [ @@ -5365,7 +5377,7 @@ ] }, { - "uuid": "02164858-5cdb-4797-bc96-181328a98f9d", + "uuid": "2dee6113-bd47-4e37-86de-8f013f200ae1", "control-id": "pcidss_4_6-1.1", "description": "The description for control-id pcidss_4_6-1.1.", "props": [ @@ -5378,7 +5390,7 @@ ] }, { - "uuid": "fd5acf57-6328-46f3-a309-8020c3d31661", + "uuid": "99ab4986-5ee5-418a-9a38-c546afb0e3eb", "control-id": "pcidss_4_6-1.2", "description": "The description for control-id pcidss_4_6-1.2.", "props": [ @@ -5391,7 +5403,7 @@ ] }, { - "uuid": "54fabd1b-8c7a-4b80-b2b7-5c0866d1ca15", + "uuid": "1e6c05de-4933-4376-b889-b4f675b8e1ed", "control-id": "pcidss_4_6-2.1", "description": "The description for control-id pcidss_4_6-2.1.", "props": [ @@ -5404,7 +5416,7 @@ ] }, { - "uuid": "c483e29c-bc8f-4880-b5ea-41a00a9a5f8d", + "uuid": "95d4832d-87a6-4d0c-9d80-6d4f0736c11a", "control-id": "pcidss_4_6-2.2", "description": "The description for control-id pcidss_4_6-2.2.", "props": [ @@ -5417,7 +5429,7 @@ ] }, { - "uuid": "141036c4-ba14-4f6e-93cd-366087c85477", + "uuid": "7d14eb4e-481c-437c-898a-4b437f49fc8c", "control-id": "pcidss_4_6-2.3.1", "description": "The description for control-id pcidss_4_6-2.3.1.", "props": [ @@ -5430,7 +5442,7 @@ ] }, { - "uuid": "dd701611-25e2-48f3-af01-3f0bd27998fe", + "uuid": "a703ba20-c683-4c14-854a-2ead162792de", "control-id": "pcidss_4_6-2.4", "description": "The description for control-id pcidss_4_6-2.4.", "props": [ @@ -5443,7 +5455,7 @@ ] }, { - "uuid": "bade0302-8df0-4c89-b132-1b96339481c8", + "uuid": "b978c13d-255d-459d-b1ad-d8d3b93029c0", "control-id": "pcidss_4_6-3.1", "description": "The description for control-id pcidss_4_6-3.1.", "props": [ @@ -5456,7 +5468,7 @@ ] }, { - "uuid": "b6ea7341-1b30-40bb-aa4b-7caf91a0f9d5", + "uuid": "4c7220e1-dd84-466c-90cd-8545f499bd1f", "control-id": "pcidss_4_6-3.2", "description": "The description for control-id pcidss_4_6-3.2.", "props": [ @@ -5469,7 +5481,7 @@ ] }, { - "uuid": "f082e536-9526-4860-b745-695dbfb9f737", + "uuid": "69cee302-ddc2-4c6c-a90d-48975c8f799d", "control-id": "pcidss_4_6-3.3", "description": "No notes for control-id 6.3.3.", "props": [ @@ -5483,6 +5495,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -5496,7 +5513,7 @@ ] }, { - "uuid": "34296d1c-5dfe-4db8-8747-1f2fb675ac99", + "uuid": "4825843e-471c-4477-bc3b-283a5be21de9", "control-id": "pcidss_4_6-4.1", "description": "The description for control-id pcidss_4_6-4.1.", "props": [ @@ -5509,7 +5526,7 @@ ] }, { - "uuid": "723f1ab1-3c4f-44ed-b06c-7145dfb396b0", + "uuid": "c1fc573c-d4dc-4190-a31e-57db8b3f6861", "control-id": "pcidss_4_6-4.2", "description": "The description for control-id pcidss_4_6-4.2.", "props": [ @@ -5522,7 +5539,7 @@ ] }, { - "uuid": "cd32ecf1-3611-45f6-a60c-abe1621d978f", + "uuid": "03395da0-ef36-4e44-80cc-415be3184c5f", "control-id": "pcidss_4_6-4.3", "description": "The description for control-id pcidss_4_6-4.3.", "props": [ @@ -5535,7 +5552,7 @@ ] }, { - "uuid": "b6396e11-f068-47f5-ba65-f3d8cd2a1179", + "uuid": "73e500cb-884e-4dbc-9c08-bc70e2fadf4c", "control-id": "pcidss_4_6-5.1", "description": "The description for control-id pcidss_4_6-5.1.", "props": [ @@ -5548,7 +5565,7 @@ ] }, { - "uuid": "1304c543-f651-4f6a-9d58-6fe5a7278dfc", + "uuid": "dd34710a-af3a-40cf-ab15-a2a93d209749", "control-id": "pcidss_4_6-5.2", "description": "The description for control-id pcidss_4_6-5.2.", "props": [ @@ -5561,7 +5578,7 @@ ] }, { - "uuid": "548d3921-7656-481b-b285-96bba602b8ad", + "uuid": "67860641-cfe9-419e-8958-ffed1a77a187", "control-id": "pcidss_4_6-5.3", "description": "The description for control-id pcidss_4_6-5.3.", "props": [ @@ -5574,7 +5591,7 @@ ] }, { - "uuid": "234a8ff2-af6b-43e3-9ea3-0b1393e75c7f", + "uuid": "01032535-b9d2-46e7-9f6a-6df16b081225", "control-id": "pcidss_4_6-5.4", "description": "The description for control-id pcidss_4_6-5.4.", "props": [ @@ -5587,7 +5604,7 @@ ] }, { - "uuid": "8485c0fe-1c57-4133-a510-d21b0bcd4deb", + "uuid": "17ddd318-3b02-4782-9a7b-e7804933aef5", "control-id": "pcidss_4_6-5.5", "description": "The description for control-id pcidss_4_6-5.5.", "props": [ @@ -5600,7 +5617,7 @@ ] }, { - "uuid": "079a70c3-ab9a-4300-90e8-ffd929526c68", + "uuid": "32b12843-d548-4b91-a231-7b36a8aac1f2", "control-id": "pcidss_4_6-5.6", "description": "The description for control-id pcidss_4_6-5.6.", "props": [ @@ -5613,7 +5630,7 @@ ] }, { - "uuid": "b8049f3a-5dc3-4577-b381-d36048a341d1", + "uuid": "c124b4e9-672b-4177-957e-0aca38347a0d", "control-id": "pcidss_4_7-1.1", "description": "The description for control-id pcidss_4_7-1.1.", "props": [ @@ -5626,7 +5643,7 @@ ] }, { - "uuid": "8e7cf615-20e6-4af1-8333-31932f6942a2", + "uuid": "2d2e07f1-a89c-488a-b9cd-e1551af4fe5d", "control-id": "pcidss_4_7-1.2", "description": "The description for control-id pcidss_4_7-1.2.", "props": [ @@ -5639,7 +5656,7 @@ ] }, { - "uuid": "ae7cf883-308e-433f-a1fa-70e65a87bc3e", + "uuid": "41cd3797-1015-43df-bfe8-3f294c87ae9e", "control-id": "pcidss_4_7-2.1", "description": "The description for control-id pcidss_4_7-2.1.", "props": [ @@ -5652,7 +5669,7 @@ ] }, { - "uuid": "b1aa17b0-229a-4301-ab20-cf3727f84d42", + "uuid": "2cd3ab9d-0e26-4ad2-8c61-3ec647616c8b", "control-id": "pcidss_4_7-2.2", "description": "The description for control-id pcidss_4_7-2.2.", "props": [ @@ -5665,7 +5682,7 @@ ] }, { - "uuid": "73cded1f-1cc2-4c6d-8e8e-3218ef6511ab", + "uuid": "59580ec7-73ed-47d6-a5e8-1b2789d041f6", "control-id": "pcidss_4_7-2.3", "description": "The description for control-id pcidss_4_7-2.3.", "props": [ @@ -5678,7 +5695,7 @@ ] }, { - "uuid": "8cd37644-2276-4c3c-add8-dc67d04d3fbb", + "uuid": "c0322567-aed0-42a7-9ac1-ada29c842061", "control-id": "pcidss_4_7-2.4", "description": "The description for control-id pcidss_4_7-2.4.", "props": [ @@ -5691,7 +5708,7 @@ ] }, { - "uuid": "7413a0d3-6f40-4f4c-b2d4-76d2d9e5abdf", + "uuid": "f9b49b3f-325a-4c71-955b-a7cb9241eb7f", "control-id": "pcidss_4_7-2.5.1", "description": "The description for control-id pcidss_4_7-2.5.1.", "props": [ @@ -5704,7 +5721,7 @@ ] }, { - "uuid": "4bd0e64d-88d7-4c0d-980a-8a9c19209300", + "uuid": "65b1afdd-1128-4bc0-99a4-cc34398069d4", "control-id": "pcidss_4_7-2.6", "description": "The description for control-id pcidss_4_7-2.6.", "props": [ @@ -5717,7 +5734,7 @@ ] }, { - "uuid": "922c0cb9-98a9-491d-9312-d72a7de1c769", + "uuid": "4a2716f9-06fe-4d3b-aca9-30587ca0a3dd", "control-id": "pcidss_4_7-3.1", "description": "The description for control-id pcidss_4_7-3.1.", "props": [ @@ -5730,7 +5747,7 @@ ] }, { - "uuid": "762b9272-b798-4c84-aa2d-6d0ec9d187dc", + "uuid": "deac304e-1629-42ad-a5ad-e7d2b1c5f9b0", "control-id": "pcidss_4_7-3.2", "description": "The description for control-id pcidss_4_7-3.2.", "props": [ @@ -5743,7 +5760,7 @@ ] }, { - "uuid": "5908739f-89d1-4535-bae9-cdb4479075a4", + "uuid": "ad240a48-61a0-43d2-b838-6ff22d3295f4", "control-id": "pcidss_4_7-3.3", "description": "The description for control-id pcidss_4_7-3.3.", "props": [ @@ -5756,7 +5773,7 @@ ] }, { - "uuid": "c1526d7e-6f52-4021-aaa2-e43540bae12a", + "uuid": "4c0e02a9-3388-46c5-8cdc-2a4e76fc176f", "control-id": "pcidss_4_8-1.1", "description": "The description for control-id pcidss_4_8-1.1.", "props": [ @@ -5769,7 +5786,7 @@ ] }, { - "uuid": "588037cc-9a1a-4850-9b2b-9e7fab78af81", + "uuid": "ac8a0fd3-e5f4-4fd7-89fb-b36988041196", "control-id": "pcidss_4_8-1.2", "description": "The description for control-id pcidss_4_8-1.2.", "props": [ @@ -5782,7 +5799,7 @@ ] }, { - "uuid": "657f62fd-d23a-4409-917d-edbd31033bdf", + "uuid": "dc2655f2-2600-42e0-afcc-9c840aec57d2", "control-id": "pcidss_4_8-2.1", "description": "The description for control-id pcidss_4_8-2.1.", "props": [ @@ -5825,7 +5842,7 @@ ] }, { - "uuid": "0aabdc9d-618b-4c32-b06a-a6344c2f36a7", + "uuid": "1ff2331e-2e4c-4299-9533-00862185d49d", "control-id": "pcidss_4_8-2.2", "description": "This requirement is complemented by 8.2.1 and related to 8.3.5.", "props": [ @@ -5852,7 +5869,7 @@ ] }, { - "uuid": "26940715-df78-46a9-b639-0b6416a5a6d3", + "uuid": "f5889f0d-fd66-4476-b2a8-75bd8c6b6de3", "control-id": "pcidss_4_8-2.3", "description": "The description for control-id pcidss_4_8-2.3.", "props": [ @@ -5865,7 +5882,7 @@ ] }, { - "uuid": "e1c71b98-42c3-4c43-958e-f0e4788f8784", + "uuid": "97e72e44-666f-4ade-9381-499e4edfec99", "control-id": "pcidss_4_8-2.4", "description": "The description for control-id pcidss_4_8-2.4.", "props": [ @@ -5878,7 +5895,7 @@ ] }, { - "uuid": "e031a370-4268-404d-89c8-1eaa5bc36438", + "uuid": "a246f6a3-fd75-4095-a20b-1925d3b0a88c", "control-id": "pcidss_4_8-2.5", "description": "The description for control-id pcidss_4_8-2.5.", "props": [ @@ -5891,7 +5908,7 @@ ] }, { - "uuid": "a27df131-e904-411a-8725-a669514cfcf8", + "uuid": "b9d45bad-a273-4f8e-9085-3e30a2f9ac87", "control-id": "pcidss_4_8-2.6", "description": "Also related to requirements 2.2.2 and 8.3.5.", "props": [ @@ -5913,7 +5930,7 @@ ] }, { - "uuid": "6028ef50-d338-40b4-af66-725a35489ef1", + "uuid": "c3860dc7-b4ca-4415-9402-e3980687a910", "control-id": "pcidss_4_8-2.7", "description": "The description for control-id pcidss_4_8-2.7.", "props": [ @@ -5926,7 +5943,7 @@ ] }, { - "uuid": "6d18fbaf-8943-4dc3-b0e4-6e8ebcebf363", + "uuid": "471899d7-dc05-4e71-9810-762ae40089ec", "control-id": "pcidss_4_8-2.8", "description": "No notes for control-id 8.2.8.", "props": [ @@ -5983,7 +6000,7 @@ ] }, { - "uuid": "4833d30c-fde6-408f-aa3e-78f235c82969", + "uuid": "60c3f81a-5860-4323-97c7-f00e2a8752e0", "control-id": "pcidss_4_8-3.1", "description": "No notes for control-id 8.3.1.", "props": [ @@ -6015,7 +6032,7 @@ ] }, { - "uuid": "1f7f55a5-c117-4d90-974b-9fb42bd6c137", + "uuid": "042624e1-841d-4334-a08d-f951f99c5e46", "control-id": "pcidss_4_8-3.2", "description": "There are similar rules that might be redundant for some distros.", "props": [ @@ -6047,7 +6064,7 @@ ] }, { - "uuid": "e9746978-385a-41ea-8ccc-8a377a2fafbf", + "uuid": "166b2d85-e15a-4c95-8cce-38f1381ff14a", "control-id": "pcidss_4_8-3.3", "description": "The description for control-id pcidss_4_8-3.3.", "props": [ @@ -6060,7 +6077,7 @@ ] }, { - "uuid": "2273fcb4-5729-4695-8462-68c13cb3fd4c", + "uuid": "f6d7aea1-1379-4fc4-959c-eb1d3b40af72", "control-id": "pcidss_4_8-3.4", "description": "No notes for control-id 8.3.4.", "props": [ @@ -6082,7 +6099,7 @@ ] }, { - "uuid": "ef1688d9-eb16-4c25-b502-3fd34a1d593e", + "uuid": "ebf2701d-cbbd-4231-b151-589626f37299", "control-id": "pcidss_4_8-3.5", "description": "Also related to requirement 2.2.2, 8.2.2 and 8.2.6.", "props": [ @@ -6099,7 +6116,7 @@ ] }, { - "uuid": "4eb087c7-692c-49d0-b8b5-b87e88510958", + "uuid": "ae220150-01c1-4d1e-9de0-5dbac112b516", "control-id": "pcidss_4_8-3.6", "description": "This requirement is not intended to apply to:\n- User accounts on point-of-sale terminals that have access to only one card number at a\ntime to facilitate a single transaction (such as IDs used by cashiers on point-of-sale\nterminals).\n- Application or system accounts, which are governed by requirements in section 8.6.", "props": [ @@ -6126,7 +6143,7 @@ ] }, { - "uuid": "f2df9d53-261b-48d4-9d4b-39950d45a598", + "uuid": "6ae40633-d574-4af9-a8be-c5d5cbff2801", "control-id": "pcidss_4_8-3.7", "description": "This requirement is not intended to apply to user accounts on point-of-sale terminals that\nhave access to only one card number at a time to facilitate a single transaction (such as\nIDs used by cashiers on point-of-sale terminals).\nFor RHEL 8 and RHEL 9 systems, the accounts_password_pam_pwhistory_... rules should be\nprefered in detriment of accounts_password_pam_unix_remember. Using both should not create\nconflict but is unnecessary and the last should be filtered out from the profile.", "props": [ @@ -6153,7 +6170,7 @@ ] }, { - "uuid": "f558b91f-b325-44f3-8095-92807fef5b8e", + "uuid": "95e8be20-d921-462f-a7c2-dae2d9e04635", "control-id": "pcidss_4_8-3.8", "description": "The description for control-id pcidss_4_8-3.8.", "props": [ @@ -6166,7 +6183,7 @@ ] }, { - "uuid": "19792d29-9446-4a52-a36b-0d83939a719a", + "uuid": "9d5c25a3-e1ad-4cfd-b3d0-e67f86b92251", "control-id": "pcidss_4_8-3.9", "description": "The requirement does not explicitily define the number of days before the password\nexpiration to warn the users, but the relevant rules were selected here as they do not\ncause any problems in combination with password lifetime rules.", "props": [ @@ -6198,7 +6215,7 @@ ] }, { - "uuid": "dffe9154-b92a-4a64-b1ca-cc43b38c23aa", + "uuid": "6eb6a237-b572-4070-bafe-09162c96401b", "control-id": "pcidss_4_8-3.10.1", "description": "This requirement is already covered by 8.3.9.", "props": [ @@ -6210,7 +6227,7 @@ ] }, { - "uuid": "9d6dc3f1-42f3-4f2b-bd1b-87752158261d", + "uuid": "be6cbd5c-6c16-4e3a-b560-c4a880a2846c", "control-id": "pcidss_4_8-3.11", "description": "The description for control-id pcidss_4_8-3.11.", "props": [ @@ -6223,7 +6240,7 @@ ] }, { - "uuid": "a0e20078-3ac4-48e0-8636-b9a218f63025", + "uuid": "eeaeb8b3-b6e6-4beb-a719-63270bab66ad", "control-id": "pcidss_4_8-4.1", "description": "No notes for control-id 8.4.1.", "props": [ @@ -6235,7 +6252,7 @@ ] }, { - "uuid": "6e84db2b-d369-46bc-9868-14b1d06950c1", + "uuid": "942fcdf1-1e20-4f9d-987e-7d785e55839c", "control-id": "pcidss_4_8-4.2", "description": "The description for control-id pcidss_4_8-4.2.", "props": [ @@ -6248,7 +6265,7 @@ ] }, { - "uuid": "ea6ebb56-c93a-434b-8b90-5ed4bdad1540", + "uuid": "4ea36027-9d7c-4594-853a-5c2a94e69340", "control-id": "pcidss_4_8-4.3", "description": "The description for control-id pcidss_4_8-4.3.", "props": [ @@ -6261,7 +6278,7 @@ ] }, { - "uuid": "c6d0d01c-eeef-42f9-b598-dd37e111fdaa", + "uuid": "179d4c5f-e00f-4828-937c-3fe5182da7ae", "control-id": "pcidss_4_8-5.1", "description": "The description for control-id pcidss_4_8-5.1.", "props": [ @@ -6274,7 +6291,7 @@ ] }, { - "uuid": "e6f3ac32-c528-4f7c-948d-d59ac87236f5", + "uuid": "6786a388-800b-4f33-b6a7-77901dc36515", "control-id": "pcidss_4_8-6.1", "description": "This requirement is related to 2.2.2, 2.2.6, 8.2.1 and 8.2.2. Specifically on 8.2.2 system\naccounts usage is restricted. Exceptions to system accounts should be manually checked to\nensure the requirements in description. This requirement although implements some extra\ncontrols regarding root account.", "props": [ @@ -6301,7 +6318,7 @@ ] }, { - "uuid": "7b487496-6e55-431e-ab48-02e0d43f36e5", + "uuid": "7a8888bd-fdfb-4f7a-9238-42d1be38348d", "control-id": "pcidss_4_8-6.2", "description": "The description for control-id pcidss_4_8-6.2.", "props": [ @@ -6314,7 +6331,7 @@ ] }, { - "uuid": "1a1818ed-d100-481d-8fb5-594f2db03949", + "uuid": "6dd8a0b4-756e-4f69-b5a7-5e0a5706bc73", "control-id": "pcidss_4_8-6.3", "description": "Related to requirements 8.3.6 and 8.3.9.", "props": [ @@ -6326,7 +6343,7 @@ ] }, { - "uuid": "8b26b07a-a526-4a62-ae3f-bc7a53770e05", + "uuid": "cb1e4077-b44e-4287-8d17-859d3d157155", "control-id": "pcidss_4_9-1.1", "description": "The description for control-id pcidss_4_9-1.1.", "props": [ @@ -6339,7 +6356,7 @@ ] }, { - "uuid": "5dba4500-5197-4db9-b7fc-fe9b00e22ef8", + "uuid": "15b90706-f0e6-42ed-9a0e-908b5cbbd14d", "control-id": "pcidss_4_9-1.2", "description": "The description for control-id pcidss_4_9-1.2.", "props": [ @@ -6352,7 +6369,7 @@ ] }, { - "uuid": "157335b9-9af5-4681-81c7-7acdb8663c12", + "uuid": "60ce9d3b-6bd3-4b20-9ce4-b630dcb2cff7", "control-id": "pcidss_4_9-2.1.1", "description": "The description for control-id pcidss_4_9-2.1.1.", "props": [ @@ -6365,7 +6382,7 @@ ] }, { - "uuid": "0cf0c50f-a660-4479-802a-7d6d1cc906d8", + "uuid": "80c23ccb-007b-4517-a22e-47b4b6fcdc0c", "control-id": "pcidss_4_9-2.2", "description": "The description for control-id pcidss_4_9-2.2.", "props": [ @@ -6378,7 +6395,7 @@ ] }, { - "uuid": "1135386e-d71b-424f-8f6f-9c7b624502aa", + "uuid": "b86eddaf-9823-4cde-8568-7513e5e64a94", "control-id": "pcidss_4_9-2.3", "description": "The description for control-id pcidss_4_9-2.3.", "props": [ @@ -6391,7 +6408,7 @@ ] }, { - "uuid": "5710b85f-03b9-4c56-a786-99c6ecae11ff", + "uuid": "ae7826a2-9cdf-4990-86bf-a6be18c7e1f1", "control-id": "pcidss_4_9-2.4", "description": "The description for control-id pcidss_4_9-2.4.", "props": [ @@ -6404,7 +6421,7 @@ ] }, { - "uuid": "08a26a91-44e6-409e-9204-883339568311", + "uuid": "fdabb1f2-b7ae-4148-b640-15601f1bd655", "control-id": "pcidss_4_9-3.1.1", "description": "The description for control-id pcidss_4_9-3.1.1.", "props": [ @@ -6417,7 +6434,7 @@ ] }, { - "uuid": "d11e4b6c-b882-4d48-8b74-b89665dd4819", + "uuid": "3625abef-a471-44e3-8596-2df75c8b238b", "control-id": "pcidss_4_9-3.2", "description": "The description for control-id pcidss_4_9-3.2.", "props": [ @@ -6430,7 +6447,7 @@ ] }, { - "uuid": "9043b812-9bbf-4980-aa86-8fb00db73a00", + "uuid": "8048a65b-9a67-412c-a911-7bbfa83a7b07", "control-id": "pcidss_4_9-3.3", "description": "The description for control-id pcidss_4_9-3.3.", "props": [ @@ -6443,7 +6460,7 @@ ] }, { - "uuid": "669e136e-34d1-45cc-900f-005c7b8ac33d", + "uuid": "f17ee621-6664-4d59-ba7a-1e70b4111af4", "control-id": "pcidss_4_9-3.4", "description": "The description for control-id pcidss_4_9-3.4.", "props": [ @@ -6456,7 +6473,7 @@ ] }, { - "uuid": "76a8ac2e-6e43-4a9f-9825-0374f451bd52", + "uuid": "5b40c4fa-adee-4450-8774-ba495dde9ff1", "control-id": "pcidss_4_9-4.1.1", "description": "The description for control-id pcidss_4_9-4.1.1.", "props": [ @@ -6469,7 +6486,7 @@ ] }, { - "uuid": "5269fe5f-c123-4bad-88da-34e690ced695", + "uuid": "bedaa0a9-5e47-4244-b9d8-c1ba47e29eda", "control-id": "pcidss_4_9-4.1.2", "description": "The description for control-id pcidss_4_9-4.1.2.", "props": [ @@ -6482,7 +6499,7 @@ ] }, { - "uuid": "8fb44636-fba5-4247-a155-f52e365a6528", + "uuid": "4592839a-e52e-49d7-b697-b33015249a8b", "control-id": "pcidss_4_9-4.2", "description": "The description for control-id pcidss_4_9-4.2.", "props": [ @@ -6495,7 +6512,7 @@ ] }, { - "uuid": "44c73a0d-594d-44de-8ef7-f5f746ec165b", + "uuid": "6e5a3186-b185-45e0-9abf-f9645f291b8e", "control-id": "pcidss_4_9-4.3", "description": "The description for control-id pcidss_4_9-4.3.", "props": [ @@ -6508,7 +6525,7 @@ ] }, { - "uuid": "146751dd-5aa6-40cb-893b-65fe86b04725", + "uuid": "96a6800a-4c34-4814-b000-c673e2fb2120", "control-id": "pcidss_4_9-4.4", "description": "The description for control-id pcidss_4_9-4.4.", "props": [ @@ -6521,7 +6538,7 @@ ] }, { - "uuid": "e32b061b-57d4-4631-b850-48c5a96be4c2", + "uuid": "c7ff4099-2dea-4060-8539-dab4770580c6", "control-id": "pcidss_4_9-4.5.1", "description": "The description for control-id pcidss_4_9-4.5.1.", "props": [ @@ -6534,7 +6551,7 @@ ] }, { - "uuid": "354660bd-f423-44e1-8612-8219a68d391e", + "uuid": "a1e30cb0-4d58-4d0a-b5cc-d17108dae1e5", "control-id": "pcidss_4_9-4.6", "description": "The description for control-id pcidss_4_9-4.6.", "props": [ @@ -6547,7 +6564,7 @@ ] }, { - "uuid": "e2ee6c91-e7c6-47be-b9a2-525b47324baf", + "uuid": "0b85bc15-4325-4939-bdda-2a034b1c5e84", "control-id": "pcidss_4_9-4.7", "description": "The description for control-id pcidss_4_9-4.7.", "props": [ @@ -6560,7 +6577,7 @@ ] }, { - "uuid": "37ba97b3-f2b2-40b6-ac8a-31df0060a0ca", + "uuid": "63874669-9abf-4a79-8652-853bf72d0add", "control-id": "pcidss_4_9-5.1.1", "description": "The description for control-id pcidss_4_9-5.1.1.", "props": [ @@ -6573,7 +6590,7 @@ ] }, { - "uuid": "01234135-2069-43bd-8905-6f910ca916c5", + "uuid": "05a4c201-d608-4627-9e28-64375dfcad49", "control-id": "pcidss_4_9-5.1.2.1", "description": "The description for control-id pcidss_4_9-5.1.2.1.", "props": [ @@ -6586,7 +6603,7 @@ ] }, { - "uuid": "cead7cc4-c459-443b-a960-a356362abb00", + "uuid": "c7d09232-b56d-4737-9beb-d149098b6dfb", "control-id": "pcidss_4_9-5.1.3", "description": "The description for control-id pcidss_4_9-5.1.3.", "props": [ @@ -6599,7 +6616,7 @@ ] }, { - "uuid": "c82c46b9-8fe3-433e-af4d-1a0bdf52c3ba", + "uuid": "d3918303-49b6-4907-92f4-3a6b0689cada", "control-id": "pcidss_4_10-1.1", "description": "The description for control-id pcidss_4_10-1.1.", "props": [ @@ -6612,7 +6629,7 @@ ] }, { - "uuid": "091709be-cdd8-4d12-a44b-70a4850e3cbb", + "uuid": "ba571d63-110c-46d9-919b-a9d568702aa7", "control-id": "pcidss_4_10-1.2", "description": "The description for control-id pcidss_4_10-1.2.", "props": [ @@ -6625,7 +6642,7 @@ ] }, { - "uuid": "f5c1b046-a7fb-4501-b35a-6215051d9036", + "uuid": "2d5c5227-8ce1-4ea8-82f1-724680f127b2", "control-id": "pcidss_4_10-2.1.1", "description": "The description for control-id pcidss_4_10-2.1.1.", "props": [ @@ -6638,7 +6655,7 @@ ] }, { - "uuid": "2e592bb5-9aea-45cc-861d-3c2ae23f169e", + "uuid": "df04ad10-4600-4394-ba46-e02406df1e10", "control-id": "pcidss_4_10-2.1.2", "description": "Not all privileged commands have suid or sgid enabled. We probably want to include more\nrules for this requirement.", "props": [ @@ -6655,7 +6672,7 @@ ] }, { - "uuid": "2e054e3a-33ab-4a09-b139-3bc30deb7751", + "uuid": "a43f75e4-a4c3-4f38-90ff-157b5162a67b", "control-id": "pcidss_4_10-2.1.3", "description": "No notes for control-id 10.2.1.3.", "props": [ @@ -6702,7 +6719,7 @@ ] }, { - "uuid": "9ec2fab0-860a-4f45-9cd5-3b1ae2ff4786", + "uuid": "06471539-0a11-4418-9eec-0e1eb1915e43", "control-id": "pcidss_4_10-2.1.4", "description": "No notes for control-id 10.2.1.4.", "props": [ @@ -6719,7 +6736,7 @@ ] }, { - "uuid": "ee642407-89cf-44cc-b11b-acb2a69175a3", + "uuid": "4acdc8c3-f4f8-4c8c-9e6a-901a12fe33a0", "control-id": "pcidss_4_10-2.1.5", "description": "No notes for control-id 10.2.1.5.", "props": [ @@ -6761,7 +6778,7 @@ ] }, { - "uuid": "40dd81df-12e4-492d-8f98-bb7fc8918106", + "uuid": "1e9b83ad-4272-43ed-a75d-f0d0cbda63d7", "control-id": "pcidss_4_10-2.1.6", "description": "The description for control-id pcidss_4_10-2.1.6.", "props": [ @@ -6774,7 +6791,7 @@ ] }, { - "uuid": "b68b7567-e8c9-46f0-b803-bd4f4d6ab1c1", + "uuid": "6ff7e28a-149f-4bcf-83d0-85f49ec71b68", "control-id": "pcidss_4_10-2.1.7", "description": "There are enough rules to capture deletion events but not for creation events.\nThis requirement needs to be better investigated to confirm which additional rules would\nsatistfy the requirement.", "props": [ @@ -6821,7 +6838,7 @@ ] }, { - "uuid": "2b3f963a-fdbb-4d5a-ac60-88a4079f45ab", + "uuid": "ebdf442d-4115-4693-9d01-b9e2bdc88829", "control-id": "pcidss_4_10-2.2", "description": "Standard settings for audit should be enough.", "props": [ @@ -6838,7 +6855,7 @@ ] }, { - "uuid": "0b512cf5-cbe9-45fb-b43e-72f44ad6c500", + "uuid": "3e7fd906-31ef-4c7f-adda-7ec2fea332e8", "control-id": "pcidss_4_10-3.1", "description": "No notes for control-id 10.3.1.", "props": [ @@ -6865,7 +6882,7 @@ ] }, { - "uuid": "56f8f9a7-f494-4fcc-86e7-edf6ce8ac1b2", + "uuid": "6028b4b6-79e7-4410-8512-d53457d03e30", "control-id": "pcidss_4_10-3.2", "description": "No notes for control-id 10.3.2.", "props": [ @@ -6902,7 +6919,7 @@ ] }, { - "uuid": "7a776be3-8aca-4018-9658-1ffb9684980e", + "uuid": "a6820a2c-ad17-4e69-a886-14585a94a5d0", "control-id": "pcidss_4_10-3.3", "description": "Although the technologies in general allow to send logs to a centralized server, some\nparameters for this configuration are specific to each site policy and therefore the\nrequirement demands manual assessment.", "props": [ @@ -6924,7 +6941,7 @@ ] }, { - "uuid": "2fb9baa0-7000-4e4c-ad88-38175346cf79", + "uuid": "d376c578-a5a7-48db-b801-3cf4a7c41e3e", "control-id": "pcidss_4_10-3.4", "description": "No notes for control-id 10.3.4.", "props": [ @@ -7016,7 +7033,7 @@ ] }, { - "uuid": "2514efcd-9e30-4a82-8435-4c954992f715", + "uuid": "d371802c-a5d8-4ba4-9123-ad4430d7b443", "control-id": "pcidss_4_10-4.1.1", "description": "The description for control-id pcidss_4_10-4.1.1.", "props": [ @@ -7029,7 +7046,7 @@ ] }, { - "uuid": "8ecd7821-f1a4-47b4-b620-ac893ad8fcd5", + "uuid": "7618db41-d5aa-44bb-a6c2-67a1430a4149", "control-id": "pcidss_4_10-4.2.1", "description": "The description for control-id pcidss_4_10-4.2.1.", "props": [ @@ -7042,7 +7059,7 @@ ] }, { - "uuid": "7c70c16d-c4c9-42b9-9b12-d2dee52a9226", + "uuid": "b572908d-0840-4457-b581-2bda3dd0fe06", "control-id": "pcidss_4_10-4.3", "description": "The description for control-id pcidss_4_10-4.3.", "props": [ @@ -7055,7 +7072,7 @@ ] }, { - "uuid": "c7075b81-bae0-41fd-91ff-73a45cc58a9d", + "uuid": "52fe9855-fb9a-4008-a89c-3d0697714b5a", "control-id": "pcidss_4_10-5.1", "description": "It is not simple to ensure 12 months history is present in each system but the rules in\nthis requirement ensures the logs are not lost without administrators awareness.", "props": [ @@ -7092,7 +7109,7 @@ ] }, { - "uuid": "5b3241b2-5dcf-4ed4-9f76-42bda2dde319", + "uuid": "ed976b21-0155-464d-ac6e-0c2efd7cca50", "control-id": "pcidss_4_10-6.1", "description": "Maybe it is possible to optmize some similar rules related to ntp.", "props": [ @@ -7109,7 +7126,7 @@ ] }, { - "uuid": "8f39de40-1afe-4d1a-b0ea-9cc9c8770873", + "uuid": "484ff03c-16c4-4481-a6b7-779f36da23b2", "control-id": "pcidss_4_10-6.2", "description": "The selected rules might need updates in order to restrict their platform applicability\nto avoid conflicts.", "props": [ @@ -7126,7 +7143,7 @@ ] }, { - "uuid": "427e21b7-9744-4ea9-be70-6072c0a8bc57", + "uuid": "253ef780-0ef7-4cf9-aec8-b501472c932b", "control-id": "pcidss_4_10-6.3", "description": "No notes for control-id 10.6.3.", "props": [ @@ -7168,7 +7185,7 @@ ] }, { - "uuid": "088c375e-def3-4d8a-9c87-2010dcae1a5f", + "uuid": "747e89d3-676a-42a0-9aea-884ba11cd3d3", "control-id": "pcidss_4_10-7.1", "description": "The description for control-id pcidss_4_10-7.1.", "props": [ @@ -7181,7 +7198,7 @@ ] }, { - "uuid": "ca7c203b-fdb5-4737-9da8-47c80a1884b3", + "uuid": "bbb12c40-2631-4437-a1fc-c3a94b23bfde", "control-id": "pcidss_4_10-7.2", "description": "No notes for control-id 10.7.2.", "props": [ @@ -7203,7 +7220,7 @@ ] }, { - "uuid": "56f997f9-b68f-4c64-b9f4-ebbd0446de53", + "uuid": "9146f256-d7ea-4e8c-983c-1b9c5b9b2c4d", "control-id": "pcidss_4_10-7.3", "description": "The description for control-id pcidss_4_10-7.3.", "props": [ @@ -7216,7 +7233,7 @@ ] }, { - "uuid": "3a782f2a-5ab1-49a3-8a66-65d956c717e2", + "uuid": "67f302b1-5ec4-4c46-b4f9-e7965d2b0a21", "control-id": "pcidss_4_11-1.1", "description": "The description for control-id pcidss_4_11-1.1.", "props": [ @@ -7229,7 +7246,7 @@ ] }, { - "uuid": "aa9d25f2-8f22-4d08-912a-b6c88231f2d7", + "uuid": "487f2b56-97e1-4e48-8e5c-2f026685a2b4", "control-id": "pcidss_4_11-1.2", "description": "The description for control-id pcidss_4_11-1.2.", "props": [ @@ -7242,7 +7259,7 @@ ] }, { - "uuid": "17be2e4e-38b0-4c47-8d68-2cc2c99e7ac3", + "uuid": "d1184540-5777-47ec-8a18-38f4dcaab1e8", "control-id": "pcidss_4_11-2.1", "description": "The description for control-id pcidss_4_11-2.1.", "props": [ @@ -7255,7 +7272,7 @@ ] }, { - "uuid": "3a920d8f-cfd3-4ed0-90f4-44efce2f719b", + "uuid": "1b257540-cd3e-4073-b88f-93f90dd1015e", "control-id": "pcidss_4_11-2.2", "description": "The description for control-id pcidss_4_11-2.2.", "props": [ @@ -7268,7 +7285,7 @@ ] }, { - "uuid": "1c7188ab-42f8-4301-92a9-59fb3edfbc9e", + "uuid": "ae364acb-6f2e-437a-b844-ffe0a6c428b5", "control-id": "pcidss_4_11-3.1.1", "description": "The description for control-id pcidss_4_11-3.1.1.", "props": [ @@ -7281,7 +7298,7 @@ ] }, { - "uuid": "63d9c2aa-a71d-4e40-b286-9210481835cf", + "uuid": "79fb1da1-aae2-4ca9-82ee-265ef3960eac", "control-id": "pcidss_4_11-3.1.2", "description": "The description for control-id pcidss_4_11-3.1.2.", "props": [ @@ -7294,7 +7311,7 @@ ] }, { - "uuid": "406836e4-c398-48e8-b3db-4caaeb540ca2", + "uuid": "5e0f4a57-c776-4d56-994d-ce9c516d5b0f", "control-id": "pcidss_4_11-3.1.3", "description": "The description for control-id pcidss_4_11-3.1.3.", "props": [ @@ -7307,7 +7324,7 @@ ] }, { - "uuid": "1929d806-03be-4d56-82e3-c0ae05d438aa", + "uuid": "018e620b-153f-462b-9e51-9c5103798e10", "control-id": "pcidss_4_11-3.2.1", "description": "The description for control-id pcidss_4_11-3.2.1.", "props": [ @@ -7320,7 +7337,7 @@ ] }, { - "uuid": "ffa02d6a-b1cd-46f6-9aec-7df1bffac8c1", + "uuid": "35afc1d9-a138-4d81-866d-7202be2f17c8", "control-id": "pcidss_4_11-4.1", "description": "The description for control-id pcidss_4_11-4.1.", "props": [ @@ -7333,7 +7350,7 @@ ] }, { - "uuid": "85133f91-d288-4b07-8ffc-0b17372ba6a0", + "uuid": "b7cfae0c-a283-485b-adb4-b6a20e9aa418", "control-id": "pcidss_4_11-4.2", "description": "The description for control-id pcidss_4_11-4.2.", "props": [ @@ -7346,7 +7363,7 @@ ] }, { - "uuid": "c1eace52-f1f7-44d4-93c0-d7a4c121bf0f", + "uuid": "cd8ea9f9-a928-496f-aa0d-f56b8d86fd5d", "control-id": "pcidss_4_11-4.3", "description": "The description for control-id pcidss_4_11-4.3.", "props": [ @@ -7359,7 +7376,7 @@ ] }, { - "uuid": "d3e93689-fe8d-4f2b-9991-9530ab93aea8", + "uuid": "d418c6fe-de7d-48e9-8d3a-0dd11dbd01f2", "control-id": "pcidss_4_11-4.4", "description": "The description for control-id pcidss_4_11-4.4.", "props": [ @@ -7372,7 +7389,7 @@ ] }, { - "uuid": "924a1042-925e-489c-a70b-36d1707913c3", + "uuid": "6b89679b-9be9-40b9-9b69-e9561c1521a7", "control-id": "pcidss_4_11-4.5", "description": "The description for control-id pcidss_4_11-4.5.", "props": [ @@ -7385,7 +7402,7 @@ ] }, { - "uuid": "48e2e21a-c7a1-4035-8f1d-02b61d64b2c6", + "uuid": "4259ce1c-4717-427b-a452-13fac2fd3e3f", "control-id": "pcidss_4_11-4.6", "description": "The description for control-id pcidss_4_11-4.6.", "props": [ @@ -7398,7 +7415,7 @@ ] }, { - "uuid": "c295333d-053b-4980-8464-e42d15c60712", + "uuid": "436b7281-6d26-4cd1-b72f-ee49c4640050", "control-id": "pcidss_4_11-4.7", "description": "The description for control-id pcidss_4_11-4.7.", "props": [ @@ -7411,7 +7428,7 @@ ] }, { - "uuid": "cb489df4-2dd6-4ead-bf31-21ab6de0263d", + "uuid": "a087cdfc-9ea8-4b17-8364-e37ba8dbdf89", "control-id": "pcidss_4_11-5.1.1", "description": "The description for control-id pcidss_4_11-5.1.1.", "props": [ @@ -7424,7 +7441,7 @@ ] }, { - "uuid": "3939adcb-2b62-4dd4-bb23-9e922be05229", + "uuid": "35974825-c25d-45f6-9bb7-97249c3f4397", "control-id": "pcidss_4_11-5.2", "description": "No notes for control-id 11.5.2.", "props": [ @@ -7461,7 +7478,7 @@ ] }, { - "uuid": "3d0d78b6-92f1-4360-bbf4-03c5969a94fc", + "uuid": "d7909aa6-3c0d-443c-8b2b-6b5af598028c", "control-id": "pcidss_4_11-6.1", "description": "The description for control-id pcidss_4_11-6.1.", "props": [ @@ -7474,7 +7491,7 @@ ] }, { - "uuid": "f155e82e-6a5a-4cf6-abb2-375044250332", + "uuid": "6d3dfc34-0fba-40f6-88ca-f01f54c1f881", "control-id": "pcidss_4_12-1.1", "description": "The description for control-id pcidss_4_12-1.1.", "props": [ @@ -7487,7 +7504,7 @@ ] }, { - "uuid": "51c27ffa-df8e-4d0c-8818-01f33ebc8f08", + "uuid": "116f319a-1821-4d10-8a26-3379fdc0a371", "control-id": "pcidss_4_12-1.2", "description": "The description for control-id pcidss_4_12-1.2.", "props": [ @@ -7500,7 +7517,7 @@ ] }, { - "uuid": "d276dc3e-d37d-4694-a8f1-c924869b9fce", + "uuid": "7ef4224c-4299-42eb-a6cf-bcf7f1cc11e5", "control-id": "pcidss_4_12-1.3", "description": "The description for control-id pcidss_4_12-1.3.", "props": [ @@ -7513,7 +7530,7 @@ ] }, { - "uuid": "1996b04e-5960-4b96-a4a7-90838950ae8e", + "uuid": "fe23027d-4153-402e-8499-c3dfd7969d90", "control-id": "pcidss_4_12-1.4", "description": "The description for control-id pcidss_4_12-1.4.", "props": [ @@ -7526,7 +7543,7 @@ ] }, { - "uuid": "a8e54724-7cfe-443c-97fa-661a192e87d4", + "uuid": "a7340de8-6841-4c34-9dfc-ea5bdf75c6f0", "control-id": "pcidss_4_12-2.1", "description": "The description for control-id pcidss_4_12-2.1.", "props": [ @@ -7539,7 +7556,7 @@ ] }, { - "uuid": "eea0dbe1-b215-40ee-8d3d-b86c69f4e857", + "uuid": "fe97e021-4686-475a-a9a1-7bf186899dbd", "control-id": "pcidss_4_12-3.1", "description": "The description for control-id pcidss_4_12-3.1.", "props": [ @@ -7552,7 +7569,7 @@ ] }, { - "uuid": "af41d84b-161e-4753-87ec-8b7504b76c72", + "uuid": "e4c67219-945d-49c0-bd45-4b962785e83f", "control-id": "pcidss_4_12-3.2", "description": "The description for control-id pcidss_4_12-3.2.", "props": [ @@ -7565,7 +7582,7 @@ ] }, { - "uuid": "9e296358-72e9-4ca5-beab-8b3d41180771", + "uuid": "75f8cec1-4b42-4832-a58d-caad2a9ccaa9", "control-id": "pcidss_4_12-3.3", "description": "The description for control-id pcidss_4_12-3.3.", "props": [ @@ -7578,7 +7595,7 @@ ] }, { - "uuid": "a7a98c56-8957-4970-84c5-5313b4bda57b", + "uuid": "2ba357b0-ea09-40ce-be06-b145eed475fd", "control-id": "pcidss_4_12-3.4", "description": "The description for control-id pcidss_4_12-3.4.", "props": [ @@ -7591,7 +7608,7 @@ ] }, { - "uuid": "e2515e0a-66e5-4429-a383-fe1bc2977acc", + "uuid": "a43305c8-a9f6-4d9c-9f0a-6ec4779f8a5e", "control-id": "pcidss_4_12-4.1", "description": "The description for control-id pcidss_4_12-4.1.", "props": [ @@ -7604,7 +7621,7 @@ ] }, { - "uuid": "56348c47-24b5-45d6-980d-d0ef18905728", + "uuid": "30f1207e-5665-4fc5-862f-1289eda70cb1", "control-id": "pcidss_4_12-4.2.1", "description": "The description for control-id pcidss_4_12-4.2.1.", "props": [ @@ -7617,7 +7634,7 @@ ] }, { - "uuid": "8bc1110b-ac4f-484d-9806-87ecea370e48", + "uuid": "09f67b49-5cf9-4320-900d-cf051a02f241", "control-id": "pcidss_4_12-5.1", "description": "The description for control-id pcidss_4_12-5.1.", "props": [ @@ -7630,7 +7647,7 @@ ] }, { - "uuid": "024b6ce3-4d39-431b-b8f7-146505c1c9fe", + "uuid": "9d77f314-50ff-4925-a6c6-a9b96e761889", "control-id": "pcidss_4_12-5.2.1", "description": "The description for control-id pcidss_4_12-5.2.1.", "props": [ @@ -7643,7 +7660,7 @@ ] }, { - "uuid": "d6149121-703b-4937-b044-571d394e625e", + "uuid": "1ae2b68f-3561-4563-9cfd-12a2a0dda8d8", "control-id": "pcidss_4_12-5.3", "description": "The description for control-id pcidss_4_12-5.3.", "props": [ @@ -7656,7 +7673,7 @@ ] }, { - "uuid": "e0b3e48e-5097-419c-a4be-ac8b159beb6a", + "uuid": "acaa7e67-b5a1-458b-8787-5757b3704575", "control-id": "pcidss_4_12-6.1", "description": "The description for control-id pcidss_4_12-6.1.", "props": [ @@ -7669,7 +7686,7 @@ ] }, { - "uuid": "aaf487f8-97c5-4764-b8af-9543f8868fa5", + "uuid": "4c731b93-7517-4e3b-a85f-8494004bd587", "control-id": "pcidss_4_12-6.2", "description": "The description for control-id pcidss_4_12-6.2.", "props": [ @@ -7682,7 +7699,7 @@ ] }, { - "uuid": "b5db4709-379d-470f-b531-8fb2586771e1", + "uuid": "08160de4-af23-4f54-98ec-653736a7810c", "control-id": "pcidss_4_12-6.3.1", "description": "The description for control-id pcidss_4_12-6.3.1.", "props": [ @@ -7695,7 +7712,7 @@ ] }, { - "uuid": "31a3ebea-09e8-4ad2-a97b-4d4f33d0dd26", + "uuid": "ce2ea606-f35e-4409-a40a-411a8058005a", "control-id": "pcidss_4_12-6.3.2", "description": "The description for control-id pcidss_4_12-6.3.2.", "props": [ @@ -7708,7 +7725,7 @@ ] }, { - "uuid": "ffe659b4-31c8-42b7-9997-5725922f50be", + "uuid": "97f2d70e-f552-43ef-9ba0-148da26d05f2", "control-id": "pcidss_4_12-7.1", "description": "The description for control-id pcidss_4_12-7.1.", "props": [ @@ -7721,7 +7738,7 @@ ] }, { - "uuid": "0a988e7c-4ecc-40ff-aeef-cfff0a3580f6", + "uuid": "23d37200-df9c-46b6-9d50-f218e902256b", "control-id": "pcidss_4_12-8.1", "description": "The description for control-id pcidss_4_12-8.1.", "props": [ @@ -7734,7 +7751,7 @@ ] }, { - "uuid": "20768300-5d92-4f5b-8f0f-9f16b59c28cf", + "uuid": "a83e6536-3f65-4273-8bec-6c45e3a65bab", "control-id": "pcidss_4_12-8.2", "description": "The description for control-id pcidss_4_12-8.2.", "props": [ @@ -7747,7 +7764,7 @@ ] }, { - "uuid": "be276f06-cb4e-4237-b0d9-f4828899356b", + "uuid": "167e9e03-0221-4cb1-9a4a-0a784b0ab9ce", "control-id": "pcidss_4_12-8.3", "description": "The description for control-id pcidss_4_12-8.3.", "props": [ @@ -7760,7 +7777,7 @@ ] }, { - "uuid": "fbf50b37-d7dc-4c8a-a4d4-a433d58d547f", + "uuid": "37a3f10e-3de2-493e-9c7c-761c88b062d7", "control-id": "pcidss_4_12-8.4", "description": "The description for control-id pcidss_4_12-8.4.", "props": [ @@ -7773,7 +7790,7 @@ ] }, { - "uuid": "08610dd2-4517-4fd0-8d97-099d0b21888c", + "uuid": "8e52c143-6fb1-49d7-b4c4-cd3cff071018", "control-id": "pcidss_4_12-8.5", "description": "The description for control-id pcidss_4_12-8.5.", "props": [ @@ -7786,7 +7803,7 @@ ] }, { - "uuid": "1939334a-7831-4e0b-87ae-d165a81fe4ca", + "uuid": "8a6955a6-0b1c-41bf-9f55-66ceb9ac82c5", "control-id": "pcidss_4_12-9.1", "description": "The description for control-id pcidss_4_12-9.1.", "props": [ @@ -7799,7 +7816,7 @@ ] }, { - "uuid": "78a49eea-da6e-40fe-a196-48ac9ced0b72", + "uuid": "7cd24204-6694-40c2-9b46-938dfb4cc4d4", "control-id": "pcidss_4_12-9.2", "description": "The description for control-id pcidss_4_12-9.2.", "props": [ @@ -7812,7 +7829,7 @@ ] }, { - "uuid": "3aebf078-dcd5-47c4-ab0f-7208c42efb44", + "uuid": "9bfc3acf-abf4-4ffc-b0e4-a3e469fbd218", "control-id": "pcidss_4_12-10.1", "description": "The description for control-id pcidss_4_12-10.1.", "props": [ @@ -7825,7 +7842,7 @@ ] }, { - "uuid": "0252bcd9-8b40-48a8-8ee3-c1bde5464081", + "uuid": "d14d8ab7-2f59-4206-9f13-76305518e45d", "control-id": "pcidss_4_12-10.2", "description": "The description for control-id pcidss_4_12-10.2.", "props": [ @@ -7838,7 +7855,7 @@ ] }, { - "uuid": "9787e43d-6587-4695-b9dd-d1aefa58e3c4", + "uuid": "b1e7abc7-588f-41f7-9240-5a575fa73265", "control-id": "pcidss_4_12-10.3", "description": "The description for control-id pcidss_4_12-10.3.", "props": [ @@ -7851,7 +7868,7 @@ ] }, { - "uuid": "2af0d890-c26f-45d4-9add-c38a2f3dd5bd", + "uuid": "dbade05d-3712-4d08-9bd6-e1b4e20c7508", "control-id": "pcidss_4_12-10.4.1", "description": "The description for control-id pcidss_4_12-10.4.1.", "props": [ @@ -7864,7 +7881,7 @@ ] }, { - "uuid": "a141457c-48d4-49ce-a160-dba593aa9a4a", + "uuid": "cd5472b2-62f0-4bc5-b186-7003f0a07513", "control-id": "pcidss_4_12-10.5", "description": "The description for control-id pcidss_4_12-10.5.", "props": [ @@ -7877,7 +7894,7 @@ ] }, { - "uuid": "b114f802-7d55-4f00-b15f-e231e6cad5b9", + "uuid": "a6a53c82-893a-4597-b4f4-6092fe462a3e", "control-id": "pcidss_4_12-10.6", "description": "The description for control-id pcidss_4_12-10.6.", "props": [ @@ -7890,7 +7907,7 @@ ] }, { - "uuid": "496d8b0a-6a9f-415e-9bc8-0b3d3c1368b4", + "uuid": "355421f0-1ece-4c9e-833d-83ef304b319c", "control-id": "pcidss_4_12-10.7", "description": "The description for control-id pcidss_4_12-10.7.", "props": [ @@ -7903,7 +7920,7 @@ ] }, { - "uuid": "f20ae31b-76bf-4e97-97c1-882bac77a356", + "uuid": "21eccbe1-f9fd-46d9-a66b-a5faf59a6d3d", "control-id": "a1-1.1", "description": "The description for control-id a1-1.1.", "props": [ @@ -7916,7 +7933,7 @@ ] }, { - "uuid": "ae0f15ea-6047-4615-941e-023330cb1e40", + "uuid": "86c2c9fd-1e1a-4f61-bc8f-2ac2ef138c79", "control-id": "a1-1.2", "description": "The description for control-id a1-1.2.", "props": [ @@ -7929,7 +7946,7 @@ ] }, { - "uuid": "b0127802-c69b-4148-a909-f4ca6c489724", + "uuid": "f01620fc-3639-432d-9970-cbb629f37c54", "control-id": "a1-1.3", "description": "The description for control-id a1-1.3.", "props": [ @@ -7942,7 +7959,7 @@ ] }, { - "uuid": "fb511673-dfd8-48e8-b3eb-2cfa998dec9e", + "uuid": "1549bad1-ab94-488d-bd69-df59cc49d89d", "control-id": "a1-1.4", "description": "The description for control-id a1-1.4.", "props": [ @@ -7955,7 +7972,7 @@ ] }, { - "uuid": "5e5c959c-e24e-43cf-bec2-97ac36269717", + "uuid": "c0edec21-72e6-49ff-8640-1cea6f012e84", "control-id": "a1-2.1", "description": "The description for control-id a1-2.1.", "props": [ @@ -7968,7 +7985,7 @@ ] }, { - "uuid": "d3861817-4f5f-4695-814d-6ba736ee0efa", + "uuid": "e5eb7411-5836-4551-843f-354b6072ce2e", "control-id": "a1-2.2", "description": "The description for control-id a1-2.2.", "props": [ @@ -7981,7 +7998,7 @@ ] }, { - "uuid": "bf6dec46-51a5-4cd4-a1e6-7e91cf60c53c", + "uuid": "fcfd2d38-b8d0-4db6-a675-149bb134a345", "control-id": "a1-2.3", "description": "The description for control-id a1-2.3.", "props": [ @@ -7994,7 +8011,7 @@ ] }, { - "uuid": "96a51c43-2867-4c66-95e3-e799a92a717c", + "uuid": "01f86832-fcef-4c03-aa56-949cb6d4407d", "control-id": "a2-1.1", "description": "The description for control-id a2-1.1.", "props": [ @@ -8007,7 +8024,7 @@ ] }, { - "uuid": "6eb38944-0d69-4c06-9910-79d17207de64", + "uuid": "0139d631-4f60-48ca-9376-a1c6a39880ca", "control-id": "a2-1.2", "description": "The description for control-id a2-1.2.", "props": [ @@ -8020,7 +8037,7 @@ ] }, { - "uuid": "6bb3599b-4035-4689-888e-d8b1bb86ef85", + "uuid": "eb5ba465-3765-487e-935e-adaf5f7a8c28", "control-id": "a2-1.3", "description": "The description for control-id a2-1.3.", "props": [ @@ -8033,7 +8050,7 @@ ] }, { - "uuid": "80d647de-92f3-4849-8b23-11ca68595b01", + "uuid": "5a898a1c-7e92-4e7e-b7e6-702666cc98d1", "control-id": "a3-1.1", "description": "The description for control-id a3-1.1.", "props": [ @@ -8046,7 +8063,7 @@ ] }, { - "uuid": "09eda38c-abe3-4263-b486-46365f7deec9", + "uuid": "7d3ee99f-fc92-4752-a011-1a341485cc24", "control-id": "a3-1.2", "description": "The description for control-id a3-1.2.", "props": [ @@ -8059,7 +8076,7 @@ ] }, { - "uuid": "7e33f134-1197-4d90-81a8-d6295fd9ddb6", + "uuid": "5c140ff1-76e4-430b-8df5-1314d04d0b43", "control-id": "a3-1.3", "description": "The description for control-id a3-1.3.", "props": [ @@ -8072,7 +8089,7 @@ ] }, { - "uuid": "706b6310-6f85-469b-8cb4-a34e1db6b923", + "uuid": "745c1660-a31d-4d99-b9cb-fe863cb27982", "control-id": "a3-1.4", "description": "The description for control-id a3-1.4.", "props": [ @@ -8085,7 +8102,7 @@ ] }, { - "uuid": "224f1e4d-fcc2-4754-9086-052eaf4f75d5", + "uuid": "32d18cfd-e3a0-4113-aabc-48126cc68922", "control-id": "a3-2.1", "description": "The description for control-id a3-2.1.", "props": [ @@ -8098,7 +8115,7 @@ ] }, { - "uuid": "faf1c8c4-97d9-460f-b451-c801c9202e09", + "uuid": "895dc630-6159-4485-be7a-39709f6f417d", "control-id": "a3-2.2.1", "description": "The description for control-id a3-2.2.1.", "props": [ @@ -8111,7 +8128,7 @@ ] }, { - "uuid": "cca1ae42-2bc9-4a36-9f20-a4e043f65f28", + "uuid": "ff0bf3be-6887-4422-b574-6a8d27dbe2e8", "control-id": "a3-2.3", "description": "The description for control-id a3-2.3.", "props": [ @@ -8124,7 +8141,7 @@ ] }, { - "uuid": "0c4ab029-9120-494f-91d4-2689d5cc956d", + "uuid": "e12428fa-ea1b-412e-af61-6a3f68bb9762", "control-id": "a3-2.4", "description": "The description for control-id a3-2.4.", "props": [ @@ -8137,7 +8154,7 @@ ] }, { - "uuid": "8fb04c52-39f6-46e4-80f5-810513e476ba", + "uuid": "e11f6b8a-6faf-4ac8-b68f-6799a0f62804", "control-id": "a3-2.5.1", "description": "The description for control-id a3-2.5.1.", "props": [ @@ -8150,7 +8167,7 @@ ] }, { - "uuid": "cf448df0-2f84-4573-9a7c-1110d3f9ae42", + "uuid": "3caab8c1-11c6-4bd6-9225-21c36a179d93", "control-id": "a3-2.5.2", "description": "The description for control-id a3-2.5.2.", "props": [ @@ -8163,7 +8180,7 @@ ] }, { - "uuid": "c815350f-1d7b-4166-988f-d5e98b4c7aac", + "uuid": "28afedb0-5762-4fa6-bfc9-cb3cf0712f1f", "control-id": "a3-2.6.1", "description": "The description for control-id a3-2.6.1.", "props": [ @@ -8176,7 +8193,7 @@ ] }, { - "uuid": "bae0fc55-cdf9-47aa-b781-cafbdf996435", + "uuid": "beca8bff-2c1f-49d3-a8c8-021945d41db4", "control-id": "a3-3.1.2", "description": "The description for control-id a3-3.1.2.", "props": [ @@ -8189,7 +8206,7 @@ ] }, { - "uuid": "94c465db-d992-4ba6-b738-90cf0f4f4ced", + "uuid": "3e8ee70f-4072-48ce-9381-3182c6c0d7c5", "control-id": "a3-3.2", "description": "The description for control-id a3-3.2.", "props": [ @@ -8202,7 +8219,7 @@ ] }, { - "uuid": "eb9a8943-9ae3-4ccd-8d0f-62bda0f80268", + "uuid": "19514a5b-f802-4016-bc2c-d025f8d9105a", "control-id": "a3-3.3", "description": "The description for control-id a3-3.3.", "props": [ @@ -8215,7 +8232,7 @@ ] }, { - "uuid": "27a8062c-dc90-47c7-b25e-b6e07969deef", + "uuid": "04268248-1a17-41b7-988d-366c883ed98d", "control-id": "a3-4.1", "description": "The description for control-id a3-4.1.", "props": [ @@ -8228,7 +8245,7 @@ ] }, { - "uuid": "668a1217-5390-4f6b-9f98-fda453b4e9e3", + "uuid": "033fa171-e4db-46b2-b652-ff3bd73b8afc", "control-id": "a3-5.1", "description": "The description for control-id a3-5.1.", "props": [ @@ -8559,7 +8576,7 @@ { "name": "Parameter_Value_Alternatives_15", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -8577,7 +8594,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -12027,2815 +12044,2839 @@ { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_134" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Install sequoia-sq Package", "remarks": "rule_set_134" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_globally_activated", + "value": "package_sequoia-sq_installed", "remarks": "rule_set_134" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled In Main dnf Configuration", + "value": "Install sequoia-sq Package", "remarks": "rule_set_134" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_135" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_135" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "ensure_gpgcheck_never_disabled", + "value": "ensure_gpgcheck_globally_activated", "remarks": "rule_set_135" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", + "value": "Ensure gpgcheck Enabled In Main dnf Configuration", "remarks": "rule_set_135" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_id", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_136" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique User IDs", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_136" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_id", + "value": "ensure_gpgcheck_never_disabled", "remarks": "rule_set_136" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique User IDs", + "value": "Ensure gpgcheck Enabled for All dnf Package Repositories", "remarks": "rule_set_136" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_name", + "value": "account_unique_id", "remarks": "rule_set_137" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique Names", + "value": "Ensure All Accounts on the System Have Unique User IDs", "remarks": "rule_set_137" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_unique_name", + "value": "account_unique_id", "remarks": "rule_set_137" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Accounts on the System Have Unique Names", + "value": "Ensure All Accounts on the System Have Unique User IDs", "remarks": "rule_set_137" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "account_unique_name", "remarks": "rule_set_138" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure All Accounts on the System Have Unique Names", "remarks": "rule_set_138" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_no_uid_except_zero", + "value": "account_unique_name", "remarks": "rule_set_138" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Only Root Has UID 0", + "value": "Ensure All Accounts on the System Have Unique Names", "remarks": "rule_set_138" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_139" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_139" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_root_gid_zero", + "value": "accounts_no_uid_except_zero", "remarks": "rule_set_139" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify Root Has A Primary GID 0", + "value": "Verify Only Root Has UID 0", "remarks": "rule_set_139" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_id", + "value": "accounts_root_gid_zero", "remarks": "rule_set_140" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group ID", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_140" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_id", + "value": "accounts_root_gid_zero", "remarks": "rule_set_140" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group ID", + "value": "Verify Root Has A Primary GID 0", "remarks": "rule_set_140" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_name", + "value": "group_unique_id", "remarks": "rule_set_141" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group Names", + "value": "Ensure All Groups on the System Have Unique Group ID", "remarks": "rule_set_141" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "group_unique_name", + "value": "group_unique_id", "remarks": "rule_set_141" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure All Groups on the System Have Unique Group Names", + "value": "Ensure All Groups on the System Have Unique Group ID", "remarks": "rule_set_141" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gid_passwd_group_same", + "value": "group_unique_name", "remarks": "rule_set_142" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", + "value": "Ensure All Groups on the System Have Unique Group Names", "remarks": "rule_set_142" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gid_passwd_group_same", + "value": "group_unique_name", "remarks": "rule_set_142" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", + "value": "Ensure All Groups on the System Have Unique Group Names", "remarks": "rule_set_142" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "gid_passwd_group_same", "remarks": "rule_set_143" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", "remarks": "rule_set_143" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_password_auth_for_systemaccounts", + "value": "gid_passwd_group_same", "remarks": "rule_set_143" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Are Locked", + "value": "All GIDs referenced in /etc/passwd must be defined in /etc/group", "remarks": "rule_set_143" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_144" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_144" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_shelllogin_for_systemaccounts", + "value": "no_password_auth_for_systemaccounts", "remarks": "rule_set_144" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", + "value": "Ensure that System Accounts Are Locked", "remarks": "rule_set_144" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_145" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_145" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "account_disable_post_pw_expiration", + "value": "no_shelllogin_for_systemaccounts", "remarks": "rule_set_145" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Account Expiration Following Inactivity", + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", "remarks": "rule_set_145" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_146" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_146" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_set_post_pw_existing", + "value": "account_disable_post_pw_expiration", "remarks": "rule_set_146" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set existing passwords a period of inactivity before they been locked", + "value": "Set Account Expiration Following Inactivity", "remarks": "rule_set_146" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_db_up_to_date", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_147" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Make sure that the dconf databases are up-to-date with regards to respective keyfiles", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_147" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_db_up_to_date", + "value": "accounts_set_post_pw_existing", "remarks": "rule_set_147" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Make sure that the dconf databases are up-to-date with regards to respective keyfiles", + "value": "Set existing passwords a period of inactivity before they been locked", "remarks": "rule_set_147" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_db_up_to_date", "remarks": "rule_set_148" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Make sure that the dconf databases are up-to-date with regards to respective keyfiles", "remarks": "rule_set_148" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_session_idle_user_locks", + "value": "dconf_db_up_to_date", "remarks": "rule_set_148" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", + "value": "Make sure that the dconf databases are up-to-date with regards to respective keyfiles", "remarks": "rule_set_148" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_activation_enabled", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_149" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Screensaver Idle Activation", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_149" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_activation_enabled", + "value": "dconf_gnome_session_idle_user_locks", "remarks": "rule_set_149" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Screensaver Idle Activation", + "value": "Ensure Users Cannot Change GNOME3 Session Idle Settings", "remarks": "rule_set_149" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_idle_activation_enabled", "remarks": "rule_set_150" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Enable GNOME3 Screensaver Idle Activation", "remarks": "rule_set_150" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_idle_delay", + "value": "dconf_gnome_screensaver_idle_activation_enabled", "remarks": "rule_set_150" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Inactivity Timeout", + "value": "Enable GNOME3 Screensaver Idle Activation", "remarks": "rule_set_150" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_151" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_151" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_delay", + "value": "dconf_gnome_screensaver_idle_delay", "remarks": "rule_set_151" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", + "value": "Set GNOME3 Screensaver Inactivity Timeout", "remarks": "rule_set_151" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_enabled", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_152" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Screensaver Lock After Idle Period", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_152" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_lock_enabled", + "value": "dconf_gnome_screensaver_lock_delay", "remarks": "rule_set_152" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Enable GNOME3 Screensaver Lock After Idle Period", + "value": "Set GNOME3 Screensaver Lock Delay After Activation Period", "remarks": "rule_set_152" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_mode_blank", + "value": "dconf_gnome_screensaver_lock_enabled", "remarks": "rule_set_153" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Blank Screensaver", + "value": "Enable GNOME3 Screensaver Lock After Idle Period", "remarks": "rule_set_153" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "dconf_gnome_screensaver_mode_blank", + "value": "dconf_gnome_screensaver_lock_enabled", "remarks": "rule_set_153" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Implement Blank Screensaver", + "value": "Enable GNOME3 Screensaver Lock After Idle Period", "remarks": "rule_set_153" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "dconf_gnome_screensaver_mode_blank", "remarks": "rule_set_154" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Implement Blank Screensaver", "remarks": "rule_set_154" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_idle_timeout", + "value": "dconf_gnome_screensaver_mode_blank", "remarks": "rule_set_154" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Interval", + "value": "Implement Blank Screensaver", "remarks": "rule_set_154" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_155" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_155" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "sshd_set_keepalive", + "value": "sshd_set_idle_timeout", "remarks": "rule_set_155" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set SSH Client Alive Count Max", + "value": "Set SSH Client Alive Interval", "remarks": "rule_set_155" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_keepalive", "remarks": "rule_set_156" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_156" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "disable_host_auth", + "value": "sshd_set_keepalive", "remarks": "rule_set_156" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable Host-Based Authentication", + "value": "Set SSH Client Alive Count Max", "remarks": "rule_set_156" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gnome_gdm_disable_automatic_login", + "value": "disable_host_auth", "remarks": "rule_set_157" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GDM Automatic Login", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_157" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gnome_gdm_disable_automatic_login", + "value": "disable_host_auth", "remarks": "rule_set_157" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GDM Automatic Login", + "value": "Disable Host-Based Authentication", "remarks": "rule_set_157" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gnome_gdm_disable_guest_login", + "value": "gnome_gdm_disable_automatic_login", "remarks": "rule_set_158" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GDM Guest Login", + "value": "Disable GDM Automatic Login", "remarks": "rule_set_158" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "gnome_gdm_disable_guest_login", + "value": "gnome_gdm_disable_automatic_login", "remarks": "rule_set_158" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Disable GDM Guest Login", + "value": "Disable GDM Automatic Login", "remarks": "rule_set_158" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "gnome_gdm_disable_guest_login", "remarks": "rule_set_159" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Disable GDM Guest Login", "remarks": "rule_set_159" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_empty_passwords", + "value": "gnome_gdm_disable_guest_login", "remarks": "rule_set_159" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Prevent Login to Accounts With Empty Password", + "value": "Disable GDM Guest Login", "remarks": "rule_set_159" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_all_shadowed", + "value": "no_empty_passwords", "remarks": "rule_set_160" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify All Account Password Hashes are Shadowed", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_160" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_all_shadowed", + "value": "no_empty_passwords", "remarks": "rule_set_160" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Verify All Account Password Hashes are Shadowed", + "value": "Prevent Login to Accounts With Empty Password", "remarks": "rule_set_160" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_all_shadowed", "remarks": "rule_set_161" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Verify All Account Password Hashes are Shadowed", "remarks": "rule_set_161" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_libuserconf", + "value": "accounts_password_all_shadowed", "remarks": "rule_set_161" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/libuser.conf", + "value": "Verify All Account Password Hashes are Shadowed", "remarks": "rule_set_161" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "set_password_hashing_algorithm_libuserconf", "remarks": "rule_set_162" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Set Password Hashing Algorithm in /etc/libuser.conf", "remarks": "rule_set_162" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_logindefs", + "value": "set_password_hashing_algorithm_libuserconf", "remarks": "rule_set_162" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Hashing Algorithm in /etc/login.defs", + "value": "Set Password Hashing Algorithm in /etc/libuser.conf", "remarks": "rule_set_162" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_163" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_163" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "set_password_hashing_algorithm_systemauth", + "value": "set_password_hashing_algorithm_logindefs", "remarks": "rule_set_163" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set PAM Password Hashing Algorithm - system-auth", + "value": "Set Password Hashing Algorithm in /etc/login.defs", "remarks": "rule_set_163" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_164" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_164" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_deny", + "value": "set_password_hashing_algorithm_systemauth", "remarks": "rule_set_164" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Lock Accounts After Failed Password Attempts", + "value": "Set PAM Password Hashing Algorithm - system-auth", "remarks": "rule_set_164" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_165" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_165" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_passwords_pam_faillock_unlock_time", + "value": "accounts_passwords_pam_faillock_deny", "remarks": "rule_set_165" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Lockout Time for Failed Password Attempts", + "value": "Lock Accounts After Failed Password Attempts", "remarks": "rule_set_165" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "accounts_passwords_pam_faillock_unlock_time", "remarks": "rule_set_166" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_166" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_last_change_is_in_past", + "value": "accounts_passwords_pam_faillock_unlock_time", "remarks": "rule_set_166" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure all users last password change date is in the past", + "value": "Set Lockout Time for Failed Password Attempts", "remarks": "rule_set_166" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dcredit", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_167" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_167" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_dcredit", + "value": "accounts_password_last_change_is_in_past", "remarks": "rule_set_167" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", + "value": "Ensure all users last password change date is in the past", "remarks": "rule_set_167" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_lcredit", + "value": "accounts_password_pam_dcredit", "remarks": "rule_set_168" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", "remarks": "rule_set_168" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_lcredit", + "value": "accounts_password_pam_dcredit", "remarks": "rule_set_168" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", + "value": "Ensure PAM Enforces Password Requirements - Minimum Digit Characters", "remarks": "rule_set_168" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_lcredit", "remarks": "rule_set_169" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", "remarks": "rule_set_169" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_minlen", + "value": "accounts_password_pam_lcredit", "remarks": "rule_set_169" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Ensure PAM Enforces Password Requirements - Minimum Length", + "value": "Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters", "remarks": "rule_set_169" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_remember", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_170" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_170" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_unix_remember", + "value": "accounts_password_pam_minlen", "remarks": "rule_set_170" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse", + "value": "Ensure PAM Enforces Password Requirements - Minimum Length", "remarks": "rule_set_170" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_unix_remember", "remarks": "rule_set_171" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Limit Password Reuse", "remarks": "rule_set_171" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_password_auth", + "value": "accounts_password_pam_unix_remember", "remarks": "rule_set_171" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: password-auth", + "value": "Limit Password Reuse", "remarks": "rule_set_171" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_172" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_172" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_pam_pwhistory_remember_system_auth", + "value": "accounts_password_pam_pwhistory_remember_password_auth", "remarks": "rule_set_172" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Limit Password Reuse: system-auth", + "value": "Limit Password Reuse: password-auth", "remarks": "rule_set_172" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_173" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_173" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_maximum_age_login_defs", + "value": "accounts_password_pam_pwhistory_remember_system_auth", "remarks": "rule_set_173" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Maximum Age", + "value": "Limit Password Reuse: system-auth", "remarks": "rule_set_173" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_174" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Maximum Age", "remarks": "rule_set_174" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_max_life_existing", + "value": "accounts_maximum_age_login_defs", "remarks": "rule_set_174" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Maximum Age", + "value": "Set Password Maximum Age", "remarks": "rule_set_174" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_175" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_175" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_warn_age_login_defs", + "value": "accounts_password_set_max_life_existing", "remarks": "rule_set_175" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Password Warning Age", + "value": "Set Existing Passwords Maximum Age", "remarks": "rule_set_175" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_176" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set Password Warning Age", "remarks": "rule_set_176" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_password_set_warn_age_existing", + "value": "accounts_password_warn_age_login_defs", "remarks": "rule_set_176" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Existing Passwords Warning Age", + "value": "Set Password Warning Age", "remarks": "rule_set_176" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_177" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_177" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "accounts_tmout", + "value": "accounts_password_set_warn_age_existing", "remarks": "rule_set_177" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Set Interactive Session Timeout", + "value": "Set Existing Passwords Warning Age", "remarks": "rule_set_177" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_direct_root_logins", + "value": "accounts_tmout", "remarks": "rule_set_178" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Direct root Logins Not Allowed", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_178" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "no_direct_root_logins", + "value": "accounts_tmout", "remarks": "rule_set_178" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Direct root Logins Not Allowed", + "value": "Set Interactive Session Timeout", "remarks": "rule_set_178" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "securetty_root_login_console_only", + "value": "no_direct_root_logins", "remarks": "rule_set_179" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Virtual Console Root Logins", + "value": "Direct root Logins Not Allowed", "remarks": "rule_set_179" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "securetty_root_login_console_only", + "value": "no_direct_root_logins", "remarks": "rule_set_179" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Restrict Virtual Console Root Logins", + "value": "Direct root Logins Not Allowed", "remarks": "rule_set_179" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_suid_privilege_function", + "value": "securetty_root_login_console_only", "remarks": "rule_set_180" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events When Privileged Executables Are Run", + "value": "Restrict Virtual Console Root Logins", "remarks": "rule_set_180" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_suid_privilege_function", + "value": "securetty_root_login_console_only", "remarks": "rule_set_180" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Events When Privileged Executables Are Run", + "value": "Restrict Virtual Console Root Logins", "remarks": "rule_set_180" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "audit_rules_suid_privilege_function", "remarks": "rule_set_181" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Record Events When Privileged Executables Are Run", "remarks": "rule_set_181" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_faillock", + "value": "audit_rules_suid_privilege_function", "remarks": "rule_set_181" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - faillock", + "value": "Record Events When Privileged Executables Are Run", "remarks": "rule_set_181" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_lastlog", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_182" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - lastlog", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_182" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_lastlog", + "value": "audit_rules_login_events_faillock", "remarks": "rule_set_182" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - lastlog", + "value": "Record Attempts to Alter Logon and Logout Events - faillock", "remarks": "rule_set_182" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_tallylog", + "value": "audit_rules_login_events_lastlog", "remarks": "rule_set_183" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - tallylog", + "value": "Record Attempts to Alter Logon and Logout Events - lastlog", "remarks": "rule_set_183" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_login_events_tallylog", + "value": "audit_rules_login_events_lastlog", "remarks": "rule_set_183" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Logon and Logout Events - tallylog", + "value": "Record Attempts to Alter Logon and Logout Events - lastlog", "remarks": "rule_set_183" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_login_events_tallylog", "remarks": "rule_set_184" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Record Attempts to Alter Logon and Logout Events - tallylog", "remarks": "rule_set_184" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_utmp", + "value": "audit_rules_login_events_tallylog", "remarks": "rule_set_184" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information utmp", + "value": "Record Attempts to Alter Logon and Logout Events - tallylog", "remarks": "rule_set_184" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_185" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_185" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_btmp", + "value": "audit_rules_session_events_utmp", "remarks": "rule_set_185" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information btmp", + "value": "Record Attempts to Alter Process and Session Initiation Information utmp", "remarks": "rule_set_185" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_186" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_186" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "audit_rules_session_events_wtmp", + "value": "audit_rules_session_events_btmp", "remarks": "rule_set_186" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "value": "Record Attempts to Alter Process and Session Initiation Information btmp", "remarks": "rule_set_186" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "audit_rules_session_events_wtmp", + "remarks": "rule_set_187" + }, + { + "name": "Rule_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "remarks": "rule_set_187" + }, + { + "name": "Check_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "audit_rules_session_events_wtmp", + "remarks": "rule_set_187" + }, + { + "name": "Check_Description", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "Record Attempts to Alter Process and Session Initiation Information wtmp", + "remarks": "rule_set_187" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_sudo_log_events", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to perform maintenance activities", - "remarks": "rule_set_187" + "remarks": "rule_set_188" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "display_login_attempts", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Displays Last Logon/Access Notification", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "display_login_attempts", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure PAM Displays Last Logon/Access Notification", - "remarks": "rule_set_188" + "remarks": "rule_set_189" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_group", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/group", - "remarks": "rule_set_189" + "remarks": "rule_set_190" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_gshadow", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/gshadow", - "remarks": "rule_set_190" + "remarks": "rule_set_191" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_opasswd", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/security/opasswd", - "remarks": "rule_set_191" + "remarks": "rule_set_192" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_passwd", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/passwd", - "remarks": "rule_set_192" + "remarks": "rule_set_193" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_usergroup_modification_shadow", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify User/Group Information - /etc/shadow", - "remarks": "rule_set_193" + "remarks": "rule_set_194" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_sysadmin_actions", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects System Administrator Actions", - "remarks": "rule_set_194" + "remarks": "rule_set_195" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rename", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rename", - "remarks": "rule_set_195" + "remarks": "rule_set_196" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat", - "remarks": "rule_set_196" + "remarks": "rule_set_197" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_renameat2", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - renameat2", - "remarks": "rule_set_197" + "remarks": "rule_set_198" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_rmdir", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - rmdir", - "remarks": "rule_set_198" + "remarks": "rule_set_199" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlink", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlink", - "remarks": "rule_set_199" + "remarks": "rule_set_200" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_file_deletion_events_unlinkat", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects File Deletion Events by User - unlinkat", - "remarks": "rule_set_200" + "remarks": "rule_set_201" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_media_export", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure auditd Collects Information on Exporting to Media (successful)", - "remarks": "rule_set_201" + "remarks": "rule_set_202" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audit_installed", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure the audit Subsystem is Installed", - "remarks": "rule_set_202" + "remarks": "rule_set_203" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "service_auditd_enabled", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable auditd Service", - "remarks": "rule_set_203" + "remarks": "rule_set_204" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_name_format", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Set type of computer node name logging in audit logs", - "remarks": "rule_set_204" + "remarks": "rule_set_205" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_access_var_log_audit", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Access Events to Audit Log Directory", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "directory_access_var_log_audit", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Access Events to Audit Log Directory", - "remarks": "rule_set_205" + "remarks": "rule_set_206" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_var_log_audit", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_permissions_var_log_audit", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Have Mode 0640 or Less Permissive", - "remarks": "rule_set_206" + "remarks": "rule_set_207" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_permissions", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure System Log Files Have Correct Permissions", - "remarks": "rule_set_207" + "remarks": "rule_set_208" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_group_ownership_var_log_audit", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Group Owned By Root", - "remarks": "rule_set_208" + "remarks": "rule_set_209" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_var_log_audit", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "file_ownership_var_log_audit", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "System Audit Logs Must Be Owned By Root", - "remarks": "rule_set_209" + "remarks": "rule_set_210" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_ownership", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate User", - "remarks": "rule_set_210" + "remarks": "rule_set_211" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rsyslog_files_groupownership", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure Log Files Are Owned By Appropriate Group", - "remarks": "rule_set_211" + "remarks": "rule_set_212" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_immutable", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Make the auditd Configuration Immutable", - "remarks": "rule_set_212" + "remarks": "rule_set_213" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_audispd_syslog_plugin_activated", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd to use audispd's syslog plugin", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_audispd_syslog_plugin_activated", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd to use audispd's syslog plugin", - "remarks": "rule_set_213" + "remarks": "rule_set_214" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audispd-plugins_installed", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install audispd-plugins Package", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_audispd-plugins_installed", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install audispd-plugins Package", - "remarks": "rule_set_214" + "remarks": "rule_set_215" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chmod", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chmod", - "remarks": "rule_set_215" + "remarks": "rule_set_216" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_chown", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - chown", - "remarks": "rule_set_216" + "remarks": "rule_set_217" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmod", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmod", - "remarks": "rule_set_217" + "remarks": "rule_set_218" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat", - "remarks": "rule_set_218" + "remarks": "rule_set_219" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchmodat2", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchmodat2", - "remarks": "rule_set_219" + "remarks": "rule_set_220" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchown", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchown", - "remarks": "rule_set_220" + "remarks": "rule_set_221" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fchownat", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fchownat", - "remarks": "rule_set_221" + "remarks": "rule_set_222" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fremovexattr", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fremovexattr", - "remarks": "rule_set_222" + "remarks": "rule_set_223" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_fsetxattr", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - fsetxattr", - "remarks": "rule_set_223" + "remarks": "rule_set_224" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lremovexattr", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lremovexattr", - "remarks": "rule_set_224" + "remarks": "rule_set_225" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lchown", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lchown", - "remarks": "rule_set_225" + "remarks": "rule_set_226" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_lsetxattr", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - lsetxattr", - "remarks": "rule_set_226" + "remarks": "rule_set_227" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_removexattr", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - removexattr", - "remarks": "rule_set_227" + "remarks": "rule_set_228" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_dac_modification_setxattr", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Discretionary Access Controls - setxattr", - "remarks": "rule_set_228" + "remarks": "rule_set_229" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_networkconfig_modification", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Network Environment", - "remarks": "rule_set_229" + "remarks": "rule_set_230" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_mac_modification_etc_selinux", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Events that Modify the System's Mandatory Access Controls (/etc/selinux)", - "remarks": "rule_set_230" + "remarks": "rule_set_231" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_admin_space_left_action", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd admin_space_left Action on Low Disk Space", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_admin_space_left_action", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd admin_space_left Action on Low Disk Space", - "remarks": "rule_set_231" + "remarks": "rule_set_232" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left on Low Disk Space", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left on Low Disk Space", - "remarks": "rule_set_232" + "remarks": "rule_set_233" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left_action", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left Action on Low Disk Space", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "auditd_data_retention_space_left_action", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure auditd space_left Action on Low Disk Space", - "remarks": "rule_set_233" + "remarks": "rule_set_234" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_logrotate_installed", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure logrotate is Installed", - "remarks": "rule_set_234" + "remarks": "rule_set_235" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "timer_logrotate_enabled", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable logrotate Timer", - "remarks": "rule_set_235" + "remarks": "rule_set_236" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_chrony_installed", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "The Chrony package is installed", - "remarks": "rule_set_236" + "remarks": "rule_set_237" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_specify_remote_server", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "A remote time server for Chrony is configured", - "remarks": "rule_set_237" + "remarks": "rule_set_238" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_watch_localtime", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter the localtime File", - "remarks": "rule_set_238" + "remarks": "rule_set_239" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_settimeofday", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through settimeofday", - "remarks": "rule_set_239" + "remarks": "rule_set_240" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_clock_settime", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through clock_settime", - "remarks": "rule_set_240" + "remarks": "rule_set_241" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_stime", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record Attempts to Alter Time Through stime", - "remarks": "rule_set_241" + "remarks": "rule_set_242" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "audit_rules_time_adjtimex", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Record attempts to alter time through adjtimex", - "remarks": "rule_set_242" + "remarks": "rule_set_243" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_run_as_chrony_user", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that chronyd is running under chrony user account", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "chronyd_run_as_chrony_user", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Ensure that chronyd is running under chrony user account", - "remarks": "rule_set_243" + "remarks": "rule_set_244" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_argument", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_argument", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", - "remarks": "rule_set_244" + "remarks": "rule_set_245" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_backlog_limit_argument", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Extend Audit Backlog Limit for the Audit Daemon", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "grub2_audit_backlog_limit_argument", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Extend Audit Backlog Limit for the Audit Daemon", - "remarks": "rule_set_245" + "remarks": "rule_set_246" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_build_database", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Build and Test AIDE Database", - "remarks": "rule_set_246" + "remarks": "rule_set_247" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_periodic_cron_checking", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Periodic Execution of AIDE", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "aide_periodic_cron_checking", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Configure Periodic Execution of AIDE", - "remarks": "rule_set_247" + "remarks": "rule_set_248" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "package_aide_installed", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Install AIDE", - "remarks": "rule_set_248" + "remarks": "rule_set_249" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rpm_verify_hashes", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify File Hashes with RPM", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rpm_verify_hashes", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify File Hashes with RPM", - "remarks": "rule_set_249" + "remarks": "rule_set_250" }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rpm_verify_ownership", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Rule_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify and Correct Ownership with RPM", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Check_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "rpm_verify_ownership", - "remarks": "rule_set_250" + "remarks": "rule_set_251" }, { "name": "Check_Description", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "Verify and Correct Ownership with RPM", - "remarks": "rule_set_250" + "remarks": "rule_set_251" } ], "control-implementations": [ { - "uuid": "459f6aef-0ccf-418a-974b-670eb559af24", + "uuid": "36c19a9f-7b67-4566-ab64-6b3bfe2da2c3", "source": "trestle://profiles/rhel10-pcidss_4-base/profile.json", "description": "Control implementation for pci-dss", "props": [ @@ -15035,7 +15076,7 @@ ], "implemented-requirements": [ { - "uuid": "4d63c1cc-53df-4262-85c5-8a3a6c0a397e", + "uuid": "6df5b31f-6e56-422c-90b5-91a01e5696bf", "control-id": "pcidss_4_1-1.1", "description": "The description for control-id pcidss_4_1-1.1.", "props": [ @@ -15048,7 +15089,7 @@ ] }, { - "uuid": "eed1b03e-5a2a-448e-83d2-54403bb2c882", + "uuid": "bbcaa792-8cd4-4141-a451-be651f644aa9", "control-id": "pcidss_4_1-1.2", "description": "The description for control-id pcidss_4_1-1.2.", "props": [ @@ -15061,7 +15102,7 @@ ] }, { - "uuid": "a1972efa-d683-4d01-b30d-4bc601ecfee4", + "uuid": "13bc2c89-3c13-462f-a65d-db09eb8f77a4", "control-id": "pcidss_4_1-2.1", "description": "Examples of NSCs covered by these configuration standards include, but are not limited to,\nfirewalls, routers configured with access control lists, and cloud virtual networks. The\nobjective of this requirement is to ensure the way that NSCs are configured and operate\nare defined and consistently applied. While the tooling and standards can be automated,\nthe review of allowed accesses should be manual as different sites may have different\npolicies.", "props": [ @@ -15093,7 +15134,7 @@ ] }, { - "uuid": "042f78b4-d071-4dc0-9b2a-fa27e1121613", + "uuid": "c2243cae-a0c6-4457-ac9c-6fbdbc2d9403", "control-id": "pcidss_4_1-2.2", "description": "The description for control-id pcidss_4_1-2.2.", "props": [ @@ -15106,7 +15147,7 @@ ] }, { - "uuid": "4e311480-1804-4088-a7d2-a506d572ab36", + "uuid": "8b2b758f-4158-49b5-8757-97123634cd51", "control-id": "pcidss_4_1-2.3", "description": "The description for control-id pcidss_4_1-2.3.", "props": [ @@ -15119,7 +15160,7 @@ ] }, { - "uuid": "1a131487-617f-4ce9-ab91-2775c55dbff9", + "uuid": "169f6228-a0e0-43e4-b8a6-79e89ec25318", "control-id": "pcidss_4_1-2.4", "description": "The description for control-id pcidss_4_1-2.4.", "props": [ @@ -15132,7 +15173,7 @@ ] }, { - "uuid": "48c80ac2-1a77-4401-9191-02740d5419f9", + "uuid": "b82df07f-fb30-495b-9dec-3a1530851005", "control-id": "pcidss_4_1-2.5", "description": "The description for control-id pcidss_4_1-2.5.", "props": [ @@ -15145,7 +15186,7 @@ ] }, { - "uuid": "c20cb4d3-d9c8-4eff-979b-af55cfd0aa09", + "uuid": "bb5611fa-db7e-4b6d-9d99-bfedb69bcd38", "control-id": "pcidss_4_1-2.6", "description": "The specific risks associated with the use of insecure services, protocols, and ports are\nunderstood, assessed, and appropriately mitigated. The selected rules here basically\nremove services without encryption and restricted some common services.", "props": [ @@ -15182,7 +15223,7 @@ ] }, { - "uuid": "c5804fa5-8e18-427c-b1bc-bf23c5fb834a", + "uuid": "12875268-b7c9-4a79-9675-c647d0e5adba", "control-id": "pcidss_4_1-2.7", "description": "The description for control-id pcidss_4_1-2.7.", "props": [ @@ -15195,7 +15236,7 @@ ] }, { - "uuid": "40d34a35-d91d-4afd-9bac-67c575138809", + "uuid": "4ae0966c-3477-4aa8-86c2-f472e3d83cc3", "control-id": "pcidss_4_1-2.8", "description": "No notes for control-id 1.2.8.", "props": [ @@ -15227,7 +15268,7 @@ ] }, { - "uuid": "890e25f6-0548-45e1-aabd-8191ace0f996", + "uuid": "ec7827ec-bf12-446c-9ede-a3a99e545c1a", "control-id": "pcidss_4_1-3.1", "description": "No notes for control-id 1.3.1.", "props": [ @@ -15249,7 +15290,7 @@ ] }, { - "uuid": "32da13c1-2131-404b-8a11-2738455f6144", + "uuid": "053c4bf6-1f3d-48ca-bee3-ca8c43ad8189", "control-id": "pcidss_4_1-3.2", "description": "The description for control-id pcidss_4_1-3.2.", "props": [ @@ -15262,7 +15303,7 @@ ] }, { - "uuid": "b2245280-f65f-46a9-a264-deeb6ab276bf", + "uuid": "9159ab4a-210a-4f56-bc79-ae765d973c57", "control-id": "pcidss_4_1-3.3", "description": "Wireless interfaces are not expected in servers so they are disabled by default in this\npolicy.", "props": [ @@ -15279,7 +15320,7 @@ ] }, { - "uuid": "006ca478-5fe1-4187-9d85-312b884c9403", + "uuid": "c325d909-2f0e-42fc-b040-d64d28c23d44", "control-id": "pcidss_4_1-4.1", "description": "Trusted and untrusted networks are expected to be different for each environment.\nBut loopback traffic is assumed to be trusted and even necessary for some services.\nThis requirement is complements 1.2.1 and 1.3.1 requirements.", "props": [ @@ -15301,7 +15342,7 @@ ] }, { - "uuid": "c61e9a24-aca8-4fa8-b63a-1f7bdb4d1b87", + "uuid": "431a4d5f-f930-4062-b652-6881653af3f1", "control-id": "pcidss_4_1-4.2", "description": "Probably missing some relevant IPv6 related rules. Needs to be investigated.", "props": [ @@ -15338,7 +15379,7 @@ ] }, { - "uuid": "03275e76-a937-4206-bfd6-9c72e850dee4", + "uuid": "30158866-8b11-4a38-af54-89d27cac4250", "control-id": "pcidss_4_1-4.3", "description": "Probably missing some relevant IPv6 related rules. Needs to be investigated.", "props": [ @@ -15375,7 +15416,7 @@ ] }, { - "uuid": "e8c85ba4-19b9-4ef1-a5fa-ac36a5be5351", + "uuid": "4bb720e3-9b17-4d7a-8005-43647d3bec97", "control-id": "pcidss_4_1-4.4", "description": "The description for control-id pcidss_4_1-4.4.", "props": [ @@ -15388,7 +15429,7 @@ ] }, { - "uuid": "2ab5d103-7894-4037-9cc3-5958b87ccd43", + "uuid": "dc975e76-df03-4dcd-a7a1-20eae4498d85", "control-id": "pcidss_4_1-4.5", "description": "No notes for control-id 1.4.5.", "props": [ @@ -15415,7 +15456,7 @@ ] }, { - "uuid": "f2dd89ff-fbc0-4893-9fb5-6a40b6719528", + "uuid": "773661da-701d-491c-95b5-2389c13c8c9e", "control-id": "pcidss_4_1-5.1", "description": "To ensure this requirement, a manual analysis of site policy and topology is inevitable.\nFrom the technical perspective, previous requirements should already cover this\nrequirement at some level.", "props": [ @@ -15427,7 +15468,7 @@ ] }, { - "uuid": "abaaaa88-e0bc-4b2d-82a9-946b2a7bc195", + "uuid": "f3d00b12-e668-4338-b1c8-19295b7a4f98", "control-id": "pcidss_4_2-1.1", "description": "The description for control-id pcidss_4_2-1.1.", "props": [ @@ -15440,7 +15481,7 @@ ] }, { - "uuid": "13eebde4-c8c0-411f-a8e6-c7cfdb19434d", + "uuid": "d2644fc7-e191-4f22-bed7-9683ecc97765", "control-id": "pcidss_4_2-1.2", "description": "The description for control-id pcidss_4_2-1.2.", "props": [ @@ -15453,7 +15494,7 @@ ] }, { - "uuid": "45af2d2a-470d-4594-b74d-167251b3754a", + "uuid": "eaffc10c-0bd9-4aaf-b3fa-ea97311523b7", "control-id": "pcidss_4_2-2.1", "description": "Interestingly this requirement recommends other standards, such as Center for Internet\nSecurity (CIS), International Organization for Standardization (ISO), National Institute\nof Standards and Technology (NIST), Cloud Security Alliance, and product vendors. So, the\nrules included here are very generic in terms of hardening.", "props": [ @@ -15470,7 +15511,7 @@ ] }, { - "uuid": "1e83ec34-1121-432e-a2cd-af94a702cb4b", + "uuid": "c3f2770a-ed6d-4ec7-bbcd-f21645f72628", "control-id": "pcidss_4_2-2.2", "description": "Also related to requirement 8.2.6 and 8.3.5.", "props": [ @@ -15492,7 +15533,7 @@ ] }, { - "uuid": "924924c4-f93c-4dfe-a5d6-27d95407fc70", + "uuid": "002f9fd3-4172-4cb7-9723-32e7c488cd43", "control-id": "pcidss_4_2-2.3", "description": "The description for control-id pcidss_4_2-2.3.", "props": [ @@ -15505,7 +15546,7 @@ ] }, { - "uuid": "c7818319-ea87-4c6b-bd81-9f9e8b4d27f4", + "uuid": "8c06ec7a-2f5a-48cd-8db7-8a40561ad409", "control-id": "pcidss_4_2-2.4", "description": "No notes for control-id 2.2.4.", "props": [ @@ -15562,7 +15603,7 @@ ] }, { - "uuid": "a937f9cd-f9a5-47ca-8dd9-163c11d710e2", + "uuid": "91e0d21a-1c09-4ee7-bc7f-26be5e76683b", "control-id": "pcidss_4_2-2.5", "description": "The description for control-id pcidss_4_2-2.5.", "props": [ @@ -15575,7 +15616,7 @@ ] }, { - "uuid": "ec61d4f2-3184-4461-b017-083f57e06353", + "uuid": "f725a7d5-f8f4-48a4-9e35-6cb6aa91090d", "control-id": "pcidss_4_2-2.6", "description": "This requirement is not specific but also points to 2.2.1, where other policies are\nreferenced. Therefore, the most common rules related to system configuration in order to\nprevent misuse and selected in main profiles are also selected here.", "props": [ @@ -15977,7 +16018,7 @@ ] }, { - "uuid": "0852780d-6210-41f2-8ec5-b30d7ee5ecd9", + "uuid": "7d365dab-bde3-4d88-8535-c770e051fce9", "control-id": "pcidss_4_2-2.7", "description": "Related to requirement 12.3.3.", "props": [ @@ -15999,7 +16040,7 @@ ] }, { - "uuid": "09a753f0-7625-441f-943d-06901c12ae5d", + "uuid": "5027aa00-e5d8-4ec5-bc8d-c7b10fdbdc0c", "control-id": "pcidss_4_2-3.1", "description": "Wireless interfaces are disabled by 1.3.3.", "props": [ @@ -16011,7 +16052,7 @@ ] }, { - "uuid": "b14f42d2-8a7f-4458-bf36-020474143292", + "uuid": "14859664-773a-4db0-92f4-abd3ed9bec83", "control-id": "pcidss_4_2-3.2", "description": "Wireless interfaces are disabled by 1.3.3.", "props": [ @@ -16023,7 +16064,7 @@ ] }, { - "uuid": "480f88db-2a20-4664-b334-ccf616e44d5a", + "uuid": "00fa6700-fc95-40bf-899d-3e1ae07414fd", "control-id": "pcidss_4_3-1.1", "description": "The description for control-id pcidss_4_3-1.1.", "props": [ @@ -16036,7 +16077,7 @@ ] }, { - "uuid": "11f85606-4c63-44a9-8dbf-45edde43bd49", + "uuid": "cb8c068c-79b2-4d0f-af8d-b8f58654c20b", "control-id": "pcidss_4_3-1.2", "description": "The description for control-id pcidss_4_3-1.2.", "props": [ @@ -16049,7 +16090,7 @@ ] }, { - "uuid": "70a16ec9-c53d-41d1-b348-d4ba35997acc", + "uuid": "f78f20ce-c6a2-497a-a1d2-de2742f89b22", "control-id": "pcidss_4_3-2.1", "description": "The description for control-id pcidss_4_3-2.1.", "props": [ @@ -16062,7 +16103,7 @@ ] }, { - "uuid": "7171b4ef-4751-4180-997f-c7265a15b3f1", + "uuid": "c77a2995-71a7-458b-aa4f-679e8c3a6801", "control-id": "pcidss_4_3-3.1.1", "description": "This requirement consists in auditing files, databases and memory to make sure the full\ncontent of any track is not unnecessarily stored. It involves manual auditing but some\nautomated rules fit this requirement in order to reduce the chances if this data be\nunintentionally stored in memory.", "props": [ @@ -16104,7 +16145,7 @@ ] }, { - "uuid": "7122d9df-bb2f-46fe-b8be-204bfd4c7aa5", + "uuid": "9d88a3a4-4e8a-4317-a978-4329b696eb4f", "control-id": "pcidss_4_3-3.1.2", "description": "Same rules already selected in 3.3.1.1 are valid here, but they are not repeated.", "props": [ @@ -16116,7 +16157,7 @@ ] }, { - "uuid": "7fcd4022-0665-4d6f-b1b4-b6c8b0d739a8", + "uuid": "37de0dc9-1050-4bfd-b494-5f138aba9439", "control-id": "pcidss_4_3-3.1.3", "description": "Same rules already selected in 3.3.1.1 are valid here, but they are not repeated.", "props": [ @@ -16128,7 +16169,7 @@ ] }, { - "uuid": "0487e23e-de55-41e2-8739-ffe7be86dd83", + "uuid": "47766304-8817-4f15-9cbf-42485160c427", "control-id": "pcidss_4_3-3.2", "description": "The description for control-id pcidss_4_3-3.2.", "props": [ @@ -16141,7 +16182,7 @@ ] }, { - "uuid": "3dc3d429-aa00-4b51-b4f1-297d03cf919a", + "uuid": "21bd6a02-b227-41f4-9997-b61504547eab", "control-id": "pcidss_4_3-3.3", "description": "The description for control-id pcidss_4_3-3.3.", "props": [ @@ -16154,7 +16195,7 @@ ] }, { - "uuid": "0eaf95c4-93d4-406e-9310-896ff6746290", + "uuid": "63d3edee-abfa-4e5d-8c17-495f4faa6919", "control-id": "pcidss_4_3-4.1", "description": "The description for control-id pcidss_4_3-4.1.", "props": [ @@ -16167,7 +16208,7 @@ ] }, { - "uuid": "34d7b244-f3db-4396-8b65-e8da018424b5", + "uuid": "58b2e52d-d14e-4406-8116-d7e746d22eb0", "control-id": "pcidss_4_3-4.2", "description": "There are technical rules to disable removable storage devices. However, this requirement\nstill demand some manual auditing in documentation and eventual exceptions.", "props": [ @@ -16194,7 +16235,7 @@ ] }, { - "uuid": "a6df459d-3f64-4789-8468-80e553f0336f", + "uuid": "2ceb5da2-0156-4d2f-a3e5-19f6df5124d9", "control-id": "pcidss_4_3-5.1.1", "description": "The description for control-id pcidss_4_3-5.1.1.", "props": [ @@ -16207,7 +16248,7 @@ ] }, { - "uuid": "e5b8277a-b65f-4a18-b379-1e7c515bfc1b", + "uuid": "b739f9e9-24b3-4eb5-ae41-830e5518a775", "control-id": "pcidss_4_3-5.1.2", "description": "No notes for control-id 3.5.1.2.", "props": [ @@ -16224,7 +16265,7 @@ ] }, { - "uuid": "8c07b9a6-5784-4e7e-b3e3-153d64e2efce", + "uuid": "e19587f4-4e3d-4030-b59a-83b1a4fcd72f", "control-id": "pcidss_4_3-5.1.3", "description": "The description for control-id pcidss_4_3-5.1.3.", "props": [ @@ -16237,7 +16278,7 @@ ] }, { - "uuid": "e349beed-1459-4502-b4fc-9c1169e37050", + "uuid": "9fec4c59-df30-4700-8458-63218a75f77b", "control-id": "pcidss_4_3-6.1.1", "description": "The description for control-id pcidss_4_3-6.1.1.", "props": [ @@ -16250,7 +16291,7 @@ ] }, { - "uuid": "38ddf5e3-97ae-4248-b36f-1aa5cec56938", + "uuid": "be3a5023-c59c-40e0-af22-5da5124e1105", "control-id": "pcidss_4_3-6.1.2", "description": "The description for control-id pcidss_4_3-6.1.2.", "props": [ @@ -16263,7 +16304,7 @@ ] }, { - "uuid": "c9f6e55b-c78f-4f03-8abf-5bde9d96ecbb", + "uuid": "2cb00efd-d030-4137-a233-1e884262c6b2", "control-id": "pcidss_4_3-6.1.3", "description": "The description for control-id pcidss_4_3-6.1.3.", "props": [ @@ -16276,7 +16317,7 @@ ] }, { - "uuid": "8f1960de-9d26-4afd-aa6f-137c3c6ed196", + "uuid": "722c0ae0-7b9c-45cd-a398-c44c71b53baf", "control-id": "pcidss_4_3-6.1.4", "description": "The description for control-id pcidss_4_3-6.1.4.", "props": [ @@ -16289,7 +16330,7 @@ ] }, { - "uuid": "00ae37fb-78df-4ec4-8a3d-1903caa4676f", + "uuid": "f78e9b20-f421-4239-afc1-378a1157a6a6", "control-id": "pcidss_4_3-7.1", "description": "The description for control-id pcidss_4_3-7.1.", "props": [ @@ -16302,7 +16343,7 @@ ] }, { - "uuid": "afe68188-4884-49b5-a98c-19a73786449c", + "uuid": "9a88fda7-8fc7-466d-b8d3-cafc7510c5cc", "control-id": "pcidss_4_3-7.2", "description": "The description for control-id pcidss_4_3-7.2.", "props": [ @@ -16315,7 +16356,7 @@ ] }, { - "uuid": "ac4c77a7-aba0-463e-bfc7-e877ff432f93", + "uuid": "446a44b7-eb4d-4cd3-b51c-2a7e18047561", "control-id": "pcidss_4_3-7.3", "description": "The description for control-id pcidss_4_3-7.3.", "props": [ @@ -16328,7 +16369,7 @@ ] }, { - "uuid": "4f8630c8-f260-42a5-8387-a2e9123d2a3d", + "uuid": "2a4f46a1-4ee2-422e-987b-228845214604", "control-id": "pcidss_4_3-7.4", "description": "The description for control-id pcidss_4_3-7.4.", "props": [ @@ -16341,7 +16382,7 @@ ] }, { - "uuid": "9a0a1492-13b1-49c3-81ef-74ad85d6b2a1", + "uuid": "41bed6ef-de2c-44c7-8bc7-6eea512b63f6", "control-id": "pcidss_4_3-7.5", "description": "The description for control-id pcidss_4_3-7.5.", "props": [ @@ -16354,7 +16395,7 @@ ] }, { - "uuid": "b62f8b9b-43f8-4ebf-9e85-cca56fced53e", + "uuid": "f773f504-a136-442e-8363-54a16d79f218", "control-id": "pcidss_4_3-7.6", "description": "The description for control-id pcidss_4_3-7.6.", "props": [ @@ -16367,7 +16408,7 @@ ] }, { - "uuid": "395b3e80-3469-44a5-b593-3b6695e39ccb", + "uuid": "925a9d52-ca13-4dd1-9eef-1c02f2071e36", "control-id": "pcidss_4_3-7.7", "description": "The description for control-id pcidss_4_3-7.7.", "props": [ @@ -16380,7 +16421,7 @@ ] }, { - "uuid": "54fd622f-dab5-4eb1-9f8c-56a3a761e85a", + "uuid": "fa746d8b-1f20-4d00-b2ac-89936b9c1fa0", "control-id": "pcidss_4_3-7.8", "description": "The description for control-id pcidss_4_3-7.8.", "props": [ @@ -16393,7 +16434,7 @@ ] }, { - "uuid": "35f9a72e-3b76-4fe3-9af1-10b8455aeaba", + "uuid": "aa006234-1e47-440a-8db6-4c763ef7b29c", "control-id": "pcidss_4_3-7.9", "description": "The description for control-id pcidss_4_3-7.9.", "props": [ @@ -16406,7 +16447,7 @@ ] }, { - "uuid": "d59ed04d-d809-4ab4-a852-1c02b632cc48", + "uuid": "55e2ab03-e769-4447-9059-27fa67561f1b", "control-id": "pcidss_4_4-1.1", "description": "The description for control-id pcidss_4_4-1.1.", "props": [ @@ -16419,7 +16460,7 @@ ] }, { - "uuid": "af0ab4d7-e17f-458b-a5d8-52ccc984210c", + "uuid": "43dd52af-b6a1-4eb2-837a-bd57c8805447", "control-id": "pcidss_4_4-1.2", "description": "The description for control-id pcidss_4_4-1.2.", "props": [ @@ -16432,7 +16473,7 @@ ] }, { - "uuid": "1592da00-ad76-4358-8bd9-db8666ce28e5", + "uuid": "2dd7364f-76ea-448b-b467-b1070cbf140a", "control-id": "pcidss_4_4-2.1.1", "description": "The description for control-id pcidss_4_4-2.1.1.", "props": [ @@ -16445,7 +16486,7 @@ ] }, { - "uuid": "ae009867-91f3-49ac-942a-ca506cce8257", + "uuid": "9cbc0c91-5e76-4fd1-860d-39bf41f4902f", "control-id": "pcidss_4_4-2.1.2", "description": "The description for control-id pcidss_4_4-2.1.2.", "props": [ @@ -16458,7 +16499,7 @@ ] }, { - "uuid": "198fe4df-dc66-46b9-b95b-19574caf7072", + "uuid": "7b01212f-defa-4cc5-98d9-afebd418ca31", "control-id": "pcidss_4_4-2.2", "description": "The description for control-id pcidss_4_4-2.2.", "props": [ @@ -16471,7 +16512,7 @@ ] }, { - "uuid": "4df46ace-69a4-4316-bf2f-3b31423fb837", + "uuid": "d4fc4337-1e69-4983-8ab7-dd18dfd84667", "control-id": "pcidss_4_5-1.1", "description": "The description for control-id pcidss_4_5-1.1.", "props": [ @@ -16484,7 +16525,7 @@ ] }, { - "uuid": "6a803c1f-44b0-4261-b3bf-3ff4a4d02a06", + "uuid": "af24f75a-b627-485a-9948-056d934105ef", "control-id": "pcidss_4_5-1.2", "description": "The description for control-id pcidss_4_5-1.2.", "props": [ @@ -16497,7 +16538,7 @@ ] }, { - "uuid": "2d3265b6-31ca-48f6-8951-9907d340660c", + "uuid": "ca9ad5c9-e3e1-4688-b60f-35ebda83861c", "control-id": "pcidss_4_5-2.1", "description": "There are many options of anti-malware and the criteria for any adopted solution or\napproach relies on each site policy. Technologies are supported but manual assessment is\nrequired.", "props": [ @@ -16509,7 +16550,7 @@ ] }, { - "uuid": "8fec617c-fd39-4bb2-a080-0aef627c0887", + "uuid": "32524bea-c726-4f43-82cf-6b6a13e05f3b", "control-id": "pcidss_4_5-2.2", "description": "The description for control-id pcidss_4_5-2.2.", "props": [ @@ -16522,7 +16563,7 @@ ] }, { - "uuid": "53209025-bc97-4755-97c0-e6d9f9d338e1", + "uuid": "9fc64eef-8e8f-4e70-a68a-3eb911a037e6", "control-id": "pcidss_4_5-2.3.1", "description": "The description for control-id pcidss_4_5-2.3.1.", "props": [ @@ -16535,7 +16576,7 @@ ] }, { - "uuid": "da3ce805-9c5f-4a09-a17a-905d20514c77", + "uuid": "c6698a14-1599-4b46-8ab9-05a2e94428f2", "control-id": "pcidss_4_5-3.1", "description": "The description for control-id pcidss_4_5-3.1.", "props": [ @@ -16548,7 +16589,7 @@ ] }, { - "uuid": "b805696d-f1d7-491a-9998-19c3483b1baa", + "uuid": "7e5cb81f-308b-495e-9c59-d267176c622c", "control-id": "pcidss_4_5-3.2.1", "description": "The description for control-id pcidss_4_5-3.2.1.", "props": [ @@ -16561,7 +16602,7 @@ ] }, { - "uuid": "55daccfd-8b1d-427b-9710-d2889b19caad", + "uuid": "a1bf7463-a885-41b7-be21-32d04154d344", "control-id": "pcidss_4_5-3.3", "description": "The description for control-id pcidss_4_5-3.3.", "props": [ @@ -16574,7 +16615,7 @@ ] }, { - "uuid": "d053839b-8b82-46f4-a1f3-3e0e5b527b4e", + "uuid": "915926ab-4e56-46cf-8916-5c36d98acbfa", "control-id": "pcidss_4_5-3.4", "description": "The description for control-id pcidss_4_5-3.4.", "props": [ @@ -16587,7 +16628,7 @@ ] }, { - "uuid": "f3074520-158b-44d2-9c8e-dafc7baf1866", + "uuid": "c702e287-1124-47e7-b12d-f22fd8bd6d40", "control-id": "pcidss_4_5-3.5", "description": "The description for control-id pcidss_4_5-3.5.", "props": [ @@ -16600,7 +16641,7 @@ ] }, { - "uuid": "ccdd8066-fc19-4982-8ef5-0b2ac281702e", + "uuid": "9d669776-c0d7-4ec7-899a-e49898bbd843", "control-id": "pcidss_4_5-4.1", "description": "The description for control-id pcidss_4_5-4.1.", "props": [ @@ -16613,7 +16654,7 @@ ] }, { - "uuid": "ecfb0444-91a9-4983-8823-f665ea5dc763", + "uuid": "1d7f8873-cb35-4f18-bfc0-6282153ec228", "control-id": "pcidss_4_6-1.1", "description": "The description for control-id pcidss_4_6-1.1.", "props": [ @@ -16626,7 +16667,7 @@ ] }, { - "uuid": "09a909a6-9780-49aa-bd09-4eeb94fc77ac", + "uuid": "422d9aa7-b0a1-441a-8871-80c230179a43", "control-id": "pcidss_4_6-1.2", "description": "The description for control-id pcidss_4_6-1.2.", "props": [ @@ -16639,7 +16680,7 @@ ] }, { - "uuid": "2a88109a-980e-421c-a18b-e6fd4fbdce51", + "uuid": "96593e8a-ccf3-4785-8f34-95a07fa3fd6e", "control-id": "pcidss_4_6-2.1", "description": "The description for control-id pcidss_4_6-2.1.", "props": [ @@ -16652,7 +16693,7 @@ ] }, { - "uuid": "6f8d6cc5-c0aa-4aba-bfff-a71fe5693fd9", + "uuid": "53b8ba7b-1b1e-4601-b603-88ef8744f914", "control-id": "pcidss_4_6-2.2", "description": "The description for control-id pcidss_4_6-2.2.", "props": [ @@ -16665,7 +16706,7 @@ ] }, { - "uuid": "b89fae01-0a95-45bb-8e75-8f744c4cddee", + "uuid": "49203f27-58f7-4d97-a331-d77922edbd93", "control-id": "pcidss_4_6-2.3.1", "description": "The description for control-id pcidss_4_6-2.3.1.", "props": [ @@ -16678,7 +16719,7 @@ ] }, { - "uuid": "04187f38-0159-44c5-88ed-ba4feeaf9a10", + "uuid": "a2766dbc-260a-4f48-a5d0-aeb82cee5265", "control-id": "pcidss_4_6-2.4", "description": "The description for control-id pcidss_4_6-2.4.", "props": [ @@ -16691,7 +16732,7 @@ ] }, { - "uuid": "5afabb5b-a0a7-4650-94df-7640c4ed9fe9", + "uuid": "4d2747fe-7b36-4ab3-b943-9b39a53ad59a", "control-id": "pcidss_4_6-3.1", "description": "The description for control-id pcidss_4_6-3.1.", "props": [ @@ -16704,7 +16745,7 @@ ] }, { - "uuid": "605758f3-bff5-4688-b105-6a97469becb2", + "uuid": "eb07b638-094e-4a5d-bdbe-c48ff09e5280", "control-id": "pcidss_4_6-3.2", "description": "The description for control-id pcidss_4_6-3.2.", "props": [ @@ -16717,7 +16758,7 @@ ] }, { - "uuid": "d62d844f-a5f6-43e6-9425-fdb1c1060f6b", + "uuid": "00ba2d6e-80a0-4488-9b59-a36cf7b67b98", "control-id": "pcidss_4_6-3.3", "description": "No notes for control-id 6.3.3.", "props": [ @@ -16731,6 +16772,11 @@ "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", "value": "ensure_redhat_gpgkey_installed" }, + { + "name": "Rule_Id", + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", + "value": "package_sequoia-sq_installed" + }, { "name": "Rule_Id", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", @@ -16744,7 +16790,7 @@ ] }, { - "uuid": "6c133279-e02e-4350-bc04-95694a85ad16", + "uuid": "75122bed-96d8-49b8-b446-48a05fb851ff", "control-id": "pcidss_4_6-4.1", "description": "The description for control-id pcidss_4_6-4.1.", "props": [ @@ -16757,7 +16803,7 @@ ] }, { - "uuid": "fd051a4b-fadf-4b0b-a860-9221e6b690ac", + "uuid": "b907d6a7-8f60-4cbd-ac79-fe7bd7a25fc6", "control-id": "pcidss_4_6-4.2", "description": "The description for control-id pcidss_4_6-4.2.", "props": [ @@ -16770,7 +16816,7 @@ ] }, { - "uuid": "00d6633d-c461-40be-a6b3-94fadc8e2e5b", + "uuid": "6455831d-cb14-4b2c-b89f-6c5bc17115af", "control-id": "pcidss_4_6-4.3", "description": "The description for control-id pcidss_4_6-4.3.", "props": [ @@ -16783,7 +16829,7 @@ ] }, { - "uuid": "b88f02c9-2ea4-4332-96ad-da60cfd59022", + "uuid": "ec84557c-e5e0-4f67-9ed0-7e86213849b5", "control-id": "pcidss_4_6-5.1", "description": "The description for control-id pcidss_4_6-5.1.", "props": [ @@ -16796,7 +16842,7 @@ ] }, { - "uuid": "13e3d65f-f3f4-4156-a0b3-60cab1018739", + "uuid": "e7e1f087-4a21-48d0-a3d9-d642f2474c73", "control-id": "pcidss_4_6-5.2", "description": "The description for control-id pcidss_4_6-5.2.", "props": [ @@ -16809,7 +16855,7 @@ ] }, { - "uuid": "8e80557d-414d-4137-bb5b-b63a4956d85f", + "uuid": "6329a3ae-bade-418b-84f5-8ad50620ea0a", "control-id": "pcidss_4_6-5.3", "description": "The description for control-id pcidss_4_6-5.3.", "props": [ @@ -16822,7 +16868,7 @@ ] }, { - "uuid": "d557c83a-1668-41f0-a7b2-2117abe56cb7", + "uuid": "a8433409-8120-4922-b730-c4f1f6b62793", "control-id": "pcidss_4_6-5.4", "description": "The description for control-id pcidss_4_6-5.4.", "props": [ @@ -16835,7 +16881,7 @@ ] }, { - "uuid": "89d544ac-37f2-47df-813a-cd88a1fca652", + "uuid": "de95caa5-f3f9-4fea-b03b-4c34f3554bd9", "control-id": "pcidss_4_6-5.5", "description": "The description for control-id pcidss_4_6-5.5.", "props": [ @@ -16848,7 +16894,7 @@ ] }, { - "uuid": "1ec3b79f-92de-4552-86d9-2ffc351c1e02", + "uuid": "1a5869b0-0fe4-40fe-b6db-71bf9817eeee", "control-id": "pcidss_4_6-5.6", "description": "The description for control-id pcidss_4_6-5.6.", "props": [ @@ -16861,7 +16907,7 @@ ] }, { - "uuid": "9373bed4-ec4e-4c1c-a016-8326a378dd56", + "uuid": "f351ab80-a131-42de-9f70-c49acee7f0f3", "control-id": "pcidss_4_7-1.1", "description": "The description for control-id pcidss_4_7-1.1.", "props": [ @@ -16874,7 +16920,7 @@ ] }, { - "uuid": "410cdf37-41fb-40bf-8f81-7c15502a3b8a", + "uuid": "c172efbb-1eed-421b-9eb0-ed2389b41462", "control-id": "pcidss_4_7-1.2", "description": "The description for control-id pcidss_4_7-1.2.", "props": [ @@ -16887,7 +16933,7 @@ ] }, { - "uuid": "a37d000c-6b4a-44cc-a4a0-1657e69de04b", + "uuid": "508d554d-549f-4615-8b74-f38334c0165d", "control-id": "pcidss_4_7-2.1", "description": "The description for control-id pcidss_4_7-2.1.", "props": [ @@ -16900,7 +16946,7 @@ ] }, { - "uuid": "56065cf5-01c6-48fe-955d-8ee21bbb0701", + "uuid": "163d47bd-74ad-4573-81c2-fe1d11bbf312", "control-id": "pcidss_4_7-2.2", "description": "The description for control-id pcidss_4_7-2.2.", "props": [ @@ -16913,7 +16959,7 @@ ] }, { - "uuid": "7e8914f0-a7a8-40df-999e-2936a49c4e97", + "uuid": "33cdaf7b-e060-41e7-81fa-8ac9a3327988", "control-id": "pcidss_4_7-2.3", "description": "The description for control-id pcidss_4_7-2.3.", "props": [ @@ -16926,7 +16972,7 @@ ] }, { - "uuid": "b9cf28a2-ca26-48c8-9cf3-a599de0b2123", + "uuid": "2c4774b3-12ed-451a-b748-1949ad420eee", "control-id": "pcidss_4_7-2.4", "description": "The description for control-id pcidss_4_7-2.4.", "props": [ @@ -16939,7 +16985,7 @@ ] }, { - "uuid": "4f074311-54a9-4ec3-9481-f2dd8dc968c3", + "uuid": "60b4db24-6541-4685-9e9d-df896bf5de0c", "control-id": "pcidss_4_7-2.5.1", "description": "The description for control-id pcidss_4_7-2.5.1.", "props": [ @@ -16952,7 +16998,7 @@ ] }, { - "uuid": "7220c5c1-2a92-4c3e-8ed3-27cd41850f82", + "uuid": "6c22dee7-8625-4737-8da4-89544f5f96fa", "control-id": "pcidss_4_7-2.6", "description": "The description for control-id pcidss_4_7-2.6.", "props": [ @@ -16965,7 +17011,7 @@ ] }, { - "uuid": "77a52f79-49fd-4929-b457-cb62ba62573e", + "uuid": "f2f41e04-3246-423c-835f-0898e11e8e70", "control-id": "pcidss_4_7-3.1", "description": "The description for control-id pcidss_4_7-3.1.", "props": [ @@ -16978,7 +17024,7 @@ ] }, { - "uuid": "f1920801-757a-443a-81b8-df739d5fdf45", + "uuid": "5c32aae8-9262-46cf-bf34-64237a4c8d3f", "control-id": "pcidss_4_7-3.2", "description": "The description for control-id pcidss_4_7-3.2.", "props": [ @@ -16991,7 +17037,7 @@ ] }, { - "uuid": "dadc5ffb-0be4-49bb-9464-8e610304671c", + "uuid": "4fd48b51-9b76-46c0-ad66-b4c0f28309c9", "control-id": "pcidss_4_7-3.3", "description": "The description for control-id pcidss_4_7-3.3.", "props": [ @@ -17004,7 +17050,7 @@ ] }, { - "uuid": "fd769fb9-5438-4a69-ac81-6603e3707dcb", + "uuid": "6c820426-6eba-484f-8e8f-0fedc846b653", "control-id": "pcidss_4_8-1.1", "description": "The description for control-id pcidss_4_8-1.1.", "props": [ @@ -17017,7 +17063,7 @@ ] }, { - "uuid": "9ab8b5ed-8121-47ee-a33c-08b0cf3beaf0", + "uuid": "42c07623-8ca5-4095-8654-f86ed1fe9363", "control-id": "pcidss_4_8-1.2", "description": "The description for control-id pcidss_4_8-1.2.", "props": [ @@ -17030,7 +17076,7 @@ ] }, { - "uuid": "6196e842-d505-4353-9510-1bf92b2f3742", + "uuid": "b911fae4-705d-4376-a035-f0cd5a17c93c", "control-id": "pcidss_4_8-2.1", "description": "The description for control-id pcidss_4_8-2.1.", "props": [ @@ -17073,7 +17119,7 @@ ] }, { - "uuid": "7ddc9e28-0fdc-4654-a0e7-ea9585f7caa9", + "uuid": "30d89b2e-dcbd-45ab-a39a-cfc4d7180ce1", "control-id": "pcidss_4_8-2.2", "description": "This requirement is complemented by 8.2.1 and related to 8.3.5.", "props": [ @@ -17100,7 +17146,7 @@ ] }, { - "uuid": "0ce93b57-019c-4b96-8ce0-7c27e00a9d1c", + "uuid": "6ed1e7cf-e9a3-42ef-a49c-82883a94cc94", "control-id": "pcidss_4_8-2.3", "description": "The description for control-id pcidss_4_8-2.3.", "props": [ @@ -17113,7 +17159,7 @@ ] }, { - "uuid": "cce35fc4-d0f8-4195-9466-fa52667e50d6", + "uuid": "1d632c27-ed44-41db-8666-fe11b7625e4e", "control-id": "pcidss_4_8-2.4", "description": "The description for control-id pcidss_4_8-2.4.", "props": [ @@ -17126,7 +17172,7 @@ ] }, { - "uuid": "cc3c8d2a-17c5-4c3f-bf40-06d59e98c8b1", + "uuid": "85a3f6a2-3788-4c0a-8c9f-16948fdd27ad", "control-id": "pcidss_4_8-2.5", "description": "The description for control-id pcidss_4_8-2.5.", "props": [ @@ -17139,7 +17185,7 @@ ] }, { - "uuid": "ab6fc7e5-7c4b-4b50-b588-78acbf97ad95", + "uuid": "7052f529-8584-4e39-aa47-52b2bbee9820", "control-id": "pcidss_4_8-2.6", "description": "Also related to requirements 2.2.2 and 8.3.5.", "props": [ @@ -17161,7 +17207,7 @@ ] }, { - "uuid": "b19cb6fa-aab4-4e36-a975-efa4d47271a5", + "uuid": "8801c32a-4a3e-4def-8617-cf9bbc29f254", "control-id": "pcidss_4_8-2.7", "description": "The description for control-id pcidss_4_8-2.7.", "props": [ @@ -17174,7 +17220,7 @@ ] }, { - "uuid": "32933f3a-685d-473d-94fb-6153ada5fbc5", + "uuid": "029c9ff7-7235-4351-ad18-4a653f36f022", "control-id": "pcidss_4_8-2.8", "description": "No notes for control-id 8.2.8.", "props": [ @@ -17231,7 +17277,7 @@ ] }, { - "uuid": "0b60b29f-f992-48a1-b9f2-7165773a4a1b", + "uuid": "1bdb8711-7a0e-4eb0-939d-dcef49050614", "control-id": "pcidss_4_8-3.1", "description": "No notes for control-id 8.3.1.", "props": [ @@ -17263,7 +17309,7 @@ ] }, { - "uuid": "e46bf63c-bec8-4d53-8430-f48e22c10221", + "uuid": "db5e42ca-b08a-4212-9e25-a2cc9b2c4204", "control-id": "pcidss_4_8-3.2", "description": "There are similar rules that might be redundant for some distros.", "props": [ @@ -17295,7 +17341,7 @@ ] }, { - "uuid": "88953503-e438-4e20-b79c-48a7cba11143", + "uuid": "ee0717ee-b53b-4c4d-8210-0ddb1e1b2d79", "control-id": "pcidss_4_8-3.3", "description": "The description for control-id pcidss_4_8-3.3.", "props": [ @@ -17308,7 +17354,7 @@ ] }, { - "uuid": "193cc2c7-9dfc-4464-9cf4-57f1a75d58c7", + "uuid": "e91b5cde-9c29-4f6f-8c71-54f1b97c5465", "control-id": "pcidss_4_8-3.4", "description": "No notes for control-id 8.3.4.", "props": [ @@ -17330,7 +17376,7 @@ ] }, { - "uuid": "f744cfcc-8123-41e4-919e-d2c485ed1fc1", + "uuid": "252477cc-3ba6-4afe-b21e-919ed6f1bb3c", "control-id": "pcidss_4_8-3.5", "description": "Also related to requirement 2.2.2, 8.2.2 and 8.2.6.", "props": [ @@ -17347,7 +17393,7 @@ ] }, { - "uuid": "e8941814-508f-47e0-ab58-09214f90380e", + "uuid": "5901a6f1-e67b-464c-84b0-d8e41a3d1e80", "control-id": "pcidss_4_8-3.6", "description": "This requirement is not intended to apply to:\n- User accounts on point-of-sale terminals that have access to only one card number at a\ntime to facilitate a single transaction (such as IDs used by cashiers on point-of-sale\nterminals).\n- Application or system accounts, which are governed by requirements in section 8.6.", "props": [ @@ -17374,7 +17420,7 @@ ] }, { - "uuid": "3e80d13e-500c-48ef-afbf-1297215aaa43", + "uuid": "0273be09-e61a-4aec-b61e-61bd3ec11497", "control-id": "pcidss_4_8-3.7", "description": "This requirement is not intended to apply to user accounts on point-of-sale terminals that\nhave access to only one card number at a time to facilitate a single transaction (such as\nIDs used by cashiers on point-of-sale terminals).\nFor RHEL 8 and RHEL 9 systems, the accounts_password_pam_pwhistory_... rules should be\nprefered in detriment of accounts_password_pam_unix_remember. Using both should not create\nconflict but is unnecessary and the last should be filtered out from the profile.", "props": [ @@ -17401,7 +17447,7 @@ ] }, { - "uuid": "9438c318-ac09-4e22-bdda-3d84551f6a01", + "uuid": "ab690703-e920-48ee-b3e8-3b8bbbc80356", "control-id": "pcidss_4_8-3.8", "description": "The description for control-id pcidss_4_8-3.8.", "props": [ @@ -17414,7 +17460,7 @@ ] }, { - "uuid": "c4388b66-da81-4dba-8581-6f4726a1a665", + "uuid": "1337a4ae-39d7-4447-b67f-f915cfc7ed51", "control-id": "pcidss_4_8-3.9", "description": "The requirement does not explicitily define the number of days before the password\nexpiration to warn the users, but the relevant rules were selected here as they do not\ncause any problems in combination with password lifetime rules.", "props": [ @@ -17446,7 +17492,7 @@ ] }, { - "uuid": "7b6fa2db-18d8-4a06-ba68-838a4b4f93ce", + "uuid": "f8a47ee0-dfbb-4509-89de-45139f2feef0", "control-id": "pcidss_4_8-3.10.1", "description": "This requirement is already covered by 8.3.9.", "props": [ @@ -17458,7 +17504,7 @@ ] }, { - "uuid": "fe982730-f394-4468-8de1-2b680f404275", + "uuid": "544b42ad-cadf-4060-aec7-1e4c083eb338", "control-id": "pcidss_4_8-3.11", "description": "The description for control-id pcidss_4_8-3.11.", "props": [ @@ -17471,7 +17517,7 @@ ] }, { - "uuid": "2123b627-9997-4042-bedb-c320d2f3e216", + "uuid": "dd81e452-dfd3-474b-874c-149ca927c4c2", "control-id": "pcidss_4_8-4.1", "description": "No notes for control-id 8.4.1.", "props": [ @@ -17483,7 +17529,7 @@ ] }, { - "uuid": "f5356b11-739a-405b-8a17-6606b9567142", + "uuid": "b15a06d5-884e-4810-b7ca-9ee0ef177764", "control-id": "pcidss_4_8-4.2", "description": "The description for control-id pcidss_4_8-4.2.", "props": [ @@ -17496,7 +17542,7 @@ ] }, { - "uuid": "00c48726-35f0-415c-a49c-6e9f3d87db03", + "uuid": "acd63d47-0710-4122-bcd7-70e391f42954", "control-id": "pcidss_4_8-4.3", "description": "The description for control-id pcidss_4_8-4.3.", "props": [ @@ -17509,7 +17555,7 @@ ] }, { - "uuid": "11d67754-492c-44e2-acf5-1ba76009acb9", + "uuid": "57441db0-fbd2-4ec0-b59d-51dbeddda268", "control-id": "pcidss_4_8-5.1", "description": "The description for control-id pcidss_4_8-5.1.", "props": [ @@ -17522,7 +17568,7 @@ ] }, { - "uuid": "854bbd5d-23fd-47ff-a40b-c774aceb1d07", + "uuid": "601ba051-5626-4274-a45a-4f13ad0e7b4a", "control-id": "pcidss_4_8-6.1", "description": "This requirement is related to 2.2.2, 2.2.6, 8.2.1 and 8.2.2. Specifically on 8.2.2 system\naccounts usage is restricted. Exceptions to system accounts should be manually checked to\nensure the requirements in description. This requirement although implements some extra\ncontrols regarding root account.", "props": [ @@ -17549,7 +17595,7 @@ ] }, { - "uuid": "a442c741-05b1-4e1e-a1fa-f1061c1bae1c", + "uuid": "ca896e2e-f86c-46cc-b796-adf41c0486e2", "control-id": "pcidss_4_8-6.2", "description": "The description for control-id pcidss_4_8-6.2.", "props": [ @@ -17562,7 +17608,7 @@ ] }, { - "uuid": "7ed7b928-5497-4c4c-9ec7-a04b21f341c5", + "uuid": "09a8c4c3-3dd8-495d-913e-ecf0717a2c42", "control-id": "pcidss_4_8-6.3", "description": "Related to requirements 8.3.6 and 8.3.9.", "props": [ @@ -17574,7 +17620,7 @@ ] }, { - "uuid": "c0280898-aebc-429f-bf88-7055d93faaf0", + "uuid": "0de668e2-15cb-48f7-9844-88f7600e7da7", "control-id": "pcidss_4_9-1.1", "description": "The description for control-id pcidss_4_9-1.1.", "props": [ @@ -17587,7 +17633,7 @@ ] }, { - "uuid": "1b9f4ac2-8044-479d-b066-c8e8d1402436", + "uuid": "5e2bc6ea-c879-4411-9417-587778af92d3", "control-id": "pcidss_4_9-1.2", "description": "The description for control-id pcidss_4_9-1.2.", "props": [ @@ -17600,7 +17646,7 @@ ] }, { - "uuid": "37dc18f2-ca57-4d32-91a6-212535d78f4e", + "uuid": "f72462e3-3f0b-4830-afa5-bf8525706c35", "control-id": "pcidss_4_9-2.1.1", "description": "The description for control-id pcidss_4_9-2.1.1.", "props": [ @@ -17613,7 +17659,7 @@ ] }, { - "uuid": "81dee0a6-8bef-4c15-b951-8d18de06a440", + "uuid": "c362e2fb-1119-4f10-9fe4-bdfd08803d50", "control-id": "pcidss_4_9-2.2", "description": "The description for control-id pcidss_4_9-2.2.", "props": [ @@ -17626,7 +17672,7 @@ ] }, { - "uuid": "ea917a4e-7945-4e9c-ae00-c09a9e4f8fe8", + "uuid": "81b1eb52-5745-4c3c-b38f-fc74ee3f2a96", "control-id": "pcidss_4_9-2.3", "description": "The description for control-id pcidss_4_9-2.3.", "props": [ @@ -17639,7 +17685,7 @@ ] }, { - "uuid": "681c9316-74a1-42ff-bb8b-6dce89337fd7", + "uuid": "fe3cd312-f3a1-4a37-ae74-e71392dc9a04", "control-id": "pcidss_4_9-2.4", "description": "The description for control-id pcidss_4_9-2.4.", "props": [ @@ -17652,7 +17698,7 @@ ] }, { - "uuid": "a70bb259-6f0d-4d93-92f1-69a60c1657fe", + "uuid": "c07576e5-ab9e-4910-ba66-4e85c205a008", "control-id": "pcidss_4_9-3.1.1", "description": "The description for control-id pcidss_4_9-3.1.1.", "props": [ @@ -17665,7 +17711,7 @@ ] }, { - "uuid": "9a68cbd4-efd5-4e2d-b4ac-b53de853af1e", + "uuid": "fd246425-f682-4161-8446-8f300389904c", "control-id": "pcidss_4_9-3.2", "description": "The description for control-id pcidss_4_9-3.2.", "props": [ @@ -17678,7 +17724,7 @@ ] }, { - "uuid": "676463a1-7e80-4a16-88b8-3c6c6f2b7f5b", + "uuid": "8acdc158-9c3e-4684-b024-ca12d6b864fb", "control-id": "pcidss_4_9-3.3", "description": "The description for control-id pcidss_4_9-3.3.", "props": [ @@ -17691,7 +17737,7 @@ ] }, { - "uuid": "c9f3498a-db63-4e27-9606-a899a36aebf1", + "uuid": "c53c9350-f395-4fc4-9a70-650e46ef9d75", "control-id": "pcidss_4_9-3.4", "description": "The description for control-id pcidss_4_9-3.4.", "props": [ @@ -17704,7 +17750,7 @@ ] }, { - "uuid": "66a2b4c9-035e-40d0-927c-9dea0f286b09", + "uuid": "b4fd322e-08f7-4f20-b2d9-bfa0737f1b93", "control-id": "pcidss_4_9-4.1.1", "description": "The description for control-id pcidss_4_9-4.1.1.", "props": [ @@ -17717,7 +17763,7 @@ ] }, { - "uuid": "a6f0899c-862e-4aee-b9b2-894f5ee070b5", + "uuid": "a325ce8f-aeb9-4d1e-8e89-dce035311164", "control-id": "pcidss_4_9-4.1.2", "description": "The description for control-id pcidss_4_9-4.1.2.", "props": [ @@ -17730,7 +17776,7 @@ ] }, { - "uuid": "a9409879-a273-4a64-a02a-7344f2421de1", + "uuid": "ae590699-8c34-4e17-8182-7ffec0f6bf2a", "control-id": "pcidss_4_9-4.2", "description": "The description for control-id pcidss_4_9-4.2.", "props": [ @@ -17743,7 +17789,7 @@ ] }, { - "uuid": "1961b60f-e600-4717-9031-356dc55ee144", + "uuid": "5a1bb062-32ab-43dd-8a38-0118657138f2", "control-id": "pcidss_4_9-4.3", "description": "The description for control-id pcidss_4_9-4.3.", "props": [ @@ -17756,7 +17802,7 @@ ] }, { - "uuid": "91c43136-54e0-4ca2-82cd-3ab53e325ed1", + "uuid": "5d50f2d6-e49e-4acf-b022-eaf2aeb8744b", "control-id": "pcidss_4_9-4.4", "description": "The description for control-id pcidss_4_9-4.4.", "props": [ @@ -17769,7 +17815,7 @@ ] }, { - "uuid": "4ba1d7a6-3536-4d9d-9d07-f444fe181a0d", + "uuid": "16bb9d48-c45c-4916-b994-b6a3981cc270", "control-id": "pcidss_4_9-4.5.1", "description": "The description for control-id pcidss_4_9-4.5.1.", "props": [ @@ -17782,7 +17828,7 @@ ] }, { - "uuid": "c0e43da2-89aa-405b-a7ca-2be73be5d80b", + "uuid": "2af9468c-b654-4807-a23c-7a950ab9c3a6", "control-id": "pcidss_4_9-4.6", "description": "The description for control-id pcidss_4_9-4.6.", "props": [ @@ -17795,7 +17841,7 @@ ] }, { - "uuid": "92e6a19c-aad0-4d5a-8590-55ead762217d", + "uuid": "29a51c92-b1e0-4ce9-b7fa-f9033297db3c", "control-id": "pcidss_4_9-4.7", "description": "The description for control-id pcidss_4_9-4.7.", "props": [ @@ -17808,7 +17854,7 @@ ] }, { - "uuid": "8f2e9e31-16b6-4adb-8e1b-0b143e633532", + "uuid": "3705dd7d-19fe-4d9f-b001-aa78ab57c861", "control-id": "pcidss_4_9-5.1.1", "description": "The description for control-id pcidss_4_9-5.1.1.", "props": [ @@ -17821,7 +17867,7 @@ ] }, { - "uuid": "97afe940-3601-4d89-99a9-1cf3ea414e97", + "uuid": "f1a0c91d-b41a-4583-8bf8-4e1320e23519", "control-id": "pcidss_4_9-5.1.2.1", "description": "The description for control-id pcidss_4_9-5.1.2.1.", "props": [ @@ -17834,7 +17880,7 @@ ] }, { - "uuid": "92c6cb42-08eb-4a02-aa80-fa36b1c05525", + "uuid": "e6a820f6-ca5e-4016-9f41-494efd55e111", "control-id": "pcidss_4_9-5.1.3", "description": "The description for control-id pcidss_4_9-5.1.3.", "props": [ @@ -17847,7 +17893,7 @@ ] }, { - "uuid": "b5339f86-1797-4e56-b349-c0f5a18df548", + "uuid": "c4f39dc6-021d-483a-ab56-f71c901f2abd", "control-id": "pcidss_4_10-1.1", "description": "The description for control-id pcidss_4_10-1.1.", "props": [ @@ -17860,7 +17906,7 @@ ] }, { - "uuid": "e886b484-711c-4e5e-9968-cf477a62fbd7", + "uuid": "742ded6f-0391-4df2-a7f6-1e4fe7c9250f", "control-id": "pcidss_4_10-1.2", "description": "The description for control-id pcidss_4_10-1.2.", "props": [ @@ -17873,7 +17919,7 @@ ] }, { - "uuid": "e8607493-5fbb-4e74-b566-13b9e2d0c3bd", + "uuid": "3b1514ba-b040-4703-84a4-646032c6a4d1", "control-id": "pcidss_4_10-2.1.1", "description": "The description for control-id pcidss_4_10-2.1.1.", "props": [ @@ -17886,7 +17932,7 @@ ] }, { - "uuid": "27e5de04-e33e-4b75-9b65-6532ac2dd7f0", + "uuid": "9be33227-b0ab-4e94-a996-97b884066b5c", "control-id": "pcidss_4_10-2.1.2", "description": "Not all privileged commands have suid or sgid enabled. We probably want to include more\nrules for this requirement.", "props": [ @@ -17903,7 +17949,7 @@ ] }, { - "uuid": "9098b93e-c4f8-4c30-8042-0e74039edcf3", + "uuid": "4bd0c176-7aa3-449c-a354-30f0ccc84384", "control-id": "pcidss_4_10-2.1.3", "description": "No notes for control-id 10.2.1.3.", "props": [ @@ -17950,7 +17996,7 @@ ] }, { - "uuid": "ac30f58e-1de8-42fc-a058-c068d9c467db", + "uuid": "d491404d-a3b0-4c03-9f60-9e55b6523a80", "control-id": "pcidss_4_10-2.1.4", "description": "No notes for control-id 10.2.1.4.", "props": [ @@ -17967,7 +18013,7 @@ ] }, { - "uuid": "8c3ebc71-08b2-43c6-b9c4-692fc97bbd9d", + "uuid": "f0020751-9b80-484a-bcba-a3740e638628", "control-id": "pcidss_4_10-2.1.5", "description": "No notes for control-id 10.2.1.5.", "props": [ @@ -18009,7 +18055,7 @@ ] }, { - "uuid": "3b365c39-3b1b-4858-ab97-af06d0b4d0c6", + "uuid": "f142316e-0563-40a9-85f9-cfcdab9ff842", "control-id": "pcidss_4_10-2.1.6", "description": "The description for control-id pcidss_4_10-2.1.6.", "props": [ @@ -18022,7 +18068,7 @@ ] }, { - "uuid": "40e77d07-70f1-4382-9be7-2346cde72100", + "uuid": "b0b7cdc2-7364-4043-acc7-bf90d1c3fac0", "control-id": "pcidss_4_10-2.1.7", "description": "There are enough rules to capture deletion events but not for creation events.\nThis requirement needs to be better investigated to confirm which additional rules would\nsatistfy the requirement.", "props": [ @@ -18069,7 +18115,7 @@ ] }, { - "uuid": "03a1c9ab-5609-4316-b8c0-22741bdb8db1", + "uuid": "fd6dd3b9-a18a-4763-9bc6-f3ab9f60421f", "control-id": "pcidss_4_10-2.2", "description": "Standard settings for audit should be enough.", "props": [ @@ -18086,7 +18132,7 @@ ] }, { - "uuid": "19f64298-1f92-4155-8ccb-3d2f37c03c61", + "uuid": "7cd5aec4-78fc-4ce8-b597-7494f94b5c76", "control-id": "pcidss_4_10-3.1", "description": "No notes for control-id 10.3.1.", "props": [ @@ -18113,7 +18159,7 @@ ] }, { - "uuid": "5c179a8a-823b-46ba-b733-31c70155df4b", + "uuid": "226e7a47-3ebc-4f0b-8364-9f7db4985fe4", "control-id": "pcidss_4_10-3.2", "description": "No notes for control-id 10.3.2.", "props": [ @@ -18150,7 +18196,7 @@ ] }, { - "uuid": "f67cb13d-acf5-438d-bd54-fc2fe4eadad8", + "uuid": "f12c6a12-ff82-46ba-a61b-49227de6f43b", "control-id": "pcidss_4_10-3.3", "description": "Although the technologies in general allow to send logs to a centralized server, some\nparameters for this configuration are specific to each site policy and therefore the\nrequirement demands manual assessment.", "props": [ @@ -18172,7 +18218,7 @@ ] }, { - "uuid": "05f0f221-18ab-46dc-ad5e-a9ccc5eca0db", + "uuid": "c5da10f5-e495-4af2-a21f-d56c4ef54097", "control-id": "pcidss_4_10-3.4", "description": "No notes for control-id 10.3.4.", "props": [ @@ -18264,7 +18310,7 @@ ] }, { - "uuid": "7200e6a4-f363-4ec4-966c-25b7764763b3", + "uuid": "c62fac83-71a6-4174-b2d0-89d2efc89089", "control-id": "pcidss_4_10-4.1.1", "description": "The description for control-id pcidss_4_10-4.1.1.", "props": [ @@ -18277,7 +18323,7 @@ ] }, { - "uuid": "baac620e-f83c-4759-ac21-f5042981aa40", + "uuid": "30d35f80-ac5c-4168-8565-7b2ca8d58aa3", "control-id": "pcidss_4_10-4.2.1", "description": "The description for control-id pcidss_4_10-4.2.1.", "props": [ @@ -18290,7 +18336,7 @@ ] }, { - "uuid": "e90eb576-4500-4267-a6b3-2c84ab4aab37", + "uuid": "7bb993fd-71a3-4e7b-9099-f91467ab2950", "control-id": "pcidss_4_10-4.3", "description": "The description for control-id pcidss_4_10-4.3.", "props": [ @@ -18303,7 +18349,7 @@ ] }, { - "uuid": "1c54de51-7d29-4d71-bf84-43bf031bdf76", + "uuid": "f7ef0b45-caac-420e-b638-5ab9569d49a0", "control-id": "pcidss_4_10-5.1", "description": "It is not simple to ensure 12 months history is present in each system but the rules in\nthis requirement ensures the logs are not lost without administrators awareness.", "props": [ @@ -18340,7 +18386,7 @@ ] }, { - "uuid": "e2c1d8ec-1280-46fb-b8c8-0cec9775d948", + "uuid": "e4f50991-5e66-47c4-be71-620daf65449d", "control-id": "pcidss_4_10-6.1", "description": "Maybe it is possible to optmize some similar rules related to ntp.", "props": [ @@ -18357,7 +18403,7 @@ ] }, { - "uuid": "89844b70-36a8-4729-ba42-a1297c9ab5b5", + "uuid": "43f0a294-5181-4417-993a-b5c91c2919f2", "control-id": "pcidss_4_10-6.2", "description": "The selected rules might need updates in order to restrict their platform applicability\nto avoid conflicts.", "props": [ @@ -18374,7 +18420,7 @@ ] }, { - "uuid": "9f02f7c1-5d8f-4689-aa4c-5052cc76aee9", + "uuid": "3ef64294-7c7d-4a1f-9266-81c870e77b99", "control-id": "pcidss_4_10-6.3", "description": "No notes for control-id 10.6.3.", "props": [ @@ -18416,7 +18462,7 @@ ] }, { - "uuid": "96019657-f808-4e02-82d4-1e000eca059e", + "uuid": "c07d9d79-eec9-4ad2-8e89-d86f5e90aa81", "control-id": "pcidss_4_10-7.1", "description": "The description for control-id pcidss_4_10-7.1.", "props": [ @@ -18429,7 +18475,7 @@ ] }, { - "uuid": "b7f96da4-80ee-47e7-933e-edf9e6c94c77", + "uuid": "19dca3aa-bdcd-4f93-bbd7-39c939af56bd", "control-id": "pcidss_4_10-7.2", "description": "No notes for control-id 10.7.2.", "props": [ @@ -18451,7 +18497,7 @@ ] }, { - "uuid": "aa533014-f42a-4a7e-bb0d-52960c262673", + "uuid": "8e23a978-015e-435a-90df-9ab58875100d", "control-id": "pcidss_4_10-7.3", "description": "The description for control-id pcidss_4_10-7.3.", "props": [ @@ -18464,7 +18510,7 @@ ] }, { - "uuid": "be82e9ab-f76a-41a2-a0cc-5927f409fb72", + "uuid": "4262aeaf-e80e-4308-ad6a-76941b993743", "control-id": "pcidss_4_11-1.1", "description": "The description for control-id pcidss_4_11-1.1.", "props": [ @@ -18477,7 +18523,7 @@ ] }, { - "uuid": "1fd62c9d-5580-40e7-b622-72df0b76f79c", + "uuid": "f8861f27-e9fd-4f7a-85e3-830a871ea279", "control-id": "pcidss_4_11-1.2", "description": "The description for control-id pcidss_4_11-1.2.", "props": [ @@ -18490,7 +18536,7 @@ ] }, { - "uuid": "6f9fe5fe-bfde-4ba7-875d-f43fbf0d6972", + "uuid": "9d71b785-55c0-4a2c-849a-ed95954a4b08", "control-id": "pcidss_4_11-2.1", "description": "The description for control-id pcidss_4_11-2.1.", "props": [ @@ -18503,7 +18549,7 @@ ] }, { - "uuid": "4e5bfff3-b5ca-4fbb-a72b-5fcc7b552beb", + "uuid": "ef22e120-2e7e-4211-8e59-3b05ade00a21", "control-id": "pcidss_4_11-2.2", "description": "The description for control-id pcidss_4_11-2.2.", "props": [ @@ -18516,7 +18562,7 @@ ] }, { - "uuid": "a3e77c22-9e8b-4309-bd9a-3be2c86bb772", + "uuid": "66e5de8b-3bf2-4016-aaf3-26d37f53ff4f", "control-id": "pcidss_4_11-3.1.1", "description": "The description for control-id pcidss_4_11-3.1.1.", "props": [ @@ -18529,7 +18575,7 @@ ] }, { - "uuid": "f27eaa4d-caf9-4782-a74d-a5e4d42968d0", + "uuid": "f7cd55df-d651-4d47-b024-c95aa4915c2b", "control-id": "pcidss_4_11-3.1.2", "description": "The description for control-id pcidss_4_11-3.1.2.", "props": [ @@ -18542,7 +18588,7 @@ ] }, { - "uuid": "22824286-21ce-4c11-8050-a29d884938f4", + "uuid": "e929c4c7-e0f1-4d9c-bbd7-e754aa580447", "control-id": "pcidss_4_11-3.1.3", "description": "The description for control-id pcidss_4_11-3.1.3.", "props": [ @@ -18555,7 +18601,7 @@ ] }, { - "uuid": "09652cd9-681e-417d-b65b-2b81014ef04a", + "uuid": "1032e1a4-3650-48fa-99ee-4e6d444a27ce", "control-id": "pcidss_4_11-3.2.1", "description": "The description for control-id pcidss_4_11-3.2.1.", "props": [ @@ -18568,7 +18614,7 @@ ] }, { - "uuid": "94f3873a-40d9-43fc-8b83-a9742cd6c130", + "uuid": "07f0f173-65d1-4db8-9380-3ebc5ef8908f", "control-id": "pcidss_4_11-4.1", "description": "The description for control-id pcidss_4_11-4.1.", "props": [ @@ -18581,7 +18627,7 @@ ] }, { - "uuid": "e99f5c08-48f0-46b6-be85-52f46eccc7ca", + "uuid": "cbaa8119-eaf7-43b2-b93c-a9baaee06dab", "control-id": "pcidss_4_11-4.2", "description": "The description for control-id pcidss_4_11-4.2.", "props": [ @@ -18594,7 +18640,7 @@ ] }, { - "uuid": "a9734ea8-4ed0-4cc0-b14d-c4107bd82ded", + "uuid": "07ca94eb-138f-49c2-806c-225d45fe46e0", "control-id": "pcidss_4_11-4.3", "description": "The description for control-id pcidss_4_11-4.3.", "props": [ @@ -18607,7 +18653,7 @@ ] }, { - "uuid": "ea3d928e-a59c-4202-b518-849f93d04131", + "uuid": "73f5744d-7f7b-4dd6-95ee-3c732a433b9a", "control-id": "pcidss_4_11-4.4", "description": "The description for control-id pcidss_4_11-4.4.", "props": [ @@ -18620,7 +18666,7 @@ ] }, { - "uuid": "5c1cb067-8d05-46a9-af70-14e87fd8517a", + "uuid": "251e4872-2307-447e-93c7-fd86c94647c8", "control-id": "pcidss_4_11-4.5", "description": "The description for control-id pcidss_4_11-4.5.", "props": [ @@ -18633,7 +18679,7 @@ ] }, { - "uuid": "65a12d6f-c701-4612-9c8c-90881b04cf1e", + "uuid": "29dc6610-a009-4f78-a0b3-cb1228a279e7", "control-id": "pcidss_4_11-4.6", "description": "The description for control-id pcidss_4_11-4.6.", "props": [ @@ -18646,7 +18692,7 @@ ] }, { - "uuid": "572a2543-ffb8-485b-92c8-376e3b697e8d", + "uuid": "2f59f966-4189-4095-9404-be07138bc851", "control-id": "pcidss_4_11-4.7", "description": "The description for control-id pcidss_4_11-4.7.", "props": [ @@ -18659,7 +18705,7 @@ ] }, { - "uuid": "d3ecf9cb-eb19-44a6-8c6f-a77213f8dc11", + "uuid": "5a7f4469-8852-4f05-866d-73bd085cd7d8", "control-id": "pcidss_4_11-5.1.1", "description": "The description for control-id pcidss_4_11-5.1.1.", "props": [ @@ -18672,7 +18718,7 @@ ] }, { - "uuid": "b535fff8-1172-4e62-8477-fd30d6415154", + "uuid": "90b2b330-3e08-4188-91e8-ebd035763002", "control-id": "pcidss_4_11-5.2", "description": "No notes for control-id 11.5.2.", "props": [ @@ -18709,7 +18755,7 @@ ] }, { - "uuid": "7ecc5657-93bb-4202-aacf-31e3f3d9baa3", + "uuid": "f29f57e1-bf8e-474f-ad31-6318aa4286d1", "control-id": "pcidss_4_11-6.1", "description": "The description for control-id pcidss_4_11-6.1.", "props": [ @@ -18722,7 +18768,7 @@ ] }, { - "uuid": "376fef0e-8b24-43e8-b5a9-0820140733ce", + "uuid": "c8b94bf4-f034-47a8-8185-c2fbf9a142cf", "control-id": "pcidss_4_12-1.1", "description": "The description for control-id pcidss_4_12-1.1.", "props": [ @@ -18735,7 +18781,7 @@ ] }, { - "uuid": "ed2659ec-fe3a-4cd0-990d-65e714d9a48b", + "uuid": "fd21d72e-88de-4515-a042-1112269299fd", "control-id": "pcidss_4_12-1.2", "description": "The description for control-id pcidss_4_12-1.2.", "props": [ @@ -18748,7 +18794,7 @@ ] }, { - "uuid": "7621aec8-1e86-4775-b600-3f4c492224a6", + "uuid": "40698f43-5c0d-4bd3-8c23-427f3c661a47", "control-id": "pcidss_4_12-1.3", "description": "The description for control-id pcidss_4_12-1.3.", "props": [ @@ -18761,7 +18807,7 @@ ] }, { - "uuid": "4ab93a3c-84bb-4ca5-863e-57d74a2648bf", + "uuid": "c89c74fb-8397-4c04-837d-033be69a6bd3", "control-id": "pcidss_4_12-1.4", "description": "The description for control-id pcidss_4_12-1.4.", "props": [ @@ -18774,7 +18820,7 @@ ] }, { - "uuid": "c448b7d3-e401-46ef-b9e5-b3f24b619b75", + "uuid": "1d850774-1d49-4192-8ddb-72626e7c50ce", "control-id": "pcidss_4_12-2.1", "description": "The description for control-id pcidss_4_12-2.1.", "props": [ @@ -18787,7 +18833,7 @@ ] }, { - "uuid": "f77e820e-0c0c-4e9a-9905-3511b233fafa", + "uuid": "9a70d04a-365f-4d37-a195-57fa0b0e0b3c", "control-id": "pcidss_4_12-3.1", "description": "The description for control-id pcidss_4_12-3.1.", "props": [ @@ -18800,7 +18846,7 @@ ] }, { - "uuid": "c5c10daa-b051-4dba-a10e-5ec3cb89610f", + "uuid": "279332b1-5404-4de0-8d82-853b1e1bfb10", "control-id": "pcidss_4_12-3.2", "description": "The description for control-id pcidss_4_12-3.2.", "props": [ @@ -18813,7 +18859,7 @@ ] }, { - "uuid": "1f5f9afd-63da-4f0e-9a7e-21875002da07", + "uuid": "48edb6a1-b1f8-4423-82f8-3da3a8542392", "control-id": "pcidss_4_12-3.3", "description": "The description for control-id pcidss_4_12-3.3.", "props": [ @@ -18826,7 +18872,7 @@ ] }, { - "uuid": "892031b6-ff40-4029-9bbb-12efb5b6e4ef", + "uuid": "8a97f9bc-84aa-4f54-9c0b-ced2840c8ed6", "control-id": "pcidss_4_12-3.4", "description": "The description for control-id pcidss_4_12-3.4.", "props": [ @@ -18839,7 +18885,7 @@ ] }, { - "uuid": "cb087929-a5bc-4867-b1f2-f5d5de21779e", + "uuid": "839b204e-fe56-4a08-8eba-fca49d56ee72", "control-id": "pcidss_4_12-4.1", "description": "The description for control-id pcidss_4_12-4.1.", "props": [ @@ -18852,7 +18898,7 @@ ] }, { - "uuid": "4b994f9a-3bb0-4b1c-b134-c66a5a758341", + "uuid": "42d2fd95-05e2-4f61-8f51-2a3f5b594d05", "control-id": "pcidss_4_12-4.2.1", "description": "The description for control-id pcidss_4_12-4.2.1.", "props": [ @@ -18865,7 +18911,7 @@ ] }, { - "uuid": "139a6dfe-20f9-4068-81e0-51df7cad4cb5", + "uuid": "cd6e972a-06b9-48a3-9686-9e70cb8dcb4c", "control-id": "pcidss_4_12-5.1", "description": "The description for control-id pcidss_4_12-5.1.", "props": [ @@ -18878,7 +18924,7 @@ ] }, { - "uuid": "9d6b28e5-a1d7-4278-8a19-caf9ff1a9d37", + "uuid": "864f9682-7f43-4688-aed8-96a299975c73", "control-id": "pcidss_4_12-5.2.1", "description": "The description for control-id pcidss_4_12-5.2.1.", "props": [ @@ -18891,7 +18937,7 @@ ] }, { - "uuid": "51e0b791-6720-4131-8b4f-65eebe0a95da", + "uuid": "b47aa4d8-c019-42f1-9ce9-1ebd06ab538c", "control-id": "pcidss_4_12-5.3", "description": "The description for control-id pcidss_4_12-5.3.", "props": [ @@ -18904,7 +18950,7 @@ ] }, { - "uuid": "9f70fa1e-34a8-4c7a-8b10-ce4cedb3aa1a", + "uuid": "4d1f54ca-b1f6-44fa-a06d-f7ba8e171172", "control-id": "pcidss_4_12-6.1", "description": "The description for control-id pcidss_4_12-6.1.", "props": [ @@ -18917,7 +18963,7 @@ ] }, { - "uuid": "55257a7b-92ea-4758-91ae-ed555938b93c", + "uuid": "b42cae82-1145-4f8f-9351-7c9770553285", "control-id": "pcidss_4_12-6.2", "description": "The description for control-id pcidss_4_12-6.2.", "props": [ @@ -18930,7 +18976,7 @@ ] }, { - "uuid": "570e319f-4188-4c11-b800-61406eda3ff7", + "uuid": "addd101c-cba9-4f09-af68-79b2544182fc", "control-id": "pcidss_4_12-6.3.1", "description": "The description for control-id pcidss_4_12-6.3.1.", "props": [ @@ -18943,7 +18989,7 @@ ] }, { - "uuid": "fb8f8393-150d-415e-baa1-959dc138d1f1", + "uuid": "b9915085-536c-44e2-9528-a7b9333f5cde", "control-id": "pcidss_4_12-6.3.2", "description": "The description for control-id pcidss_4_12-6.3.2.", "props": [ @@ -18956,7 +19002,7 @@ ] }, { - "uuid": "9d364b38-ac78-4481-82f8-7a9a08acfcd4", + "uuid": "162f111c-3244-4158-a386-d88436815c25", "control-id": "pcidss_4_12-7.1", "description": "The description for control-id pcidss_4_12-7.1.", "props": [ @@ -18969,7 +19015,7 @@ ] }, { - "uuid": "ada23b2b-bef0-422e-a44e-4e918e541260", + "uuid": "ea82bb7f-cd82-4270-a100-59799bce8204", "control-id": "pcidss_4_12-8.1", "description": "The description for control-id pcidss_4_12-8.1.", "props": [ @@ -18982,7 +19028,7 @@ ] }, { - "uuid": "3a4525f7-87c1-4df7-bc2d-44c7ec56c287", + "uuid": "e587a8c2-6baa-4354-811d-c892f66b9d0b", "control-id": "pcidss_4_12-8.2", "description": "The description for control-id pcidss_4_12-8.2.", "props": [ @@ -18995,7 +19041,7 @@ ] }, { - "uuid": "440a8d44-d05b-4016-ae4b-0aaafc39a0d4", + "uuid": "796da077-cbd3-4fb1-9537-e109c990e4e4", "control-id": "pcidss_4_12-8.3", "description": "The description for control-id pcidss_4_12-8.3.", "props": [ @@ -19008,7 +19054,7 @@ ] }, { - "uuid": "6835b3b1-4972-4fb7-bf6d-6e051ee19bb9", + "uuid": "eeb20e08-11f7-4079-a898-6ba9aca9fc93", "control-id": "pcidss_4_12-8.4", "description": "The description for control-id pcidss_4_12-8.4.", "props": [ @@ -19021,7 +19067,7 @@ ] }, { - "uuid": "3b9de56c-ebde-414b-9d7b-9c0ec8975ea9", + "uuid": "00fd78f8-4e81-4251-bc5d-c363b99f90ca", "control-id": "pcidss_4_12-8.5", "description": "The description for control-id pcidss_4_12-8.5.", "props": [ @@ -19034,7 +19080,7 @@ ] }, { - "uuid": "25f7fad3-89e9-4ba8-a8f7-6a5ba2f29bcf", + "uuid": "3ac8f696-2902-4cf9-817f-ef5fb8b22589", "control-id": "pcidss_4_12-9.1", "description": "The description for control-id pcidss_4_12-9.1.", "props": [ @@ -19047,7 +19093,7 @@ ] }, { - "uuid": "d4b13a02-d3e0-4610-927a-0f893eb6b2f8", + "uuid": "b4a2be92-c196-4a6f-ae40-7382b6092fe2", "control-id": "pcidss_4_12-9.2", "description": "The description for control-id pcidss_4_12-9.2.", "props": [ @@ -19060,7 +19106,7 @@ ] }, { - "uuid": "ba92fad1-ecfc-4218-be94-ecde8454d5d7", + "uuid": "210e883c-f79a-4340-8f18-f2ca03524aea", "control-id": "pcidss_4_12-10.1", "description": "The description for control-id pcidss_4_12-10.1.", "props": [ @@ -19073,7 +19119,7 @@ ] }, { - "uuid": "ca63bd24-bb9d-4967-b5b3-98a8fec28250", + "uuid": "b585e1e0-bf6c-4f53-8983-a1af6183ac80", "control-id": "pcidss_4_12-10.2", "description": "The description for control-id pcidss_4_12-10.2.", "props": [ @@ -19086,7 +19132,7 @@ ] }, { - "uuid": "c8fba1df-a98d-4937-8e91-3fa78372c121", + "uuid": "712d2511-d4da-43da-94f8-3f5c99417bba", "control-id": "pcidss_4_12-10.3", "description": "The description for control-id pcidss_4_12-10.3.", "props": [ @@ -19099,7 +19145,7 @@ ] }, { - "uuid": "25cca5b3-c38d-49d6-953f-44ab67bb6651", + "uuid": "f24ffbdf-4513-4f36-ac36-5ee96157cc90", "control-id": "pcidss_4_12-10.4.1", "description": "The description for control-id pcidss_4_12-10.4.1.", "props": [ @@ -19112,7 +19158,7 @@ ] }, { - "uuid": "52ada8ae-85d6-44e1-b7cf-7ee32825cb6a", + "uuid": "fd9e69a7-7f04-48f2-ae8e-19442b530890", "control-id": "pcidss_4_12-10.5", "description": "The description for control-id pcidss_4_12-10.5.", "props": [ @@ -19125,7 +19171,7 @@ ] }, { - "uuid": "e3e937e4-16fb-4a2f-9291-8df3adae0bc9", + "uuid": "e6b49ca7-290a-44cf-bc74-a129065d4941", "control-id": "pcidss_4_12-10.6", "description": "The description for control-id pcidss_4_12-10.6.", "props": [ @@ -19138,7 +19184,7 @@ ] }, { - "uuid": "94bb7ec8-2316-4e80-b8cb-1a49f2f296e6", + "uuid": "47e08e56-4682-4ad7-a438-cc2440dd77e0", "control-id": "pcidss_4_12-10.7", "description": "The description for control-id pcidss_4_12-10.7.", "props": [ @@ -19151,7 +19197,7 @@ ] }, { - "uuid": "39c11b6a-0edd-4f56-9d94-abbea7fc2e4d", + "uuid": "4511bb85-f01d-4121-a4f5-12af031e557d", "control-id": "a1-1.1", "description": "The description for control-id a1-1.1.", "props": [ @@ -19164,7 +19210,7 @@ ] }, { - "uuid": "9ad4e73b-5ce9-4b6a-84ea-149ae7f5c172", + "uuid": "9fedc4dc-9318-4e6b-b869-cfe77ccf6582", "control-id": "a1-1.2", "description": "The description for control-id a1-1.2.", "props": [ @@ -19177,7 +19223,7 @@ ] }, { - "uuid": "7c6ff28e-7481-411f-acb3-86c3d0627992", + "uuid": "5c425079-411f-4008-992e-a2dc4ee4c6fa", "control-id": "a1-1.3", "description": "The description for control-id a1-1.3.", "props": [ @@ -19190,7 +19236,7 @@ ] }, { - "uuid": "98e2ba76-427d-456d-ab90-641ede665412", + "uuid": "53ffa5a9-7647-4f8c-a786-70675f68ab11", "control-id": "a1-1.4", "description": "The description for control-id a1-1.4.", "props": [ @@ -19203,7 +19249,7 @@ ] }, { - "uuid": "4b05cdc9-3839-42c7-975e-5ec9845a7c1d", + "uuid": "13a65a27-e20b-450e-95be-112a60aaf448", "control-id": "a1-2.1", "description": "The description for control-id a1-2.1.", "props": [ @@ -19216,7 +19262,7 @@ ] }, { - "uuid": "0add3835-57a0-4aff-bb9a-555d5a6373f9", + "uuid": "72772d5f-92ab-4b85-8661-d7144d52a6ea", "control-id": "a1-2.2", "description": "The description for control-id a1-2.2.", "props": [ @@ -19229,7 +19275,7 @@ ] }, { - "uuid": "44351c7c-2adc-4a88-bb00-43c5fc8223af", + "uuid": "c7529b54-93a8-4fcf-bc70-1ce7171695a4", "control-id": "a1-2.3", "description": "The description for control-id a1-2.3.", "props": [ @@ -19242,7 +19288,7 @@ ] }, { - "uuid": "4da1cc93-e028-449d-839d-f0c638de5bbb", + "uuid": "570ffd45-8eb9-45b9-b6a4-944ff09ebfbc", "control-id": "a2-1.1", "description": "The description for control-id a2-1.1.", "props": [ @@ -19255,7 +19301,7 @@ ] }, { - "uuid": "5fa473bd-df51-4a98-8160-9d920bad64a8", + "uuid": "afa02101-a6e8-459f-bdf6-88a0dabc1a74", "control-id": "a2-1.2", "description": "The description for control-id a2-1.2.", "props": [ @@ -19268,7 +19314,7 @@ ] }, { - "uuid": "191fafc7-7d84-4a42-bff5-81ea128ee12e", + "uuid": "c5ce7873-294b-4876-b60a-1deae4059331", "control-id": "a2-1.3", "description": "The description for control-id a2-1.3.", "props": [ @@ -19281,7 +19327,7 @@ ] }, { - "uuid": "cb508467-200f-44f7-86fe-b6bc3df5d8b1", + "uuid": "2ee02984-beec-4af6-a651-3e92f5e63552", "control-id": "a3-1.1", "description": "The description for control-id a3-1.1.", "props": [ @@ -19294,7 +19340,7 @@ ] }, { - "uuid": "2d1d120c-5b44-49d4-ba81-cda8130b8081", + "uuid": "6e86dd09-0d31-4a13-b852-a5ef8c72aaa1", "control-id": "a3-1.2", "description": "The description for control-id a3-1.2.", "props": [ @@ -19307,7 +19353,7 @@ ] }, { - "uuid": "9d75bf57-3999-427b-9ae8-87df3e6fe895", + "uuid": "3622635a-cf34-43cc-9014-609bc6263ae2", "control-id": "a3-1.3", "description": "The description for control-id a3-1.3.", "props": [ @@ -19320,7 +19366,7 @@ ] }, { - "uuid": "473ae376-89c9-46f4-b98a-f5644afc3b6e", + "uuid": "2e58d01c-ddbd-498b-8f2c-777a9ec76779", "control-id": "a3-1.4", "description": "The description for control-id a3-1.4.", "props": [ @@ -19333,7 +19379,7 @@ ] }, { - "uuid": "5d342aa1-4e5a-4b68-90a4-0b22515db1da", + "uuid": "ba3cf32e-49c5-46bb-b150-b6e3921c6780", "control-id": "a3-2.1", "description": "The description for control-id a3-2.1.", "props": [ @@ -19346,7 +19392,7 @@ ] }, { - "uuid": "a56e0c56-4946-495b-989e-a767c37bf5de", + "uuid": "688df02a-150c-4c6b-a7b5-fc05c8927d85", "control-id": "a3-2.2.1", "description": "The description for control-id a3-2.2.1.", "props": [ @@ -19359,7 +19405,7 @@ ] }, { - "uuid": "acc5147c-f74a-4e16-8dfe-cfc4d39e0fce", + "uuid": "2be3561b-4b9a-4997-a26b-4e9606183bd3", "control-id": "a3-2.3", "description": "The description for control-id a3-2.3.", "props": [ @@ -19372,7 +19418,7 @@ ] }, { - "uuid": "21290493-ce3c-48f2-9092-1ea0feafd30b", + "uuid": "bac5827b-e6b2-4151-a555-a00ee0c43a0f", "control-id": "a3-2.4", "description": "The description for control-id a3-2.4.", "props": [ @@ -19385,7 +19431,7 @@ ] }, { - "uuid": "4976e047-8b25-46d1-922b-32e9c4024416", + "uuid": "741420e2-8075-4246-9706-0c7cb6459599", "control-id": "a3-2.5.1", "description": "The description for control-id a3-2.5.1.", "props": [ @@ -19398,7 +19444,7 @@ ] }, { - "uuid": "5a544112-cc14-4062-8232-f598e918b68e", + "uuid": "744fcdbc-8b16-42cc-9d19-e819a2bd6585", "control-id": "a3-2.5.2", "description": "The description for control-id a3-2.5.2.", "props": [ @@ -19411,7 +19457,7 @@ ] }, { - "uuid": "c6423f37-fecd-43b0-8bb5-b296985f03cf", + "uuid": "f4b05953-bef4-41da-bce0-782455a1fec0", "control-id": "a3-2.6.1", "description": "The description for control-id a3-2.6.1.", "props": [ @@ -19424,7 +19470,7 @@ ] }, { - "uuid": "6a452572-12ab-4367-92f4-17156b0f7199", + "uuid": "013c1c9d-9b76-4f3d-b501-eb98607762d6", "control-id": "a3-3.1.2", "description": "The description for control-id a3-3.1.2.", "props": [ @@ -19437,7 +19483,7 @@ ] }, { - "uuid": "10124d36-658a-45a3-8861-a74e9b43d683", + "uuid": "ab2e016f-f666-4c6f-af9e-88ab9c2632d6", "control-id": "a3-3.2", "description": "The description for control-id a3-3.2.", "props": [ @@ -19450,7 +19496,7 @@ ] }, { - "uuid": "ba78fa75-4491-41fc-b394-ecc2dbf9bb71", + "uuid": "3a76794e-3257-45d1-9c81-748c0b54b630", "control-id": "a3-3.3", "description": "The description for control-id a3-3.3.", "props": [ @@ -19463,7 +19509,7 @@ ] }, { - "uuid": "b85d074d-8dab-4a8a-a8de-95d0dac0b4be", + "uuid": "d0c98d01-0f70-4e09-ac22-e24313ad0f6f", "control-id": "a3-4.1", "description": "The description for control-id a3-4.1.", "props": [ @@ -19476,7 +19522,7 @@ ] }, { - "uuid": "846c5b69-26ee-4811-b634-0b62f69e95bc", + "uuid": "d20e2e28-8eb9-447f-89ae-1b8e1f02f0ec", "control-id": "a3-5.1", "description": "The description for control-id a3-5.1.", "props": [ diff --git a/component-definitions/rhel8/rhel8-anssi-enhanced/component-definition.json b/component-definitions/rhel8/rhel8-anssi-enhanced/component-definition.json index 4d88aa1f7..1c43e3d8b 100644 --- a/component-definitions/rhel8/rhel8-anssi-enhanced/component-definition.json +++ b/component-definitions/rhel8/rhel8-anssi-enhanced/component-definition.json @@ -3,8 +3,8 @@ "uuid": "b295d181-e9e6-410c-96a5-120787697faf", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:04:43.959675+00:00", - "version": "1.9", + "last-modified": "2025-12-17T10:49:45.328702+00:00", + "version": "2.0", "oscal-version": "1.1.3" }, "components": [ @@ -347,7 +347,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -365,7 +365,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7525,7 +7525,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -7543,7 +7543,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-anssi-high/component-definition.json b/component-definitions/rhel8/rhel8-anssi-high/component-definition.json index bd122385d..e77d72075 100644 --- a/component-definitions/rhel8/rhel8-anssi-high/component-definition.json +++ b/component-definitions/rhel8/rhel8-anssi-high/component-definition.json @@ -3,8 +3,8 @@ "uuid": "ee3f4035-1eac-4bf9-afc2-08795f43524d", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:05:36.050209+00:00", - "version": "1.7", + "last-modified": "2025-12-17T10:50:40.115409+00:00", + "version": "1.8", "oscal-version": "1.1.3" }, "components": [ @@ -365,7 +365,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -383,7 +383,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -9193,7 +9193,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -9211,7 +9211,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-anssi-intermediary/component-definition.json b/component-definitions/rhel8/rhel8-anssi-intermediary/component-definition.json index 9950af2f3..f6e8cfb57 100644 --- a/component-definitions/rhel8/rhel8-anssi-intermediary/component-definition.json +++ b/component-definitions/rhel8/rhel8-anssi-intermediary/component-definition.json @@ -3,8 +3,8 @@ "uuid": "64e51a15-1ac4-48f3-84c6-aa4b5ad14f72", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:06:19.180851+00:00", - "version": "1.7", + "last-modified": "2025-12-17T10:51:27.198836+00:00", + "version": "1.8", "oscal-version": "1.1.3" }, "components": [ @@ -329,7 +329,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -347,7 +347,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -5686,7 +5686,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -5704,7 +5704,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-anssi-minimal/component-definition.json b/component-definitions/rhel8/rhel8-anssi-minimal/component-definition.json index 05c7a035d..14d752b50 100644 --- a/component-definitions/rhel8/rhel8-anssi-minimal/component-definition.json +++ b/component-definitions/rhel8/rhel8-anssi-minimal/component-definition.json @@ -3,8 +3,8 @@ "uuid": "dca4a913-7a66-4798-b587-254db2359b9b", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:06:53.706361+00:00", - "version": "1.5", + "last-modified": "2025-12-17T10:52:04.794802+00:00", + "version": "1.6", "oscal-version": "1.1.3" }, "components": [ @@ -149,7 +149,7 @@ { "name": "Parameter_Value_Alternatives_6", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_00" }, { @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_00" }, { @@ -1467,7 +1467,7 @@ { "name": "Parameter_Value_Alternatives_6", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_00" }, { @@ -1485,7 +1485,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_00" }, { diff --git a/component-definitions/rhel8/rhel8-cis_rhel8-l1_server/component-definition.json b/component-definitions/rhel8/rhel8-cis_rhel8-l1_server/component-definition.json index 3e3fba69b..25707a814 100644 --- a/component-definitions/rhel8/rhel8-cis_rhel8-l1_server/component-definition.json +++ b/component-definitions/rhel8/rhel8-cis_rhel8-l1_server/component-definition.json @@ -3,8 +3,8 @@ "uuid": "06123c91-c99b-48fb-866b-cebd9848462f", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:08:32.724107+00:00", - "version": "3.7", + "last-modified": "2025-12-17T10:53:57.574079+00:00", + "version": "3.8", "oscal-version": "1.1.3" }, "components": [ @@ -689,7 +689,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -707,7 +707,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -9850,7 +9850,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -9868,7 +9868,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-cis_rhel8-l1_workstation/component-definition.json b/component-definitions/rhel8/rhel8-cis_rhel8-l1_workstation/component-definition.json index 606c9e1fb..2901ed514 100644 --- a/component-definitions/rhel8/rhel8-cis_rhel8-l1_workstation/component-definition.json +++ b/component-definitions/rhel8/rhel8-cis_rhel8-l1_workstation/component-definition.json @@ -3,8 +3,8 @@ "uuid": "b9989c96-f468-4740-8fbb-45451e6617c7", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:09:19.913586+00:00", - "version": "3.9", + "last-modified": "2025-12-17T10:54:50.722251+00:00", + "version": "4.0", "oscal-version": "1.1.3" }, "components": [ @@ -689,7 +689,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -707,7 +707,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -9676,7 +9676,7 @@ { "name": "Parameter_Value_Alternatives_36", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -9694,7 +9694,7 @@ { "name": "Parameter_Value_Alternatives_37", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-cis_rhel8-l2_server/component-definition.json b/component-definitions/rhel8/rhel8-cis_rhel8-l2_server/component-definition.json index 309ae7c95..1757ad92a 100644 --- a/component-definitions/rhel8/rhel8-cis_rhel8-l2_server/component-definition.json +++ b/component-definitions/rhel8/rhel8-cis_rhel8-l2_server/component-definition.json @@ -3,8 +3,8 @@ "uuid": "77746010-6ea0-42aa-9b34-f14ce18e20f9", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:07:45.626688+00:00", - "version": "4.3", + "last-modified": "2025-12-17T10:53:02.668904+00:00", + "version": "4.4", "oscal-version": "1.1.3" }, "components": [ @@ -851,7 +851,7 @@ { "name": "Parameter_Value_Alternatives_45", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -869,7 +869,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -12729,7 +12729,7 @@ { "name": "Parameter_Value_Alternatives_45", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -12747,7 +12747,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-cis_rhel8-l2_workstation/component-definition.json b/component-definitions/rhel8/rhel8-cis_rhel8-l2_workstation/component-definition.json index b68830ef7..3a0440481 100644 --- a/component-definitions/rhel8/rhel8-cis_rhel8-l2_workstation/component-definition.json +++ b/component-definitions/rhel8/rhel8-cis_rhel8-l2_workstation/component-definition.json @@ -3,8 +3,8 @@ "uuid": "22768ddf-d6e1-4d57-9409-6a35fd1883ca", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:10:10.821944+00:00", - "version": "4.3", + "last-modified": "2025-12-17T10:55:50.849535+00:00", + "version": "4.4", "oscal-version": "1.1.3" }, "components": [ @@ -851,7 +851,7 @@ { "name": "Parameter_Value_Alternatives_45", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -869,7 +869,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -12567,7 +12567,7 @@ { "name": "Parameter_Value_Alternatives_45", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -12585,7 +12585,7 @@ { "name": "Parameter_Value_Alternatives_46", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-ism_o-base/component-definition.json b/component-definitions/rhel8/rhel8-ism_o-base/component-definition.json index a31ccd21c..4ed7fa8f1 100644 --- a/component-definitions/rhel8/rhel8-ism_o-base/component-definition.json +++ b/component-definitions/rhel8/rhel8-ism_o-base/component-definition.json @@ -3,8 +3,8 @@ "uuid": "a2008f82-e4ed-407a-bef6-183adc890d41", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-10-17T08:35:27.669488+00:00", - "version": "1.9", + "last-modified": "2025-12-17T10:56:37.379227+00:00", + "version": "2.0", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -6958,7 +6958,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-ism_o-secret/component-definition.json b/component-definitions/rhel8/rhel8-ism_o-secret/component-definition.json index f257a563e..042d51fdf 100644 --- a/component-definitions/rhel8/rhel8-ism_o-secret/component-definition.json +++ b/component-definitions/rhel8/rhel8-ism_o-secret/component-definition.json @@ -3,8 +3,8 @@ "uuid": "94022509-931e-45be-8b82-07d701b58383", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-10-17T08:36:10.878844+00:00", - "version": "1.7", + "last-modified": "2025-12-17T10:57:21.868880+00:00", + "version": "1.8", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7206,7 +7206,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-ism_o-top_secret/component-definition.json b/component-definitions/rhel8/rhel8-ism_o-top_secret/component-definition.json index ba2f31da5..de334c946 100644 --- a/component-definitions/rhel8/rhel8-ism_o-top_secret/component-definition.json +++ b/component-definitions/rhel8/rhel8-ism_o-top_secret/component-definition.json @@ -3,8 +3,8 @@ "uuid": "58dcf5ea-6e5f-45eb-ab43-a97553d39619", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-10-17T08:36:54.170842+00:00", - "version": "1.7", + "last-modified": "2025-12-17T10:58:05.314880+00:00", + "version": "1.8", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7330,7 +7330,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-pcidss_4-base/component-definition.json b/component-definitions/rhel8/rhel8-pcidss_4-base/component-definition.json index be18fe685..cd2fa2c2f 100644 --- a/component-definitions/rhel8/rhel8-pcidss_4-base/component-definition.json +++ b/component-definitions/rhel8/rhel8-pcidss_4-base/component-definition.json @@ -3,8 +3,8 @@ "uuid": "086b160b-e979-4e7f-ab46-a2f7c88b7bdd", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:12:49.041322+00:00", - "version": "2.3", + "last-modified": "2025-12-17T10:58:55.538765+00:00", + "version": "2.4", "oscal-version": "1.1.3" }, "components": [ @@ -311,7 +311,7 @@ { "name": "Parameter_Value_Alternatives_15", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -329,7 +329,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -8695,7 +8695,7 @@ { "name": "Parameter_Value_Alternatives_15", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -8713,7 +8713,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-stig_rhel8-high/component-definition.json b/component-definitions/rhel8/rhel8-stig_rhel8-high/component-definition.json index 091a04ccc..748c7c885 100644 --- a/component-definitions/rhel8/rhel8-stig_rhel8-high/component-definition.json +++ b/component-definitions/rhel8/rhel8-stig_rhel8-high/component-definition.json @@ -3,8 +3,8 @@ "uuid": "a6de6ef1-cb05-40a3-a5d0-09b4b4949aee", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:13:40.879300+00:00", - "version": "2.9", + "last-modified": "2025-12-17T10:59:55.600629+00:00", + "version": "3.0", "oscal-version": "1.1.3" }, "components": [ @@ -491,7 +491,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -509,7 +509,7 @@ { "name": "Parameter_Value_Alternatives_26", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7248,7 +7248,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -7266,7 +7266,7 @@ { "name": "Parameter_Value_Alternatives_26", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-stig_rhel8-low/component-definition.json b/component-definitions/rhel8/rhel8-stig_rhel8-low/component-definition.json index 65af2e991..a6e69df16 100644 --- a/component-definitions/rhel8/rhel8-stig_rhel8-low/component-definition.json +++ b/component-definitions/rhel8/rhel8-stig_rhel8-low/component-definition.json @@ -3,8 +3,8 @@ "uuid": "4766b5c9-d8da-483e-a2b2-41cdbdd0a7cb", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:15:23.582531+00:00", - "version": "2.9", + "last-modified": "2025-12-17T11:01:53.750541+00:00", + "version": "3.0", "oscal-version": "1.1.3" }, "components": [ @@ -491,7 +491,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -509,7 +509,7 @@ { "name": "Parameter_Value_Alternatives_26", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7288,7 +7288,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -7306,7 +7306,7 @@ { "name": "Parameter_Value_Alternatives_26", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel8/rhel8-stig_rhel8-medium/component-definition.json b/component-definitions/rhel8/rhel8-stig_rhel8-medium/component-definition.json index 52a360b59..6ebc645ab 100644 --- a/component-definitions/rhel8/rhel8-stig_rhel8-medium/component-definition.json +++ b/component-definitions/rhel8/rhel8-stig_rhel8-medium/component-definition.json @@ -3,8 +3,8 @@ "uuid": "d6bf05ff-8086-4127-a221-4429b77ab593", "metadata": { "title": "Component definition for rhel8", - "last-modified": "2025-12-11T18:14:32.255541+00:00", - "version": "2.9", + "last-modified": "2025-12-17T11:00:55.945517+00:00", + "version": "3.0", "oscal-version": "1.1.3" }, "components": [ @@ -491,7 +491,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -509,7 +509,7 @@ { "name": "Parameter_Value_Alternatives_26", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -12449,7 +12449,7 @@ { "name": "Parameter_Value_Alternatives_25", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -12467,7 +12467,7 @@ { "name": "Parameter_Value_Alternatives_26", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel9/rhel9-anssi-enhanced/component-definition.json b/component-definitions/rhel9/rhel9-anssi-enhanced/component-definition.json index d760a23a3..1e65f696d 100644 --- a/component-definitions/rhel9/rhel9-anssi-enhanced/component-definition.json +++ b/component-definitions/rhel9/rhel9-anssi-enhanced/component-definition.json @@ -3,8 +3,8 @@ "uuid": "fb4d7f88-deb5-45ad-a88a-f90300331665", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-12-11T18:16:10.145195+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:02:45.835322+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -365,7 +365,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -383,7 +383,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7278,7 +7278,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -7296,7 +7296,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel9/rhel9-anssi-high/component-definition.json b/component-definitions/rhel9/rhel9-anssi-high/component-definition.json index d9f1146ef..17ece30ff 100644 --- a/component-definitions/rhel9/rhel9-anssi-high/component-definition.json +++ b/component-definitions/rhel9/rhel9-anssi-high/component-definition.json @@ -3,8 +3,8 @@ "uuid": "ba234c1c-cc49-4b41-a997-69fd477a45fd", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-12-11T18:16:59.883691+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:03:42.161031+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -383,7 +383,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -401,7 +401,7 @@ { "name": "Parameter_Value_Alternatives_20", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -9014,7 +9014,7 @@ { "name": "Parameter_Value_Alternatives_19", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -9032,7 +9032,7 @@ { "name": "Parameter_Value_Alternatives_20", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel9/rhel9-anssi-intermediary/component-definition.json b/component-definitions/rhel9/rhel9-anssi-intermediary/component-definition.json index 07ba5a5c9..b53695d20 100644 --- a/component-definitions/rhel9/rhel9-anssi-intermediary/component-definition.json +++ b/component-definitions/rhel9/rhel9-anssi-intermediary/component-definition.json @@ -3,8 +3,8 @@ "uuid": "08306d16-4996-4b5d-bbf3-1800c9877ae1", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-12-11T18:17:42.142180+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:04:29.770656+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -347,7 +347,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -365,7 +365,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -5558,7 +5558,7 @@ { "name": "Parameter_Value_Alternatives_17", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -5576,7 +5576,7 @@ { "name": "Parameter_Value_Alternatives_18", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel9/rhel9-anssi-minimal/component-definition.json b/component-definitions/rhel9/rhel9-anssi-minimal/component-definition.json index e01790bc6..31332407c 100644 --- a/component-definitions/rhel9/rhel9-anssi-minimal/component-definition.json +++ b/component-definitions/rhel9/rhel9-anssi-minimal/component-definition.json @@ -3,8 +3,8 @@ "uuid": "5e2a14d9-cdc9-4476-b4c5-04ab3a945548", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-12-11T18:18:15.893736+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:05:08.424160+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_00" }, { @@ -185,7 +185,7 @@ { "name": "Parameter_Value_Alternatives_8", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_00" }, { @@ -1458,7 +1458,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_00" }, { @@ -1476,7 +1476,7 @@ { "name": "Parameter_Value_Alternatives_8", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_00" }, { diff --git a/component-definitions/rhel9/rhel9-ism_o-base/component-definition.json b/component-definitions/rhel9/rhel9-ism_o-base/component-definition.json index 19d983541..d5111af0a 100644 --- a/component-definitions/rhel9/rhel9-ism_o-base/component-definition.json +++ b/component-definitions/rhel9/rhel9-ism_o-base/component-definition.json @@ -3,8 +3,8 @@ "uuid": "388b9288-f46a-40ea-9738-afb900d979c2", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-10-17T08:37:46.034708+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:05:55.788737+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -6877,7 +6877,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel9/rhel9-ism_o-secret/component-definition.json b/component-definitions/rhel9/rhel9-ism_o-secret/component-definition.json index 60889d177..449b17144 100644 --- a/component-definitions/rhel9/rhel9-ism_o-secret/component-definition.json +++ b/component-definitions/rhel9/rhel9-ism_o-secret/component-definition.json @@ -3,8 +3,8 @@ "uuid": "843d4fc0-6ea9-457d-a5e4-183938619a7c", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-10-17T08:38:29.609148+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:06:39.913673+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7125,7 +7125,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel9/rhel9-ism_o-top_secret/component-definition.json b/component-definitions/rhel9/rhel9-ism_o-top_secret/component-definition.json index 8a537ae06..34b8aa3e5 100644 --- a/component-definitions/rhel9/rhel9-ism_o-top_secret/component-definition.json +++ b/component-definitions/rhel9/rhel9-ism_o-top_secret/component-definition.json @@ -3,8 +3,8 @@ "uuid": "3ac308b5-d965-4da5-ab3f-1c7de14c5a9f", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-10-17T08:39:13.260308+00:00", - "version": "1.4", + "last-modified": "2025-12-17T11:07:22.955326+00:00", + "version": "1.5", "oscal-version": "1.1.3" }, "components": [ @@ -167,7 +167,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -7249,7 +7249,7 @@ { "name": "Parameter_Value_Alternatives_7", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { diff --git a/component-definitions/rhel9/rhel9-pcidss_4-base/component-definition.json b/component-definitions/rhel9/rhel9-pcidss_4-base/component-definition.json index 007106efa..51ca2c12c 100644 --- a/component-definitions/rhel9/rhel9-pcidss_4-base/component-definition.json +++ b/component-definitions/rhel9/rhel9-pcidss_4-base/component-definition.json @@ -3,8 +3,8 @@ "uuid": "82eef6a2-1ce5-4817-af27-287cf97df8aa", "metadata": { "title": "Component definition for rhel9", - "last-modified": "2025-12-11T18:20:55.612819+00:00", - "version": "1.6", + "last-modified": "2025-12-17T11:08:12.684423+00:00", + "version": "1.7", "oscal-version": "1.1.3" }, "components": [ @@ -311,7 +311,7 @@ { "name": "Parameter_Value_Alternatives_15", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -329,7 +329,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, { @@ -8576,7 +8576,7 @@ { "name": "Parameter_Value_Alternatives_15", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT'}", + "value": "{'default': 'SHA512', 'SHA512': 'SHA512', 'SHA256': 'SHA256', 'yescrypt': 'YESCRYPT', 'cis_ubuntu2204': 'SHA512|YESCRYPT', 'cis_ubuntu2404': 'SHA512|YESCRYPT', 'cis_rhel10': 'YESCRYPT|SHA512'}", "remarks": "rule_set_000" }, { @@ -8594,7 +8594,7 @@ { "name": "Parameter_Value_Alternatives_16", "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", - "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt'}", + "value": "{'default': 'sha512', 'sha512': 'sha512', 'yescrypt': 'yescrypt', 'cis_rhel10': 'yescrypt|sha512'}", "remarks": "rule_set_000" }, {