From 6767ae9d374860b68df4c45e594abf598b957f3d Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Mon, 9 Sep 2024 13:44:55 -0500 Subject: [PATCH 1/7] Update DISA CCI numbers for RHEL V2R1 --- .../auditd_configure_rules/audit_rules_sudoers/rule.yml | 2 +- .../auditd_configure_rules/audit_rules_sudoers_d/rule.yml | 2 +- .../audit_rules_suid_privilege_function/rule.yml | 2 +- .../audit_rules_usergroup_modification_group/rule.yml | 2 +- .../audit_rules_usergroup_modification_gshadow/rule.yml | 2 +- .../audit_rules_usergroup_modification_opasswd/rule.yml | 2 +- .../audit_rules_usergroup_modification_passwd/rule.yml | 2 +- .../audit_rules_usergroup_modification_shadow/rule.yml | 2 +- linux_os/guide/auditing/package_audit-libs_installed/rule.yml | 2 +- linux_os/guide/auditing/package_audit_installed/rule.yml | 2 +- linux_os/guide/auditing/service_auditd_enabled/rule.yml | 2 +- .../services/obsolete/tftp/package_tftp-server_removed/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml | 2 +- .../guide/services/sssd/sssd_certificate_verification/rule.yml | 2 +- linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml | 2 +- linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml | 2 +- .../set_password_hashing_algorithm_passwordauth/rule.yml | 2 +- .../smart_card_login/install_smartcard_packages/rule.yml | 2 +- .../smart_card_login/smartcard_configure_ca/rule.yml | 2 +- .../smart_card_login/smartcard_configure_cert_checking/rule.yml | 2 +- .../smart_card_login/smartcard_configure_crl/rule.yml | 2 +- .../smart_card_login/smartcard_pam_enabled/rule.yml | 2 +- .../accounts_password_all_shadowed_sha512/rule.yml | 2 +- .../user_umask/accounts_umask_interactive_users/rule.yml | 2 +- .../non-uefi/grub2_no_removeable_media/rule.yml | 2 +- .../bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml | 2 +- .../rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml | 2 +- .../restrictions/sysctl_kernel_kexec_load_disabled/rule.yml | 2 +- .../system/selinux/selinux_all_devicefiles_labeled/rule.yml | 2 +- .../dconf_gnome_enable_smartcard_auth/rule.yml | 2 +- .../updating/ensure_gpgcheck_globally_activated/rule.yml | 2 +- .../software/updating/ensure_redhat_gpgkey_installed/rule.yml | 2 +- 33 files changed, 33 insertions(+), 33 deletions(-) diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml index 71db3944b0b..48694304b1c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@rhel10: CCE-88688-7 references: - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-000015,CCI-002884 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030171 stigid@rhel8: RHEL-08-030171 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml index 6682de4574b..88d0d6b6aee 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@rhel10: CCE-89020-2 references: - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-000015,CCI-002884 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030172 stigid@rhel8: RHEL-08-030172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml index 04a1fcbc6b0..290fd3cacc2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml @@ -51,7 +51,7 @@ identifiers: references: cis@ubuntu2004: 4.1.15 cis@ubuntu2204: 4.1.3.2 - disa: CCI-001814,CCI-001882,CCI-001889,CCI-001880,CCI-001881,CCI-001878,CCI-001879,CCI-001875,CCI-001877,CCI-001914,CCI-002233,CCI-002234 + disa: CCI-003938,CCI-001882,CCI-001889,CCI-001880,CCI-001881,CCI-001878,CCI-001879,CCI-001875,CCI-001877,CCI-001914,CCI-002233,CCI-002234 nist: CM-5(1),AU-7(a),AU-7(b),AU-8(b),AU-12(3),AC-6(9) srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-APP-000343-CTR-000780,SRG-APP-000381-CTR-000905,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030360 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml index a8f8c2f1d9a..b3dbb057189 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml index c816876fb96..2908f5fd39e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml @@ -43,7 +43,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml index 85b9413cba6..31626235561 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml index 09f6050681d..a8a9160c1db 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-000015,CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-002130,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml index a4034c10525..b22892ae765 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/package_audit-libs_installed/rule.yml b/linux_os/guide/auditing/package_audit-libs_installed/rule.yml index 0e80e5eac4f..98b760529fa 100644 --- a/linux_os/guide/auditing/package_audit-libs_installed/rule.yml +++ b/linux_os/guide/auditing/package_audit-libs_installed/rule.yml @@ -24,7 +24,7 @@ identifiers: references: cis@sle12: 4.1.1.1 cis@sle15: 4.1.1.1 - disa: CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-001464,CCI-001487,CCI-001814,CCI-001875,CCI-001876,CCI-001877,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-002884,CCI-000169 + disa: CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-001464,CCI-001487,CCI-003938,CCI-001875,CCI-001876,CCI-001877,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-002884,CCI-000169 nerc-cip: CIP-004-6 R3.3,CIP-007-3 R6.5 nist: AC-7(a),AU-7(1),AU-7(2),AU-14,AU-12(2),AU-2(a),CM-6(a) nist@sle12: AU-7(a),AU-7(b),AU-8(b),AU-12.1(iv),AU-12(3),AU-12(c),CM-5(1) diff --git a/linux_os/guide/auditing/package_audit_installed/rule.yml b/linux_os/guide/auditing/package_audit_installed/rule.yml index e620e7c22d1..c5d303b715d 100644 --- a/linux_os/guide/auditing/package_audit_installed/rule.yml +++ b/linux_os/guide/auditing/package_audit_installed/rule.yml @@ -22,7 +22,7 @@ references: cis@sle15: 4.1.1.1 cis@ubuntu2004: 4.1.1.1 cis@ubuntu2204: 4.1.1.1 - disa: CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-001464,CCI-001487,CCI-001814,CCI-001875,CCI-001876,CCI-001877,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-002884,CCI-000169,CCI-003938 + disa: CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-001464,CCI-001487,CCI-003938,CCI-001875,CCI-001876,CCI-001877,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-002884,CCI-000169,CCI-003938 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(C),164.310(a)(2)(iv),164.310(d)(2)(iii),164.312(b) nerc-cip: CIP-004-6 R3.3,CIP-007-3 R6.5 nist: AC-7(a),AU-7(1),AU-7(2),AU-14,AU-12(2),AU-2(a),CM-6(a) diff --git a/linux_os/guide/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/auditing/service_auditd_enabled/rule.yml index 5608116a86d..abc5f54bfe4 100644 --- a/linux_os/guide/auditing/service_auditd_enabled/rule.yml +++ b/linux_os/guide/auditing/service_auditd_enabled/rule.yml @@ -41,7 +41,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.3.1,3.3.2,3.3.6 - disa: CCI-000126,CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-000366,CCI-001464,CCI-001487,CCI-001814,CCI-001875,CCI-001876,CCI-001877,CCI-002884,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-000169,CCI-003938 + disa: CCI-000126,CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-000366,CCI-001464,CCI-001487,CCI-003938,CCI-001875,CCI-001876,CCI-001877,CCI-002884,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-000169,CCI-003938,CCI-004188 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(C),164.310(a)(2)(iv),164.310(d)(2)(iii),164.312(b) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml index fbf4fbc681a..631ef94488c 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml @@ -26,7 +26,7 @@ identifiers: references: cis-csc: 11,12,14,15,3,8,9 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06 - disa: CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-001814 + disa: CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-003938 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.9.1.2 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml index 69a138e7e4e..6b986fb1917 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml @@ -30,7 +30,7 @@ references: cis-csc: 11,3,9 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05 cui: 3.1.12 - disa: CCI-000318,CCI-000368,CCI-001812,CCI-001813,CCI-001814,CCI-000366 + disa: CCI-000318,CCI-000368,CCI-001812,CCI-001813,CCI-003938,CCI-000366 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 7.6' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml index 01de7d15889..5230176c391 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml @@ -31,7 +31,7 @@ references: cis-csc: 11,3,9 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05 cui: 3.1.12 - disa: CCI-000318,CCI-000368,CCI-001812,CCI-001813,CCI-001814,CCI-000366 + disa: CCI-000318,CCI-000368,CCI-001812,CCI-001813,CCI-003938,CCI-000366 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 7.6' diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml index 5feb19e49f7..197bdf0d993 100644 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-86192-2 references: - disa: CCI-001948,CCI-001954 + disa: CCI-004046,CCI-001954 nist: IA-2(11) srg: SRG-OS-000375-GPOS-00160,SRG-OS-000377-GPOS-00162 stigid@ol8: OL08-00-010400 diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml b/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml index a5158210717..29b3f397906 100644 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml +++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml @@ -28,7 +28,7 @@ identifiers: references: cis-csc: 1,12,15,16,5 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-001948,CCI-001953,CCI-001954 + disa: CCI-004046,CCI-001953,CCI-001954 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' iso27001-2013: A.18.1.4,A.7.1.1,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml index 941d038dcd1..115efef15ef 100644 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml @@ -45,7 +45,7 @@ identifiers: cce@sle15: CCE-85826-6 references: - disa: CCI-001954,CCI-000765,CCI-000766,CCI-000767,CCI-000768 + disa: CCI-000765,CCI-004046,CCI-004047 ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 pcidss: Req-8.3 srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml index c83e2750773..13da3921ff6 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml @@ -39,7 +39,7 @@ references: cjis: 5.6.2.2 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.13.11 - disa: CCI-000196,CCI-000803 + disa: CCI-004062 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0418,1055,1402 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml index 133c88849e5..14536117781 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml @@ -47,7 +47,7 @@ identifiers: cce@slmicro5: CCE-93761-5 references: - disa: CCI-000765,CCI-000766,CCI-001948,CCI-001953,CCI-001954,CCI-004046,CCI-004047 + disa: CCI-000765,CCI-000766,CCI-004046,CCI-001953,CCI-001954,CCI-004046,CCI-004047 nist: CM-6(a) pcidss: Req-8.3 srg: SRG-OS-000105-GPOS-00052,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000377-GPOS-00162 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_ca/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_ca/rule.yml index 537ec2ea0a3..274e56a2040 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_ca/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_ca/rule.yml @@ -29,7 +29,7 @@ identifiers: cce@slmicro5: CCE-93680-7 references: - disa: CCI-000185,CCI-001991 + disa: CCI-000185,CCI-004068 nist@sle12: IA-5 (2),IA-5(2)(a),IA-5 (2).1,IA-5(2)(d) srg: SRG-OS-000066-GPOS-00034,SRG-OS-000384-GPOS-00167 stigid@sle12: SLES-12-030530 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml index f7033aed678..aa22876c6ec 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml @@ -33,7 +33,7 @@ identifiers: cce@slmicro5: CCE-93717-7 references: - disa: CCI-001948,CCI-001953,CCI-001954 + disa: CCI-004046,CCI-001953,CCI-001954 srg: SRG-OS-000375-GPOS-00160,SRG-OS-000376-GPOS-00161,SRG-OS-000377-GPOS-00162,SRG-OS-000384-GPOS-00167 stigid@ol7: OL07-00-041003 stigid@sle12: SLES-12-030510 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_crl/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_crl/rule.yml index 6317cc627c8..00d8d3fae2d 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_crl/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_crl/rule.yml @@ -19,7 +19,7 @@ rationale: |- severity: medium references: - disa: CCI-001991,CCI-004068 + disa: CCI-004068,CCI-004068 srg: SRG-OS-000384-GPOS-00167 stigid@ubuntu2004: UBTU-20-010066 stigid@ubuntu2204: UBTU-22-612035 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_pam_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_pam_enabled/rule.yml index 2b812b097d2..ddac769d732 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_pam_enabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_pam_enabled/rule.yml @@ -56,7 +56,7 @@ identifiers: cce@slmicro5: CCE-93800-1 references: - disa: CCI-000765,CCI-000766,CCI-000767,CCI-000768,CCI-000187,CCI-001948,CCI-001953,CCI-001954,CCI-004047 + disa: CCI-000765,CCI-000766,CCI-000767,CCI-000768,CCI-000187,CCI-004046,CCI-001953,CCI-001954,CCI-004047 nist@sle12: IA-2(1),IA-2(1).1,IA-2(2),IA-2(2).1,IA-2(3),IA-2(3).1,IA-2(4),IA-2(4).1,IA-5(2),IA-5(2).1,IA-5(2)(c),IA-2(11),IA-2(12) srg: SRG-OS-000068-GPOS-00036,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000375-GPOS-00162 stigid@sle12: SLES-12-030520 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml index 4805193b48a..1d2599559d9 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml @@ -35,7 +35,7 @@ references: cis@sle12: 5.4.1.1 cis@sle15: 5.4.1.1 cis@ubuntu2004: 5.3.4 - disa: CCI-000196,CCI-000803 + disa: CCI-004062 nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1 srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-010120 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml index 92a399ce27c..c224d01f5f8 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml @@ -23,7 +23,7 @@ identifiers: references: cis@ubuntu2004: 5.4.4 cis@ubuntu2204: 5.5.4 - disa: CCI-000366,CCI-001814 + disa: CCI-000366,CCI-003938 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00228 stigid@ol7: OL07-00-021040 stigid@ol8: OL08-00-020352 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml index 4462af3bcf3..eabe7356e79 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml @@ -17,7 +17,7 @@ rationale: |- severity: medium references: - disa: CCI-001813,CCI-001814 + disa: CCI-001813,CCI-003938 srg: SRG-OS-000364-GPOS-00151 stigid@ol7: OL07-00-021700 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml index da292a920f3..059e63db720 100644 --- a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml @@ -17,7 +17,7 @@ rationale: |- severity: medium references: - disa: CCI-001813,CCI-001814 + disa: CCI-001813,CCI-003938 srg: SRG-OS-000364-GPOS-00151 stigid@ol7: OL07-00-021700 diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml index aaa9256a706..3a6fbb5a0cf 100644 --- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml @@ -43,7 +43,7 @@ references: cis@sle15: 4.2.1.6 cis@ubuntu2204: 4.2.2.7 cobit5: APO01.06,APO11.04,APO13.01,BAI03.05,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.05,DSS03.01,DSS05.02,DSS05.04,DSS05.07,DSS06.02,MEA02.01 - disa: CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-001814 + disa: CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-003938 isa-62443-2009: 4.2.3.4,4.3.3.3.9,4.3.3.4,4.3.3.5.8,4.3.4.3.2,4.3.4.3.3,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4,4.4.3.3 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' ism: 0988,1405 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml index 9a357acf688..ad546c78a0c 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml @@ -18,7 +18,7 @@ identifiers: cce@rhel10: CCE-89232-3 references: - disa: CCI-001749 + disa: CCI-003992 nist: CM-6 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000366-GPOS-00153 stigid@ol8: OL08-00-010372 diff --git a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml index 6c3e7ba89f0..a6d5833a1b2 100644 --- a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml +++ b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml @@ -31,7 +31,7 @@ references: cis-csc: 1,11,12,13,14,15,16,18,2,3,5,6,7,8,9 cobit5: APO01.06,APO11.04,BAI01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.06,MEA02.01 cui: '3.1.2,3.1.5,3.7.2' - disa: CCI-000022,CCI-000032,CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-001814 + disa: CCI-000022,CCI-000032,CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-003938 isa-62443-2009: 4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 2.8,SR 2.9,SR 5.2,SR 6.2,SR 7.6' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.1.2,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.5.1,A.12.6.2,A.12.7.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.14.2.7,A.15.2.1,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml index 850f7c3146e..3d56f171c63 100644 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml @@ -29,7 +29,7 @@ identifiers: cce@rhel9: CCE-86580-8 references: - disa: CCI-000765,CCI-000766,CCI-000767,CCI-000768,CCI-000771,CCI-000772,CCI-000884,CCI-001948,CCI-001954 + disa: CCI-000765,CCI-000766,CCI-000767,CCI-000768,CCI-000771,CCI-000772,CCI-000884,CCI-004046,CCI-001954 nist: IA-2(3),IA-2(4),IA-2(8),IA-2(9),IA-2(11) pcidss: Req-8.3 srg: SRG-OS-000375-GPOS-00160,SRG-OS-000376-GPOS-00161,SRG-OS-000377-GPOS-00162 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml index 1de80a5c6a1..d3fe7d0fbb5 100644 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.10.4.1 cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02 cui: 3.4.8 - disa: CCI-001749 + disa: CCI-003992 hipaa: 164.308(a)(1)(ii)(D),164.312(b),164.312(c)(1),164.312(c)(2),164.312(e)(2)(i) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4 isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6' diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml index 142d10e7578..86d0cb5d3a3 100644 --- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml +++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml @@ -42,7 +42,7 @@ references: cjis: 5.10.4.1 cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02 cui: 3.4.8 - disa: CCI-001749 + disa: CCI-003992 hipaa: 164.308(a)(1)(ii)(D),164.312(b),164.312(c)(1),164.312(c)(2),164.312(e)(2)(i) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4 isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6' From d7204f9a82aa5eea8a9e986b8b2f6b63a8e9c0bf Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Tue, 10 Sep 2024 15:37:43 -0500 Subject: [PATCH 2/7] Update rule CCI from RHEL 9 STIG V2R1 # Conflicts: # linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml # linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml # linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml # linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml --- .../audit_rules_dac_modification_chmod/rule.yml | 2 +- .../audit_rules_dac_modification_chown/rule.yml | 2 +- .../audit_rules_dac_modification_fchmod/rule.yml | 2 +- .../audit_rules_dac_modification_fchmodat/rule.yml | 2 +- .../audit_rules_dac_modification_fchown/rule.yml | 2 +- .../audit_rules_dac_modification_fchownat/rule.yml | 2 +- .../audit_rules_dac_modification_fremovexattr/rule.yml | 2 +- .../audit_rules_dac_modification_fsetxattr/rule.yml | 2 +- .../audit_rules_dac_modification_lchown/rule.yml | 2 +- .../audit_rules_dac_modification_lremovexattr/rule.yml | 2 +- .../audit_rules_dac_modification_lsetxattr/rule.yml | 2 +- .../audit_rules_dac_modification_removexattr/rule.yml | 2 +- .../audit_rules_dac_modification_setxattr/rule.yml | 2 +- .../audit_rules_dac_modification_umount/rule.yml | 2 +- .../audit_rules_dac_modification_umount2/rule.yml | 2 +- .../audit_rules_execution_chacl/rule.yml | 2 +- .../audit_rules_execution_setfacl/rule.yml | 2 +- .../audit_rules_execution_chcon/rule.yml | 2 +- .../audit_rules_execution_semanage/rule.yml | 2 +- .../audit_rules_execution_setfiles/rule.yml | 2 +- .../audit_rules_execution_setsebool/rule.yml | 2 +- .../audit_rules_file_deletion_events_rename/rule.yml | 2 +- .../audit_rules_file_deletion_events_renameat/rule.yml | 2 +- .../audit_rules_file_deletion_events_rmdir/rule.yml | 2 +- .../audit_rules_file_deletion_events_unlink/rule.yml | 2 +- .../audit_rules_file_deletion_events_unlinkat/rule.yml | 2 +- .../audit_rules_unsuccessful_file_modification_creat/rule.yml | 2 +- .../rule.yml | 2 +- .../audit_rules_unsuccessful_file_modification_open/rule.yml | 2 +- .../rule.yml | 2 +- .../audit_rules_unsuccessful_file_modification_openat/rule.yml | 2 +- .../rule.yml | 2 +- .../audit_rules_kernel_module_loading_delete/rule.yml | 2 +- .../audit_rules_kernel_module_loading_finit/rule.yml | 2 +- .../audit_rules_kernel_module_loading_init/rule.yml | 2 +- .../audit_rules_login_events_faillock/rule.yml | 2 +- .../audit_rules_login_events_lastlog/rule.yml | 2 +- .../audit_rules_login_events_tallylog/rule.yml | 2 +- .../audit_rules_privileged_commands_chage/rule.yml | 2 +- .../audit_rules_privileged_commands_chsh/rule.yml | 2 +- .../audit_rules_privileged_commands_crontab/rule.yml | 2 +- .../audit_rules_privileged_commands_gpasswd/rule.yml | 2 +- .../audit_rules_privileged_commands_kmod/rule.yml | 2 +- .../audit_rules_privileged_commands_mount/rule.yml | 2 +- .../audit_rules_privileged_commands_newgrp/rule.yml | 2 +- .../rule.yml | 2 +- .../audit_rules_privileged_commands_passwd/rule.yml | 2 +- .../audit_rules_privileged_commands_postdrop/rule.yml | 2 +- .../audit_rules_privileged_commands_postqueue/rule.yml | 2 +- .../audit_rules_privileged_commands_ssh_agent/rule.yml | 2 +- .../audit_rules_privileged_commands_ssh_keysign/rule.yml | 2 +- .../audit_rules_privileged_commands_su/rule.yml | 2 +- .../audit_rules_privileged_commands_sudo/rule.yml | 2 +- .../audit_rules_privileged_commands_sudoedit/rule.yml | 2 +- .../audit_rules_privileged_commands_umount/rule.yml | 2 +- .../audit_rules_privileged_commands_unix_chkpwd/rule.yml | 2 +- .../audit_rules_privileged_commands_unix_update/rule.yml | 2 +- .../audit_rules_privileged_commands_userhelper/rule.yml | 2 +- .../audit_rules_privileged_commands_usermod/rule.yml | 2 +- .../auditd_configure_rules/audit_rules_immutable/rule.yml | 2 +- .../audit_rules_immutable_login_uids/rule.yml | 2 +- .../auditd_configure_rules/audit_rules_sudoers/rule.yml | 2 +- .../auditd_configure_rules/audit_rules_sudoers_d/rule.yml | 2 +- .../audit_rules_suid_privilege_function/rule.yml | 2 +- .../auditd_configure_rules/audit_rules_system_shutdown/rule.yml | 2 +- .../audit_rules_usergroup_modification_group/rule.yml | 2 +- .../audit_rules_usergroup_modification_gshadow/rule.yml | 2 +- .../audit_rules_usergroup_modification_opasswd/rule.yml | 2 +- .../audit_rules_usergroup_modification_passwd/rule.yml | 2 +- .../audit_rules_usergroup_modification_shadow/rule.yml | 2 +- .../directory_group_ownership_var_log_audit/rule.yml | 2 +- .../directory_ownership_var_log_audit/rule.yml | 2 +- .../file_permissions_var_log_audit/rule.yml | 2 +- .../rule.yml | 2 +- .../auditd_audispd_syslog_plugin_activated/rule.yml | 2 +- .../auditd_data_retention_action_mail_acct/rule.yml | 2 +- .../auditd_data_retention_admin_space_left_action/rule.yml | 2 +- .../configure_auditd_data_retention/auditd_freq/rule.yml | 1 + .../auditd_local_events/rule.yml | 2 +- .../configure_auditd_data_retention/auditd_log_format/rule.yml | 2 +- .../configure_auditd_data_retention/auditd_name_format/rule.yml | 2 +- .../configure_auditd_data_retention/auditd_write_logs/rule.yml | 1 + linux_os/guide/auditing/grub2_audit_argument/rule.yml | 2 +- .../guide/auditing/grub2_audit_backlog_limit_argument/rule.yml | 2 +- .../guide/auditing/package_audispd-plugins_installed/rule.yml | 1 + linux_os/guide/auditing/package_audit_installed/rule.yml | 2 +- linux_os/guide/auditing/service_auditd_enabled/rule.yml | 2 +- linux_os/guide/services/base/service_kdump_disabled/rule.yml | 2 +- .../guide/services/cron_and_at/file_groupowner_cron_d/rule.yml | 1 + .../services/cron_and_at/file_groupowner_cron_daily/rule.yml | 1 + .../services/cron_and_at/file_groupowner_cron_hourly/rule.yml | 1 + .../services/cron_and_at/file_groupowner_cron_monthly/rule.yml | 1 + .../services/cron_and_at/file_groupowner_cron_weekly/rule.yml | 1 + .../guide/services/cron_and_at/file_groupowner_crontab/rule.yml | 1 + linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml | 1 + .../guide/services/cron_and_at/file_owner_cron_daily/rule.yml | 1 + .../guide/services/cron_and_at/file_owner_cron_hourly/rule.yml | 1 + .../guide/services/cron_and_at/file_owner_cron_monthly/rule.yml | 1 + .../guide/services/cron_and_at/file_owner_cron_weekly/rule.yml | 1 + linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml | 1 + .../guide/services/cron_and_at/file_permissions_cron_d/rule.yml | 1 + .../services/cron_and_at/file_permissions_cron_daily/rule.yml | 1 + .../services/cron_and_at/file_permissions_cron_hourly/rule.yml | 1 + .../services/cron_and_at/file_permissions_cron_monthly/rule.yml | 1 + .../services/cron_and_at/file_permissions_cron_weekly/rule.yml | 1 + .../services/cron_and_at/file_permissions_crontab/rule.yml | 1 + .../services/fapolicyd/package_fapolicyd_installed/rule.yml | 2 +- .../guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml | 2 +- .../ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml | 2 +- linux_os/guide/services/mail/package_sendmail_removed/rule.yml | 2 +- .../postfix_client/postfix_client_configure_mail_alias/rule.yml | 2 +- .../postfix_client_configure_mail_alias_postmaster/rule.yml | 2 +- .../services/nfs_and_rpc/package_nfs-utils_removed/rule.yml | 1 + linux_os/guide/services/ntp/chronyd_client_only/rule.yml | 2 +- linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml | 2 +- .../guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml | 2 +- linux_os/guide/services/ntp/chronyd_server_directive/rule.yml | 2 +- .../guide/services/ntp/chronyd_specify_remote_server/rule.yml | 2 +- linux_os/guide/services/ntp/package_chrony_installed/rule.yml | 1 + linux_os/guide/services/ntp/service_chronyd_enabled/rule.yml | 1 + .../services/obsolete/tftp/package_tftp-server_removed/rule.yml | 2 +- .../guide/services/ssh/file_groupowner_sshd_config/rule.yml | 1 + linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml | 1 + .../guide/services/ssh/file_permissions_sshd_config/rule.yml | 1 + .../services/ssh/package_openssh-clients_installed/rule.yml | 1 + .../services/ssh/package_openssh-server_installed/rule.yml | 2 +- linux_os/guide/services/ssh/service_sshd_enabled/rule.yml | 2 +- .../ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml | 1 + .../ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml | 1 + .../ssh/ssh_server/sshd_disable_empty_passwords/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_disable_root_login/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_enable_pubkey_auth/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml | 2 +- .../guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml | 2 +- .../guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml | 2 +- .../services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml | 2 +- .../guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml | 2 +- .../guide/services/sssd/sssd_certificate_verification/rule.yml | 2 +- linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml | 2 +- linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml | 2 +- .../services/usbguard/configure_usbguard_auditbackend/rule.yml | 2 +- .../guide/services/usbguard/package_usbguard_installed/rule.yml | 2 +- .../guide/services/usbguard/service_usbguard_enabled/rule.yml | 2 +- .../guide/services/usbguard/usbguard_generate_policy/rule.yml | 2 +- .../system/accounts/accounts-banners/banner_etc_issue/rule.yml | 2 +- .../gui_login_banner/dconf_gnome_banner_enabled/rule.yml | 2 +- .../accounts-pam/disallow_bypass_password_sudo/rule.yml | 2 +- .../accounts/accounts-pam/display_login_attempts/rule.yml | 2 +- .../accounts_passwords_pam_faillock_deny/rule.yml | 2 +- .../accounts_passwords_pam_faillock_deny_root/rule.yml | 2 +- .../accounts_passwords_pam_faillock_dir/rule.yml | 2 +- .../accounts_passwords_pam_faillock_interval/rule.yml | 2 +- .../accounts_passwords_pam_faillock_unlock_time/rule.yml | 2 +- .../accounts_password_pam_dcredit/rule.yml | 2 +- .../accounts_password_pam_difok/rule.yml | 2 +- .../accounts_password_pam_enforce_root/rule.yml | 2 +- .../accounts_password_pam_lcredit/rule.yml | 2 +- .../accounts_password_pam_maxclassrepeat/rule.yml | 2 +- .../accounts_password_pam_maxrepeat/rule.yml | 2 +- .../accounts_password_pam_minclass/rule.yml | 2 +- .../accounts_password_pam_minlen/rule.yml | 2 +- .../accounts_password_pam_ocredit/rule.yml | 2 +- .../accounts_password_pam_pwquality_password_auth/rule.yml | 2 +- .../accounts_password_pam_retry/rule.yml | 2 +- .../accounts_password_pam_ucredit/rule.yml | 2 +- .../set_password_hashing_algorithm_libuserconf/rule.yml | 2 +- .../set_password_hashing_algorithm_logindefs/rule.yml | 2 +- .../set_password_hashing_min_rounds_logindefs/rule.yml | 2 +- .../accounts-physical/disable_ctrlaltdel_burstaction/rule.yml | 2 +- .../accounts-physical/disable_ctrlaltdel_reboot/rule.yml | 2 +- .../accounts-physical/grub2_disable_interactive_boot/rule.yml | 2 +- .../accounts/accounts-physical/logind_session_timeout/rule.yml | 1 + .../console_screen_locking/configure_bashrc_tmux/rule.yml | 2 +- .../console_screen_locking/configure_tmux_lock_command/rule.yml | 2 +- .../console_screen_locking/no_tmux_in_shells/rule.yml | 2 +- .../console_screen_locking/package_tmux_installed/rule.yml | 2 +- .../smart_card_login/configure_opensc_card_drivers/rule.yml | 2 +- .../smart_card_login/install_smartcard_packages/rule.yml | 2 +- .../smart_card_login/package_opensc_installed/rule.yml | 2 +- .../smart_card_login/package_pcsc-lite_installed/rule.yml | 2 +- .../smart_card_login/service_pcscd_enabled/rule.yml | 2 +- .../accounts-physical/service_debug-shell_disabled/rule.yml | 2 +- .../account_disable_post_pw_expiration/rule.yml | 2 +- .../accounts_maximum_age_login_defs/rule.yml | 2 +- .../accounts_minimum_age_login_defs/rule.yml | 2 +- .../accounts_password_minlen_login_defs/rule.yml | 2 +- .../accounts_password_set_max_life_existing/rule.yml | 2 +- .../accounts_password_set_min_life_existing/rule.yml | 2 +- .../accounts_password_all_shadowed_sha512/rule.yml | 2 +- .../accounts_password_pam_unix_rounds_password_auth/rule.yml | 2 +- .../accounts_password_pam_unix_rounds_system_auth/rule.yml | 2 +- .../root_logins/use_pam_wheel_for_su/rule.yml | 1 + .../system/accounts/accounts-session/accounts_tmout/rule.yml | 2 +- .../user_umask/accounts_umask_interactive_users/rule.yml | 2 +- .../guide/system/bootloader-grub2/grub2_pti_argument/rule.yml | 2 +- .../system/bootloader-grub2/grub2_vsyscall_argument/rule.yml | 2 +- .../non-uefi/file_groupowner_grub2_cfg/rule.yml | 2 +- .../bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml | 2 +- .../system/logging/package_rsyslog-gnutls_installed/rule.yml | 2 +- .../guide/system/logging/package_rsyslog_installed/rule.yml | 2 +- .../rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml | 2 +- .../rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml | 2 +- linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml | 2 +- .../firewalld_activation/package_firewalld_installed/rule.yml | 2 +- .../firewalld_activation/service_firewalld_enabled/rule.yml | 2 +- .../configured_firewalld_default_deny/rule.yml | 2 +- .../network/network-ipsec/libreswan_approved_tunnels/rule.yml | 2 +- .../network/network-ipsec/package_libreswan_installed/rule.yml | 2 +- .../sysctl_net_ipv6_conf_all_accept_redirects/rule.yml | 2 +- .../sysctl_net_ipv6_conf_default_accept_redirects/rule.yml | 2 +- .../sysctl_net_ipv4_conf_all_accept_redirects/rule.yml | 2 +- .../sysctl_net_ipv4_conf_all_log_martians/rule.yml | 2 +- .../sysctl_net_ipv4_conf_all_rp_filter/rule.yml | 2 +- .../sysctl_net_ipv4_conf_default_accept_redirects/rule.yml | 2 +- .../sysctl_net_ipv4_conf_default_accept_source_route/rule.yml | 2 +- .../sysctl_net_ipv4_conf_default_log_martians/rule.yml | 2 +- .../sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml | 1 + .../sysctl_net_ipv4_tcp_syncookies/rule.yml | 2 +- .../network-uncommon/kernel_module_atm_disabled/rule.yml | 2 +- .../network-uncommon/kernel_module_can_disabled/rule.yml | 2 +- .../network-uncommon/kernel_module_sctp_disabled/rule.yml | 2 +- .../wireless_software/kernel_module_bluetooth_disabled/rule.yml | 2 +- .../wireless_software/wireless_disable_interfaces/rule.yml | 2 +- .../files/dir_perms_world_writable_root_owned/rule.yml | 2 +- .../permissions/files/file_permissions_ungroupowned/rule.yml | 2 +- .../system/permissions/files/no_files_unowned_by_user/rule.yml | 2 +- .../file_groupowner_backup_etc_group/rule.yml | 2 +- .../file_groupowner_backup_etc_gshadow/rule.yml | 2 +- .../file_groupowner_backup_etc_passwd/rule.yml | 2 +- .../file_groupowner_backup_etc_shadow/rule.yml | 1 + .../file_groupowner_etc_group/rule.yml | 1 + .../file_groupowner_etc_gshadow/rule.yml | 1 + .../file_groupowner_etc_passwd/rule.yml | 1 + .../file_groupowner_etc_shadow/rule.yml | 1 + .../file_owner_backup_etc_group/rule.yml | 2 +- .../file_owner_backup_etc_gshadow/rule.yml | 2 +- .../file_owner_backup_etc_passwd/rule.yml | 2 +- .../file_owner_backup_etc_shadow/rule.yml | 2 +- .../file_owner_etc_group/rule.yml | 2 +- .../file_owner_etc_gshadow/rule.yml | 2 +- .../file_owner_etc_passwd/rule.yml | 2 +- .../file_owner_etc_shadow/rule.yml | 2 +- .../file_permissions_backup_etc_group/rule.yml | 2 +- .../file_permissions_backup_etc_gshadow/rule.yml | 2 +- .../file_permissions_backup_etc_passwd/rule.yml | 2 +- .../file_permissions_backup_etc_shadow/rule.yml | 2 +- .../file_permissions_etc_group/rule.yml | 2 +- .../file_permissions_etc_gshadow/rule.yml | 2 +- .../file_permissions_etc_passwd/rule.yml | 2 +- .../file_permissions_etc_shadow/rule.yml | 2 +- .../permissions/files/sysctl_fs_protected_hardlinks/rule.yml | 2 +- .../permissions/files/sysctl_fs_protected_symlinks/rule.yml | 2 +- .../mounting/kernel_module_usb-storage_disabled/rule.yml | 2 +- .../permissions/mounting/service_autofs_disabled/rule.yml | 2 +- .../partitions/mount_option_boot_efi_nosuid/rule.yml | 2 +- .../permissions/partitions/mount_option_boot_nodev/rule.yml | 1 + .../permissions/partitions/mount_option_boot_nosuid/rule.yml | 2 +- .../permissions/partitions/mount_option_home_nodev/rule.yml | 1 + .../permissions/partitions/mount_option_home_nosuid/rule.yml | 2 +- .../mount_option_noexec_removable_partitions/rule.yml | 2 +- .../permissions/partitions/mount_option_var_nodev/rule.yml | 1 + .../sysctl_kernel_exec_shield/rule.yml | 2 +- .../sysctl_kernel_kptr_restrict/rule.yml | 2 +- .../restrictions/poisoning/grub2_page_poison_argument/rule.yml | 2 +- .../restrictions/poisoning/grub2_slub_debug_argument/rule.yml | 2 +- .../restrictions/sysctl_kernel_dmesg_restrict/rule.yml | 2 +- .../restrictions/sysctl_kernel_kexec_load_disabled/rule.yml | 2 +- .../restrictions/sysctl_kernel_perf_event_paranoid/rule.yml | 2 +- .../sysctl_kernel_unprivileged_bpf_disabled/rule.yml | 2 +- .../restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml | 2 +- .../package_policycoreutils-python-utils_installed/rule.yml | 1 + .../system/selinux/package_policycoreutils_installed/rule.yml | 2 +- .../system/selinux/selinux_all_devicefiles_labeled/rule.yml | 2 +- linux_os/guide/system/selinux/selinux_policytype/rule.yml | 2 +- linux_os/guide/system/selinux/selinux_state/rule.yml | 2 +- .../software/disk_partitioning/encrypt_partitions/rule.yml | 2 +- .../software/disk_partitioning/partition_for_home/rule.yml | 2 +- .../software/disk_partitioning/partition_for_var_tmp/rule.yml | 1 + .../guide/system/software/gnome/dconf_db_up_to_date/rule.yml | 1 + .../gnome_login_screen/dconf_gnome_disable_user_list/rule.yml | 1 + .../dconf_gnome_lock_screen_on_smartcard_removal/rule.yml | 2 +- .../dconf_gnome_disable_automount_open/rule.yml | 2 +- .../gnome_media_settings/dconf_gnome_disable_autorun/rule.yml | 2 +- .../dconf_gnome_screensaver_lock_delay/rule.yml | 2 +- .../dconf_gnome_screensaver_lock_enabled/rule.yml | 2 +- .../dconf_gnome_screensaver_user_locks/rule.yml | 2 +- .../integrity/crypto/configure_bind_crypto_policy/rule.yml | 1 + .../software/integrity/crypto/configure_crypto_policy/rule.yml | 1 + .../integrity/crypto/configure_kerberos_crypto_policy/rule.yml | 1 + .../integrity/crypto/configure_libreswan_crypto_policy/rule.yml | 1 + .../harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml | 2 +- .../rule.yml | 2 +- .../integrity/crypto/package_crypto-policies_installed/rule.yml | 1 + .../software/integrity/fips/enable_dracut_fips_module/rule.yml | 2 +- .../system/software/integrity/fips/enable_fips_mode/rule.yml | 2 +- .../software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml | 2 +- .../software-integrity/aide/aide_build_database/rule.yml | 1 + .../software-integrity/aide/aide_check_audit_tools/rule.yml | 2 +- .../aide/aide_periodic_cron_checking/rule.yml | 2 +- .../software-integrity/aide/aide_scan_notification/rule.yml | 2 +- .../aide/file_audit_tools_group_ownership/rule.yml | 2 +- .../software-integrity/aide/file_audit_tools_ownership/rule.yml | 2 +- .../software-integrity/aide/package_aide_installed/rule.yml | 2 +- .../guide/system/software/sudo/package_sudo_installed/rule.yml | 1 + .../system/software/sudo/sudo_remove_no_authenticate/rule.yml | 2 +- .../guide/system/software/sudo/sudo_remove_nopasswd/rule.yml | 2 +- .../system/software/sudo/sudo_require_reauthentication/rule.yml | 2 +- .../guide/system/software/sudo/sudoers_validate_passwd/rule.yml | 2 +- .../system-tools/package_gnutls-utils_installed/rule.yml | 1 + .../software/system-tools/package_gssproxy_removed/rule.yml | 2 +- .../software/system-tools/package_iprutils_removed/rule.yml | 2 +- .../software/system-tools/package_nss-tools_installed/rule.yml | 2 ++ .../package_subscription-manager_installed/rule.yml | 1 + .../system/software/system-tools/package_tuned_removed/rule.yml | 2 +- .../software/updating/ensure_gpgcheck_local_packages/rule.yml | 2 +- .../software/updating/ensure_gpgcheck_never_disabled/rule.yml | 2 +- .../software/updating/security_patches_up_to_date/rule.yml | 2 +- 319 files changed, 320 insertions(+), 264 deletions(-) diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml index b1f28594286..e6bebd450ae 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml @@ -46,7 +46,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml index 89025c6fde9..cf3b21bf670 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml @@ -46,7 +46,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml index a46ebc17832..a7f46731e0b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml index 9562c8dd8e6..b3364fc804c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml @@ -43,7 +43,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml index ca736b8ab16..7c5693c1685 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml @@ -46,7 +46,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml index 6626ecad36d..737e93b2ce7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml @@ -43,7 +43,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml index 2cca4bac395..2f100463bcc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml @@ -61,7 +61,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml index 9aa4c81a3a8..d61618227ae 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml @@ -55,7 +55,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml index c7ffbfb4fae..9ea9c6daec8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml @@ -47,7 +47,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml index c14556718d8..680e6738070 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml @@ -60,7 +60,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml index 896ebce57c9..ec9986acf70 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml @@ -55,7 +55,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml index bb63fa383bb..c9f5d616778 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml @@ -59,7 +59,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml index bd561284a0f..23641d3103b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml @@ -55,7 +55,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount/rule.yml index ffe8716a249..72f41084dae 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount/rule.yml @@ -32,7 +32,7 @@ identifiers: cce@sle15: CCE-85734-2 references: - disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000169,CCI-002884 nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@sle12: SLES-12-020300 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount2/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount2/rule.yml index 0c88fb55fcc..f736e5a4549 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount2/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount2/rule.yml @@ -35,7 +35,7 @@ identifiers: cce@slmicro5: CCE-93655-9 references: - disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000169,CCI-002884 nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@sle12: SLES-12-020300 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml index 9771c91f0a1..122e7f0396e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml @@ -35,7 +35,7 @@ identifiers: references: cis@ubuntu2204: 4.1.3.17 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol8: OL08-00-030570 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml index de22361ed89..2709c019486 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml @@ -34,7 +34,7 @@ identifiers: references: cis@ubuntu2204: 4.1.3.16 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030330 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml index aac5af0a4e6..cf9c4a9217b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml @@ -47,7 +47,7 @@ references: cis@ubuntu2204: 4.1.3.15 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml index be8dd470bb9..4f82ad52f29 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml @@ -45,7 +45,7 @@ references: cis-csc: 1,12,13,14,15,16,2,3,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml index 569acf2a2b6..0a50c48a2bc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml @@ -41,7 +41,7 @@ identifiers: cce@slmicro5: CCE-94099-9 references: - disa: CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030590 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml index 9da7258c553..c518e6d67e3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml @@ -45,7 +45,7 @@ references: cis-csc: 1,12,13,14,15,16,2,3,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml index f6ba9e59476..34a2c9e894d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml @@ -42,7 +42,7 @@ references: cis@ubuntu2204: 4.1.3.13 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-000366,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml index 982ca74502c..effea5c0582 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml @@ -39,7 +39,7 @@ references: cis@ubuntu2204: 4.1.3.13 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-000366,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml index 8c75354f68b..ab5a8cff64c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml @@ -38,7 +38,7 @@ references: cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-000366,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml index b6ed836e89b..dd8371ba2a5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml @@ -42,7 +42,7 @@ references: cis@ubuntu2204: 4.1.3.13 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-000366,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml index aaedeae22c4..f871dd645c7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml @@ -39,7 +39,7 @@ references: cis@ubuntu2204: 4.1.3.13 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-000366,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml index 5ef286456b2..1146fe8fd22 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml @@ -50,7 +50,7 @@ references: cis@ubuntu2204: 4.1.3.7 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml index 16611980b3f..401a76aa762 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml @@ -50,7 +50,7 @@ references: cis@ubuntu2204: 4.1.3.7 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml index a50b072e59a..d40e5cecc05 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml @@ -54,7 +54,7 @@ references: cis@ubuntu2204: 4.1.3.7 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml index 218c32fd8f9..86297fe41a5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml @@ -43,7 +43,7 @@ references: cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml index 89e9c4d4822..5f27a832ed4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml @@ -50,7 +50,7 @@ references: cis@ubuntu2204: 4.1.3.7 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml index b3b65383f11..5671f0af5ea 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml @@ -50,7 +50,7 @@ references: cis@ubuntu2204: 4.1.3.7 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml index 794549752ff..1fc076fe8c9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml @@ -43,7 +43,7 @@ references: cis@ubuntu2204: 4.1.3.19 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml index a19d38c58b4..2756d56fa09 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml @@ -42,7 +42,7 @@ references: cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml index 706be1c0c86..aa51a41ce54 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml @@ -42,7 +42,7 @@ references: cis@ubuntu2204: 4.1.3.19 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml index 5cd63a23d11..3d2a4329188 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml @@ -38,7 +38,7 @@ references: cis@ubuntu2204: 4.1.3.12 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml index 0c444bd7372..740f309db34 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml @@ -40,7 +40,7 @@ references: cis@ubuntu2204: 4.1.3.12 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000126,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml index 46e1b505446..35a5f326c68 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml @@ -39,7 +39,7 @@ references: cis@ubuntu2004: 4.1.7 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000172,CCI-002884,CCI-000126 + disa: CCI-000172,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml index e67ace9e5bc..dbf4f7d1471 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml @@ -48,7 +48,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml index c2f7966e2e1..b97f30b63d8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml @@ -48,7 +48,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml index 5a165395f00..349d0223f16 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml @@ -48,7 +48,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml index 3c35ed3aa23..ce3300918ea 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml @@ -48,7 +48,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml index db18a8315f6..7d6f7cff637 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml @@ -41,7 +41,7 @@ identifiers: cce@slmicro5: CCE-93615-3 references: - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 nist: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv)AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030840 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml index 501eee83a57..bc987e798ae 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml @@ -43,7 +43,7 @@ identifiers: references: cis@ubuntu2004: 4.1.11 cis@ubuntu2204: 4.1.3.6 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030740 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml index 9654da23058..8ff611ce58d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml @@ -48,7 +48,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000169,CCI-000135,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml index 78fe153cc62..f749a53f844 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml @@ -53,7 +53,7 @@ references: cis-csc: 1,12,13,14,15,16,2,3,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml index 40126b9c2ba..fa96437c0d6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml @@ -45,7 +45,7 @@ references: cis-csc: 1,12,13,14,15,16,2,3,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml index b36474faf0b..4625b87e0df 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml @@ -46,7 +46,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml index 5a94676f607..fe137e04185 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml @@ -46,7 +46,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml index c5e3c24f947..670dc8ffc11 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml @@ -37,7 +37,7 @@ identifiers: references: cis@ubuntu2004: 4.1.11 cis@ubuntu2204: 4.1.3.6 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 nist@sle12: AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030280 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml index fae89984de5..3b28014d9ec 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml @@ -56,7 +56,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml index 09b7943f203..a9f55f14d24 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml @@ -47,7 +47,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml index 2903cedcbe4..01189ac3a10 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml @@ -48,7 +48,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml index f133d51fda6..8c86c1b3013 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml @@ -47,7 +47,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml index 0356da59193..a00cb623179 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml @@ -47,7 +47,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000169,CCI-000135,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml index f7e88ebb0cb..d0fa760e5bb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml @@ -47,7 +47,7 @@ references: cis@ubuntu2204: 4.1.3.6 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml index 0f636013ea3..655f14784ec 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml @@ -35,7 +35,7 @@ identifiers: cce@rhel10: CCE-86620-2 references: - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030310 stigid@rhel8: RHEL-08-030310 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml index 4146b4b78f4..7b5ffa69da4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml @@ -44,7 +44,7 @@ references: cis-csc: 1,12,13,14,15,16,2,3,5,6,7,8,9 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,BAI03.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml index c68ccebf3c7..d54a24124bb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml @@ -39,7 +39,7 @@ identifiers: references: cis@ubuntu2204: 4.1.3.18 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol8: OL08-00-030560 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml index 59da8938298..1eae30fa795 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml @@ -41,7 +41,7 @@ references: cjis: 5.4.1.1 cobit5: APO01.06,APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,BAI03.05,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,DSS06.02,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.3.1,3.4.3 - disa: CCI-000162,CCI-000163,CCI-000164 + disa: CCI-000163,CCI-000164,CCI-000162 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.310(a)(2)(iv),164.312(d),164.310(d)(2)(iii),164.312(b),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.7.3,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 5.2,SR 6.1' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml index a5ad9177e8b..ecdc6aa7e67 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml @@ -29,7 +29,7 @@ identifiers: cce@rhel8: CCE-90783-2 references: - disa: CCI-000162,CCI-000163,CCI-000164 + disa: CCI-000163,CCI-000172,CCI-000164,CCI-000162 srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029 stigid@ol8: OL08-00-030122 stigid@rhel8: RHEL-08-030122 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml index 48694304b1c..20c0566d65d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@rhel10: CCE-88688-7 references: - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-000015,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030171 stigid@rhel8: RHEL-08-030171 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml index 88d0d6b6aee..7a7c522d944 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@rhel10: CCE-89020-2 references: - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-000015,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030172 stigid@rhel8: RHEL-08-030172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml index 290fd3cacc2..9f2fec4c8d8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml @@ -51,7 +51,7 @@ identifiers: references: cis@ubuntu2004: 4.1.15 cis@ubuntu2204: 4.1.3.2 - disa: CCI-003938,CCI-001882,CCI-001889,CCI-001880,CCI-001881,CCI-001878,CCI-001879,CCI-001875,CCI-001877,CCI-001914,CCI-002233,CCI-002234 + disa: CCI-002233,CCI-002234 nist: CM-5(1),AU-7(a),AU-7(b),AU-8(b),AU-12(3),AC-6(9) srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-APP-000343-CTR-000780,SRG-APP-000381-CTR-000905,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030360 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml index 90176f5d9d0..abef404cfeb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml @@ -36,7 +36,7 @@ references: cis-csc: 1,14,15,16,3,5,6 cobit5: APO11.04,BAI03.05,DSS05.04,DSS05.07,MEA02.01 cui: 3.3.1,3.3.4 - disa: CCI-000139,CCI-000140 + disa: CCI-000140,CCI-000139 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml index b3dbb057189..9bb644fb7f0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml index 2908f5fd39e..61e7ce7bec4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml @@ -43,7 +43,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml index 31626235561..5a62a050ca1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml index a8a9160c1db..adb4bfb33bc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000015,CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-002130,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml index b22892ae765..10c1feb90cf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml @@ -44,7 +44,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.1.7 - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-000015,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.2.2,4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.8,4.3.3.6.6,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml index 3b26e99e814..b648f54cc65 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml @@ -27,7 +27,7 @@ references: cjis: 5.4.1.1 cobit5: APO01.06,APO11.04,APO12.06,BAI03.05,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,DSS06.02,MEA02.01 cui: 3.3.1 - disa: CCI-000162,CCI-000163,CCI-000164,CCI-001314 + disa: CCI-000163,CCI-000164,CCI-001314,CCI-000162 isa-62443-2009: 4.2.3.10,4.3.3.3.9,4.3.3.5.8,4.3.3.7.3,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 5.2,SR 6.1' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.16.1.4,A.16.1.5,A.16.1.7,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml index 0452f55314a..de4d603cd55 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml @@ -23,7 +23,7 @@ references: cjis: 5.4.1.1 cobit5: APO01.06,APO11.04,APO12.06,BAI03.05,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,DSS06.02,MEA02.01 cui: 3.3.1 - disa: CCI-000162,CCI-000163,CCI-000164,CCI-001314 + disa: CCI-000163,CCI-000164,CCI-001314,CCI-000162 isa-62443-2009: 4.2.3.10,4.3.3.3.9,4.3.3.5.8,4.3.3.7.3,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 5.2,SR 6.1' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.16.1.4,A.16.1.5,A.16.1.7,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml index bb6c258e5e0..19e01c03a72 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml @@ -39,7 +39,7 @@ references: cjis: 5.4.1.1 cobit5: APO01.06,APO11.04,APO12.06,BAI03.05,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,DSS06.02,MEA02.01 cui: 3.3.1 - disa: CCI-000162,CCI-000163,CCI-000164,CCI-001314 + disa: CCI-000163,CCI-000164,CCI-001314,CCI-000162 isa-62443-2009: 4.2.3.10,4.3.3.3.9,4.3.3.5.8,4.3.3.7.3,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 5.2,SR 6.1' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.16.1.4,A.16.1.5,A.16.1.7,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml index a562b6ee3e5..9dd11b8cbbf 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml @@ -44,7 +44,7 @@ identifiers: cce@slmicro5: CCE-94090-8 references: - disa: CCI-001849 + disa: CCI-001849,CCI-001851 nist@sle15: AU-4 srg: SRG-OS-000341-GPOS-00132,SRG-OS-000342-GPOS-00133 stigid@ol8: OL08-00-030660 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml index 2fbc8300afc..10a65c9a62a 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml @@ -29,7 +29,7 @@ references: cjis: 5.4.1.1 cobit5: APO11.04,APO12.06,BAI03.05,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,MEA02.01 cui: 3.3.1 - disa: CCI-000136 + disa: CCI-001851 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(B),164.308(a)(5)(ii)(C),164.308(a)(6)(ii),164.308(a)(8),164.310(d)(2)(iii),164.312(b),164.314(a)(2)(i)(C),164.314(a)(2)(iii) isa-62443-2009: 4.2.3.10,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1' diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml index 2bfe7c43d08..51659161209 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.4.1.1 cobit5: APO11.04,APO12.06,APO13.01,BAI03.05,BAI04.04,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,MEA02.01 cui: 3.3.1 - disa: CCI-000139,CCI-001855 + disa: CCI-001855,CCI-000139 hipaa: 164.312(a)(2)(ii) isa-62443-2009: 4.2.3.10,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 7.1,SR 7.2' diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml index 4dd327158ac..500abf25777 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml @@ -39,7 +39,7 @@ references: cjis: 5.4.1.1 cobit5: APO11.04,APO12.06,APO13.01,BAI03.05,BAI04.04,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,MEA02.01 cui: 3.3.1 - disa: CCI-000140,CCI-001343,CCI-001855 + disa: CCI-001855 hipaa: 164.312(a)(2)(ii) isa-62443-2009: 4.2.3.10,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 7.1,SR 7.2' diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/rule.yml index f3a1e402454..ba4d286ebb1 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/rule.yml @@ -21,6 +21,7 @@ identifiers: cce@rhel10: CCE-87482-6 references: + disa: CCI-000154 nist: CM-6 ospp: FAU_GEN.1 srg: SRG-OS-000051-GPOS-00024 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml index b8cd57aa664..8aabe5ca57d 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml @@ -20,7 +20,7 @@ identifiers: cce@rhel10: CCE-88064-1 references: - disa: CCI-000366 + disa: CCI-000366,CCI-000169 nist: CM-6 srg: SRG-OS-000062-GPOS-00031,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-030061 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml index 8779786ae91..1e4489ec62d 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-88921-2 references: - disa: CCI-000366 + disa: CCI-000366,CCI-001487 nist: CM-6,AU-3 ospp: FAU_GEN.1.2 srg: SRG-OS-000255-GPOS-00096,SRG-OS-000480-GPOS-00227,SRG-APP-000096-CTR-000175,SRG-APP-000097-CTR-000180,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml index 34ae826042c..3adb155e4a3 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml @@ -23,7 +23,7 @@ identifiers: cce@rhel10: CCE-87429-7 references: - disa: CCI-001851 + disa: CCI-000132,CCI-001851 nist: CM-6,AU-3 ospp: FAU_GEN.1.2 srg: SRG-OS-000039-GPOS-00017,SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml index 602a622b042..efb46b9397e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml @@ -20,6 +20,7 @@ identifiers: cce@rhel10: CCE-88724-0 references: + disa: CCI-000366 nist: CM-6 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_argument/rule.yml index f9fc50331c7..c299d690b9b 100644 --- a/linux_os/guide/auditing/grub2_audit_argument/rule.yml +++ b/linux_os/guide/auditing/grub2_audit_argument/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.02,DSS05.03,DSS05.04,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.3.1 - disa: CCI-001464,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884,CCI-001464 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(C),164.310(a)(2)(iv),164.310(d)(2)(iii),164.312(b) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 7.1,SR 7.6' diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml index 29a93e61404..29aa7f9adf7 100644 --- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml +++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml @@ -29,7 +29,7 @@ references: cis@sle15: 4.1.2.4 cis@ubuntu2004: 4.1.1.4 cis@ubuntu2204: 4.1.1.4 - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001849,CCI-002884 + disa: CCI-001849,CCI-001464 nist: CM-6(a) ospp: FAU_STG.1,FAU_STG.3 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 diff --git a/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml b/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml index f3c77b1eeff..5bd857a010b 100644 --- a/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml +++ b/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml @@ -19,6 +19,7 @@ identifiers: cce@rhel10: CCE-88547-5 references: + disa: CCI-001851 srg: SRG-OS-000342-GPOS-00133 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/auditing/package_audit_installed/rule.yml b/linux_os/guide/auditing/package_audit_installed/rule.yml index c5d303b715d..466f246e1de 100644 --- a/linux_os/guide/auditing/package_audit_installed/rule.yml +++ b/linux_os/guide/auditing/package_audit_installed/rule.yml @@ -22,7 +22,7 @@ references: cis@sle15: 4.1.1.1 cis@ubuntu2004: 4.1.1.1 cis@ubuntu2204: 4.1.1.1 - disa: CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-001464,CCI-001487,CCI-003938,CCI-001875,CCI-001876,CCI-001877,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-002884,CCI-000169,CCI-003938 + disa: CCI-000133,CCI-001881,CCI-001875,CCI-000154,CCI-001882,CCI-000158,CCI-001914,CCI-000169,CCI-001464,CCI-001878,CCI-001877,CCI-001889,CCI-000135,CCI-002884,CCI-001487,CCI-003938,CCI-000132,CCI-000134,CCI-000172,CCI-000130,CCI-000131,CCI-001879,CCI-001880,CCI-001876,CCI-000159 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(C),164.310(a)(2)(iv),164.310(d)(2)(iii),164.312(b) nerc-cip: CIP-004-6 R3.3,CIP-007-3 R6.5 nist: AC-7(a),AU-7(1),AU-7(2),AU-14,AU-12(2),AU-2(a),CM-6(a) diff --git a/linux_os/guide/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/auditing/service_auditd_enabled/rule.yml index abc5f54bfe4..855978657dc 100644 --- a/linux_os/guide/auditing/service_auditd_enabled/rule.yml +++ b/linux_os/guide/auditing/service_auditd_enabled/rule.yml @@ -41,7 +41,7 @@ references: cjis: 5.4.1.1 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO12.06,APO13.01,BAI03.05,BAI08.02,DSS01.03,DSS01.04,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS03.05,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 cui: 3.3.1,3.3.2,3.3.6 - disa: CCI-000126,CCI-000130,CCI-000131,CCI-000132,CCI-000133,CCI-000134,CCI-000135,CCI-000154,CCI-000158,CCI-000172,CCI-000366,CCI-001464,CCI-001487,CCI-003938,CCI-001875,CCI-001876,CCI-001877,CCI-002884,CCI-001878,CCI-001879,CCI-001880,CCI-001881,CCI-001882,CCI-001889,CCI-001914,CCI-000169,CCI-003938,CCI-004188 + disa: CCI-000133,CCI-001881,CCI-001875,CCI-000154,CCI-001882,CCI-000158,CCI-001914,CCI-000169,CCI-001464,CCI-001878,CCI-001877,CCI-001889,CCI-000135,CCI-002884,CCI-001487,CCI-003938,CCI-000132,CCI-004188,CCI-000134,CCI-000172,CCI-000130,CCI-000131,CCI-001879,CCI-001880,CCI-001876 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(C),164.310(a)(2)(iv),164.310(d)(2)(iii),164.312(b) isa-62443-2009: 4.2.3.10,4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.3.6.6,4.3.4.4.7,4.3.4.5.6,4.3.4.5.7,4.3.4.5.8,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.13,SR 2.10,SR 2.11,SR 2.12,SR 2.6,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.1,SR 6.2,SR 7.1,SR 7.6' diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml index ae8cde88817..3bb1fd566a3 100644 --- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml +++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml @@ -34,7 +34,7 @@ identifiers: references: cis-csc: 11,12,14,15,3,8,9 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06 - disa: CCI-000366,CCI-001665 + disa: CCI-000366 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e) isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml index b8d338a95a4..0c4309b38f1 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.7 cis@ubuntu2204: 5.1.7 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml index 978171c5dae..0187178f6ea 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.4 cis@ubuntu2204: 5.1.4 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml index 48f227a43c0..134d2c873fd 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.3 cis@ubuntu2204: 5.1.3 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml index dc82377cc26..633ea19051b 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.6 cis@ubuntu2204: 5.1.6 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml index 35fd6ee721f..a367c366190 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.5 cis@ubuntu2204: 5.1.5 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml index 29f0cafa30c..8389abbdcee 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.2 cis@ubuntu2204: 5.1.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml index 86aab34b6e3..a0a0e4263f3 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.7 cis@ubuntu2204: 5.1.7 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml index 0ddd523770a..7eee9b7c290 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.4 cis@ubuntu2204: 5.1.4 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml index c52394ad495..cbfe726cddf 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.3 cis@ubuntu2204: 5.1.3 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml index 3b46cde571d..4d7d459ed9e 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.6 cis@ubuntu2204: 5.1.6 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml index 3e0557b4eee..011795f8ce7 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.5 cis@ubuntu2204: 5.1.5 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml index 58c4b22371f..85bdf6a18d3 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.2 cis@ubuntu2204: 5.1.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml index d30ec33b232..5bfd1e7a4fc 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.7 cis@ubuntu2204: 5.1.7 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml index 66b815156e1..bba83ce340f 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.4 cis@ubuntu2204: 5.1.4 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml index bb8cfce0bb5..1ab268661d2 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.3 cis@ubuntu2204: 5.1.3 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml index 2e659b89cad..8210cac2cdd 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.6 cis@ubuntu2204: 5.1.6 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml index 46d394b4a22..1c1c0999cbe 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.5 cis@ubuntu2204: 5.1.5 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml index d6e7e9ff2d5..a47462ff7f2 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2004: 5.1.2 cis@ubuntu2204: 5.1.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml index c4bc733f33e..5b602d1963d 100644 --- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml +++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml @@ -19,7 +19,7 @@ identifiers: cce@rhel10: CCE-89813-0 references: - disa: CCI-001764,CCI-001774 + disa: CCI-001774,CCI-001764 nist: CM-6(a),SI-4(22) srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230 stigid@ol8: OL08-00-040135 diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml index 51f4cfcbb60..d1b5254d239 100644 --- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml +++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml @@ -20,7 +20,7 @@ identifiers: cce@rhel10: CCE-88147-4 references: - disa: CCI-001764,CCI-001774 + disa: CCI-001774,CCI-001764 nist: CM-6(a),SI-4(22) ospp: FMT_SMF_EXT.1 srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230 diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml index dcf9574971a..d811d3f56b2 100644 --- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml +++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml @@ -25,7 +25,7 @@ references: cis@ubuntu2004: 2.2.9 cis@ubuntu2204: 2.2.8 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06 - disa: CCI-000197,CCI-000366,CCI-000381 + disa: CCI-000366,CCI-000197,CCI-000381 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 7.6' iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2 diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml index 178cb7b93dc..8b23a9474ea 100644 --- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml +++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml @@ -25,7 +25,7 @@ identifiers: references: cis-csc: 11,14,3,9 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06 - disa: CCI-000381 + disa: CCI-000366,CCI-000381 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 7.6' iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml index 2b5a6097ebf..6a12183d6c6 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml @@ -27,7 +27,7 @@ identifiers: cce@slmicro5: CCE-93678-1 references: - disa: CCI-000139,CCI-000366 + disa: CCI-000139 nist: CM-6(a) nist@sle12: AU-5(a),AU-5.1(ii) srg: SRG-OS-000046-GPOS-00022 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml index f061c1927a3..6b5349b4164 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml @@ -14,7 +14,7 @@ rationale: |- process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected. - + Audit processing failures include software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded. diff --git a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml index 5f53a47bd0f..d9bcfc0d129 100644 --- a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml @@ -26,6 +26,7 @@ references: cis@sle12: 2.2.7 cis@sle15: 2.2.7 + disa: CCI-000381 srg: SRG-OS-000095-GPOS-00049 {{{ complete_ocil_entry_package(package="nfs-utils") }}} diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml index b73d6a4749f..74e8efc9006 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml @@ -24,7 +24,7 @@ identifiers: cce@rhel10: CCE-89002-0 references: - disa: CCI-000381 + disa: CCI-000382,CCI-000381 nist: AU-8(1),AU-12(1) ospp: FMT_SMF_EXT.1 srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml index d9aaa877a64..8fe246fad97 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml @@ -23,7 +23,7 @@ identifiers: cce@rhel10: CCE-87066-7 references: - disa: CCI-000381 + disa: CCI-000382,CCI-000381 nist: CM-7(1) srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-030742 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml index c6e210b68ff..cec6469cc8b 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml @@ -82,7 +82,7 @@ identifiers: references: cis-csc: 1,14,15,16,3,5,6 cobit5: APO11.04,BAI03.05,DSS05.04,DSS05.07,MEA02.01 - disa: CCI-001891,CCI-002046,CCI-004923 + disa: CCI-001890,CCI-004926,CCI-004923 isa-62443-2009: 4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9' iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1 diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml index 968c372931d..73c4752c060 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-88824-8 references: - disa: CCI-001891 + disa: CCI-001890,CCI-004926,CCI-004923 srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146 stigid@ol8: OL08-00-030740 stigid@rhel8: RHEL-08-030740 diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml index 23df1616d27..94aea66cc5f 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml @@ -31,7 +31,7 @@ references: cis@sle12: 2.2.1.3 cis@sle15: 2.2.1.3 cis@ubuntu2004: 2.2.1.3 - disa: CCI-000160,CCI-001891 + disa: CCI-001890,CCI-004926,CCI-004923 ism: 0988,1405 nist: CM-6(a),AU-8(1)(a) pcidss: Req-10.4.3 diff --git a/linux_os/guide/services/ntp/package_chrony_installed/rule.yml b/linux_os/guide/services/ntp/package_chrony_installed/rule.yml index 10956e8c2a7..4fbe893e5b4 100644 --- a/linux_os/guide/services/ntp/package_chrony_installed/rule.yml +++ b/linux_os/guide/services/ntp/package_chrony_installed/rule.yml @@ -29,6 +29,7 @@ references: cis@sle15: 2.2.1.1 cis@ubuntu2004: 2.2.1.1 cis@ubuntu2204: 2.1.1.1 + disa: CCI-004923 ism: 0988,1405 ospp: FMT_SMF_EXT.1 pcidss: Req-10.4 diff --git a/linux_os/guide/services/ntp/service_chronyd_enabled/rule.yml b/linux_os/guide/services/ntp/service_chronyd_enabled/rule.yml index 48b1be45134..ff11de6ec6c 100644 --- a/linux_os/guide/services/ntp/service_chronyd_enabled/rule.yml +++ b/linux_os/guide/services/ntp/service_chronyd_enabled/rule.yml @@ -28,6 +28,7 @@ identifiers: references: cis@ubuntu2004: 2.2.1.3 cis@ubuntu2204: 2.1.2.3 + disa: CCI-004923 ism: 0988,1405 srg: SRG-OS-000355-GPOS-00143 diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml index 631ef94488c..72e6a5780de 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml @@ -26,7 +26,7 @@ identifiers: references: cis-csc: 11,12,14,15,3,8,9 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06 - disa: CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-003938 + disa: CCI-000366 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.9.1.2 diff --git a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml index a9afe2820e9..712a829b692 100644 --- a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml +++ b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml @@ -28,6 +28,7 @@ references: cis@ubuntu2004: 5.2.1 cis@ubuntu2204: 5.2.1 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml index 183c449e3d1..0fcef08d02f 100644 --- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml +++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml @@ -28,6 +28,7 @@ references: cis@ubuntu2004: 5.2.1 cis@ubuntu2204: 5.2.1 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml index 168f5d564f0..89b15465a3b 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml @@ -28,6 +28,7 @@ references: cis@ubuntu2004: 5.2.1 cis@ubuntu2204: 5.2.1 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml index cb2339574bf..5262e1fa55a 100644 --- a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml +++ b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml @@ -18,6 +18,7 @@ identifiers: cce@rhel10: CCE-86852-1 references: + disa: CCI-000366 ospp: FIA_UAU.5,FTP_ITC_EXT.1,FCS_SSH_EXT.1,FCS_SSHC_EXT.1 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml index c46aea1f6c1..27e2fe7ba62 100644 --- a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml +++ b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml @@ -22,7 +22,7 @@ identifiers: references: cis-csc: 13,14 cobit5: APO01.06,DSS05.02,DSS05.04,DSS05.07,DSS06.02,DSS06.06 - disa: CCI-002418,CCI-002420,CCI-002421,CCI-002422 + disa: CCI-002420,CCI-002421,CCI-002418,CCI-002422 isa-62443-2013: 'SR 3.1,SR 3.8,SR 4.1,SR 4.2,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 nist: CM-6(a) diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml index 0082b5e2b1c..a8774a1b593 100644 --- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml +++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml @@ -32,7 +32,7 @@ references: cis-csc: 13,14 cobit5: APO01.06,DSS05.02,DSS05.04,DSS05.07,DSS06.02,DSS06.06 cui: 3.1.13,3.5.4,3.13.8 - disa: CCI-002418,CCI-002420,CCI-002421,CCI-002422 + disa: CCI-002420,CCI-002421,CCI-002418,CCI-002422 isa-62443-2013: 'SR 3.1,SR 3.8,SR 4.1,SR 4.2,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 nist: CM-6(a),SC-8,SC-8(1),SC-8(2),SC-8(3),SC-8(4) diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml index 2b759401c71..022d4680373 100644 --- a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml +++ b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml @@ -23,6 +23,7 @@ identifiers: cce@rhel10: CCE-89160-6 references: + disa: CCI-000186 srg: SRG-OS-000067-GPOS-00035 stigid@ol8: OL08-00-010100 stigid@rhel8: RHEL-08-010100 diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml index a9d8b8f79c4..fad6fe729ff 100644 --- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml @@ -23,6 +23,7 @@ identifiers: references: cui: 3.1.12 + disa: CCI-000382 ism: "1416" nist: AC-17(a),CM-6(b),CM-7(a),CM-7(b) srg: SRG-OS-000096-GPOS-00050 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml index 8a6a62ecc33..8f9ec93a570 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml @@ -39,7 +39,7 @@ references: cjis: 5.5.6 cobit5: APO01.06,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.03,DSS06.06 cui: 3.1.1,3.1.5 - disa: CCI-000366,CCI-000766 + disa: CCI-000766,CCI-000366 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 5.2,SR 7.6' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml index 6b986fb1917..45010c03613 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml @@ -30,7 +30,7 @@ references: cis-csc: 11,3,9 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05 cui: 3.1.12 - disa: CCI-000318,CCI-000368,CCI-001812,CCI-001813,CCI-003938,CCI-000366 + disa: CCI-000366,CCI-001813 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 7.6' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml index 5230176c391..baa1a8c317b 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml @@ -31,7 +31,7 @@ references: cis-csc: 11,3,9 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05 cui: 3.1.12 - disa: CCI-000318,CCI-000368,CCI-001812,CCI-001813,CCI-003938,CCI-000366 + disa: CCI-000366,CCI-001813 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 7.6' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml index d727458e0e8..9a07f75eec6 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml @@ -36,7 +36,7 @@ references: cjis: 5.5.6 cobit5: APO01.06,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.02,DSS06.03,DSS06.06,DSS06.10 cui: '3.1.1,3.1.5' - disa: CCI-000366,CCI-000770 + disa: CCI-000366,CCI-004045 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 5.2' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_pubkey_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_pubkey_auth/rule.yml index 9b172daf967..f9be895d94b 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_pubkey_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_pubkey_auth/rule.yml @@ -28,7 +28,7 @@ identifiers: cce@rhel10: CCE-90625-5 references: - disa: CCI-000765,CCI-000766,CCI-000767,CCI-000768,CCI-004047 + disa: CCI-000765,CCI-000766 srg: SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055 stigid@ubuntu2004: UBTU-20-010033 stigid@ubuntu2204: UBTU-22-612020 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml index 854801bdda7..f9337a3ad06 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.5.6 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.9 - disa: CCI-000048,CCI-000050,CCI-001384,CCI-001385,CCI-001386,CCI-001387,CCI-001388 + disa: CCI-001387,CCI-001384,CCI-000048,CCI-001386,CCI-001388,CCI-001385 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml index fbe119dfc3d..ef2ba392910 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml @@ -29,7 +29,7 @@ identifiers: references: cis-csc: 1,12,15,16 cobit5: DSS05.04,DSS05.10,DSS06.10 - disa: CCI-000052 + disa: CCI-000366 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml index f08076e5c81..897603d8f86 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml @@ -24,7 +24,7 @@ identifiers: cce@rhel10: CCE-88356-1 references: - disa: CCI-000068 + disa: CCI-002421,CCI-000068,CCI-002418 ospp: FCS_SSH_EXT.1.8 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000033-GPOS-00014 stigid@ol8: OL08-00-040161 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml index e5a558f7dcd..696e203cd68 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml @@ -42,7 +42,7 @@ references: cjis: 5.5.6 cobit5: APO13.01,BAI03.01,BAI03.02,BAI03.03,DSS01.03,DSS03.05,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.1.11 - disa: CCI-000879,CCI-001133,CCI-002361 + disa: CCI-001133,CCI-002361,CCI-002891 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 6.2' iso27001-2013: A.12.4.1,A.12.4.3,A.14.1.1,A.14.2.1,A.14.2.5,A.18.1.4,A.6.1.2,A.6.1.5,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml index 14b5b7f6fab..75789bf3b1a 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml @@ -41,7 +41,7 @@ references: cjis: 5.5.6 cobit5: APO13.01,BAI03.01,BAI03.02,BAI03.03,DSS01.03,DSS03.05,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.1.11 - disa: CCI-000879,CCI-001133,CCI-002361 + disa: CCI-001133,CCI-002361 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 6.2' diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml index 197bdf0d993..abff8a19d57 100644 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-86192-2 references: - disa: CCI-004046,CCI-001954 + disa: CCI-001954,CCI-004046 nist: IA-2(11) srg: SRG-OS-000375-GPOS-00160,SRG-OS-000377-GPOS-00162 stigid@ol8: OL08-00-010400 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml index 115efef15ef..9153543aacc 100644 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml @@ -45,7 +45,7 @@ identifiers: cce@sle15: CCE-85826-6 references: - disa: CCI-000765,CCI-004046,CCI-004047 + disa: CCI-000765,CCI-004047,CCI-004046 ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 pcidss: Req-8.3 srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055 diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml index 16cd92a9496..ceeecb8cbf7 100644 --- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml +++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml @@ -33,7 +33,7 @@ identifiers: cce@rhel10: CCE-87826-4 references: - disa: CCI-000185 + disa: CCI-004068,CCI-000185 nist: IA-5 (2) (a) srg: SRG-OS-000066-GPOS-00034,SRG-OS-000384-GPOS-00167 stigid@ol8: OL08-00-010090 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml index 808ca346eff..c1e54987781 100644 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@rhel10: CCE-87152-5 references: - disa: CCI-000169,CCI-000172 + disa: CCI-000169 nist: AU-2,CM-8(3),IA-3 ospp: FMT_SMF_EXT.1 srg: SRG-OS-000062-GPOS-00031,SRG-OS-000471-GPOS-00215,SRG-APP-000141-CTR-000315 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml index 7d0af58206c..2e8ab4691bb 100644 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml @@ -44,7 +44,7 @@ identifiers: cce@rhel10: CCE-87756-3 references: - disa: CCI-001958 + disa: CCI-001958,CCI-003959 ism: "1418" nist: CM-8(3),IA-3 srg: SRG-OS-000378-GPOS-00163,SRG-APP-000141-CTR-000315 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml index d23e80bd123..e8112110a13 100644 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml @@ -20,7 +20,7 @@ identifiers: cce@rhel10: CCE-87560-9 references: - disa: CCI-000416,CCI-001958 + disa: CCI-001958,CCI-003959 ism: "1418" nist: CM-8(3)(a),IA-3 ospp: FMT_SMF_EXT.1 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml index bf364d1b7ff..c5d5738db2b 100644 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-88632-5 references: - disa: CCI-000416,CCI-001958 + disa: CCI-001958 nist: CM-8(3)(a),IA-3 srg: SRG-OS-000378-GPOS-00163 stigid@ol8: OL08-00-040140 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml index 44e4ae1dd80..4c34b064f44 100644 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml @@ -110,7 +110,7 @@ references: cis@ubuntu2204: 1.7.2 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.9 - disa: CCI-000048,CCI-000050,CCI-001384,CCI-001385,CCI-001386,CCI-001387,CCI-001388 + disa: CCI-001387,CCI-001384,CCI-000048,CCI-001386,CCI-001388,CCI-001385 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml index d4b1a9cb155..a1f30e5c36e 100644 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml @@ -44,7 +44,7 @@ references: cis@ubuntu2204: 1.8.2 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.9 - disa: CCI-000048,CCI-000050,CCI-001384,CCI-001385,CCI-001386,CCI-001387,CCI-001388 + disa: CCI-001387,CCI-001384,CCI-000048,CCI-001386,CCI-001388,CCI-001385 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml index 19b311979be..b789b906e94 100644 --- a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml @@ -24,7 +24,7 @@ identifiers: cce@sle15: CCE-91156-0 references: - disa: CCI-002038 + disa: CCI-004895 nist: IA-11 srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158 stigid@ol7: OL07-00-010344 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml index b16fdaee4ba..60b2ae3a304 100644 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml @@ -43,7 +43,7 @@ references: cis-csc: 1,12,15,16 cjis: 5.5.2 cobit5: DSS05.04,DSS05.10,DSS06.10 - disa: CCI-000052 + disa: CCI-000366 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' ism: 0582,0584,05885,0586,0846,0957 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml index c4a8018cfac..f18c0a14fec 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml @@ -37,7 +37,7 @@ references: cjis: 5.5.3 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.8 - disa: CCI-000044,CCI-002236,CCI-002237,CCI-002238 + disa: CCI-000044,CCI-002238 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml index 109387fc6e7..002a81b2fc4 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml @@ -29,7 +29,7 @@ identifiers: references: cis-csc: 1,12,15,16 cobit5: DSS05.04,DSS05.10,DSS06.10 - disa: CCI-002238,CCI-000044 + disa: CCI-000044,CCI-002238 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml index 9aaf8c8f926..586a32611ab 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@rhel10: CCE-90182-7 references: - disa: CCI-000044,CCI-002238 + disa: CCI-000044 nist: AC-7(b),AC-7(a),AC-7.1(ii) srg: SRG-OS-000021-GPOS-00005,SRG-OS-000329-GPOS-00128 stigid@ol8: OL08-00-020016,OL08-00-020017 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml index 842f95dde0c..bea8688ac5f 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml @@ -34,7 +34,7 @@ references: cis-csc: 1,12,15,16 cis@ubuntu2204: 5.4.2 cobit5: DSS05.04,DSS05.10,DSS06.10 - disa: CCI-000044,CCI-002236,CCI-002237,CCI-002238 + disa: CCI-000044,CCI-002238 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml index 5f6bb4d1844..e52bd8b76ff 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml @@ -38,7 +38,7 @@ references: cjis: 5.5.3 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.8 - disa: CCI-000044,CCI-002236,CCI-002237,CCI-002238 + disa: CCI-000044,CCI-002238 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml index cdf547843c7..567144b30d5 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml @@ -36,7 +36,7 @@ references: cis@ubuntu2004: 5.3.1 cis@ubuntu2204: 5.4.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000194,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml index 653ca59740f..b63e93fc01b 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml @@ -37,7 +37,7 @@ references: cis-csc: 1,12,15,16,5 cjis: 5.6.2.1.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000195,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' iso27001-2013: A.18.1.4,A.7.1.1,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml index c60e1d97d45..1f1ead5e558 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml @@ -26,7 +26,7 @@ identifiers: cce@rhel10: CCE-90134-8 references: - disa: CCI-000194,CCI-000193,CCI-001619,CCI-000205,CCI-000195,CCI-000192,CCI-000366 + disa: CCI-004066 nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4) srg: SRG-OS-000072-GPOS-00040,SRG-OS-000071-GPOS-00039,SRG-OS-000070-GPOS-00038,SRG-OS-000266-GPOS-00101,SRG-OS-000078-GPOS-00046,SRG-OS-000480-GPOS-00225,SRG-OS-000069-GPOS-00037 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml index a63b0530b7d..0c3e42332c3 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml @@ -36,7 +36,7 @@ references: cis@ubuntu2004: 5.3.1 cis@ubuntu2204: 5.4.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000193,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml index 749e12a56ce..b8eed2243f2 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml @@ -29,7 +29,7 @@ identifiers: references: cis-csc: 1,12,15,16,5 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000195 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' iso27001-2013: A.18.1.4,A.7.1.1,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml index 7599f9c0f8b..2e3c33f2264 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml @@ -31,7 +31,7 @@ identifiers: references: cis-csc: 1,12,15,16,5 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000195 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' iso27001-2013: A.18.1.4,A.7.1.1,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml index 0c4c9137d22..4905d163dca 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml @@ -45,7 +45,7 @@ references: cis@ubuntu2004: 5.3.1 cis@ubuntu2204: 5.4.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000195 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml index 27ed78fc529..3d4440cda00 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml @@ -36,7 +36,7 @@ references: cis@ubuntu2204: 5.4.1 cjis: 5.6.2.1.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000205,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml index 474c464904a..84ee603a829 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml @@ -38,7 +38,7 @@ references: cis@ubuntu2004: 5.3.1 cis@ubuntu2204: 5.4.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-001619,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml index f9fd284af4a..482760bccec 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-89505-2 references: - disa: CCI-000366 + disa: CCI-004066 srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-020100 stigid@rhel8: RHEL-08-020100 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml index 35d399dba94..6e25f29481a 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml @@ -38,7 +38,7 @@ references: cis@ubuntu2204: 5.4.1 cjis: 5.5.3 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000192,CCI-000366 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 7.6' iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.18.1.4,A.7.1.1,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml index 9dae3f6dfe7..fa55c67d092 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml @@ -33,7 +33,7 @@ references: cis@ubuntu2004: 5.3.1 cis@ubuntu2204: 5.4.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000192,CCI-000193,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml index 73769890fef..75c1be525c6 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.6.2.2 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.13.11 - disa: CCI-000196 + disa: CCI-004062 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0418,1055,1402 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml index bcc0fbfe493..fc5064a2859 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.6.2.2 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.13.11 - disa: CCI-000196 + disa: CCI-004062 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0418,1055,1402 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml index be9d8a912b1..556bee4c16e 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml @@ -32,7 +32,7 @@ identifiers: cce@slmicro5: CCE-93682-3 references: - disa: CCI-000196,CCI-000803 + disa: CCI-000803,CCI-004062 nist@sle12: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1 srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-010130 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml index 55852305596..7e9a5856065 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml @@ -59,7 +59,7 @@ references: cis-csc: 12,13,14,15,16,18,3,5 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 cui: 3.4.5 - disa: CCI-000366 + disa: CCI-000366,CCI-002235 hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii) isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml index f4e1442e490..ae3a3ab2802 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml @@ -64,7 +64,7 @@ references: cis-csc: 12,13,14,15,16,18,3,5 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 cui: 3.4.5 - disa: CCI-000366 + disa: CCI-000366,CCI-002235 hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii) isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml index eec9264cddb..a7652c27e42 100644 --- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml @@ -38,7 +38,7 @@ references: cis-csc: 11,12,14,15,16,18,3,5 cobit5: DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.03,DSS06.06 cui: 3.1.2,3.4.5 - disa: CCI-000213 + disa: CCI-000366 hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii) isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7' diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml index 38e49c15d0c..6dc5eae7e28 100644 --- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml @@ -31,6 +31,7 @@ references: cjis: 5.5.6 cobit5: APO13.01,BAI03.01,BAI03.02,BAI03.03,DSS01.03,DSS03.05,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.1.11 + disa: CCI-001133 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 6.2' iso27001-2013: A.12.4.1,A.12.4.3,A.14.1.1,A.14.2.1,A.14.2.5,A.18.1.4,A.6.1.2,A.6.1.5,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml index 066a8b09abc..e789069b840 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml @@ -24,7 +24,7 @@ identifiers: references: - disa: CCI-000056,CCI-000058 + disa: CCI-000060,CCI-000056 srg: SRG-OS-000031-GPOS-00012,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011 stigid@ol8: OL08-00-020041 stigid@rhel8: RHEL-08-020041 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml index 07fdebf9cb2..e5921fb36c0 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml @@ -25,7 +25,7 @@ identifiers: cce@rhel10: CCE-86847-1 references: - disa: CCI-000056,CCI-000058 + disa: CCI-000056 nist: AC-11(a),AC-11(b),CM-6(a) ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1 srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml index 66c59681ceb..8ca6f872440 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-86967-7 references: - disa: CCI-000056,CCI-000058 + disa: CCI-002235,CCI-000056 nist: CM-6 ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1 srg: SRG-OS-000324-GPOS-00125,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml index a4531f58200..a07a286ada9 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml @@ -34,7 +34,7 @@ references: cis-csc: 1,12,15,16 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.10 - disa: CCI-000058,CCI-000056 + disa: CCI-000057,CCI-000056 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml index fb57403dab2..8954e378129 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml @@ -38,7 +38,7 @@ identifiers: references: cis-csc: 1,12,15,16,5 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-000765,CCI-000766,CCI-000767,CCI-000768,CCI-000771,CCI-000772,CCI-000884 + disa: CCI-001941,CCI-004045,CCI-000765,CCI-000766,CCI-000764 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 1382,1384,1386 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml index 14536117781..ba2df709025 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml @@ -47,7 +47,7 @@ identifiers: cce@slmicro5: CCE-93761-5 references: - disa: CCI-000765,CCI-000766,CCI-004046,CCI-001953,CCI-001954,CCI-004046,CCI-004047 + disa: CCI-000765,CCI-001953,CCI-001954,CCI-004046 nist: CM-6(a) pcidss: Req-8.3 srg: SRG-OS-000105-GPOS-00052,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000377-GPOS-00162 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml index 5320652a303..7ee9a73fdec 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@rhel10: CCE-86898-4 references: - disa: CCI-001954,CCI-001953 + disa: CCI-001953,CCI-004046 ism: 1382,1384,1386 nist: CM-6(a) srg: SRG-OS-000375-GPOS-00160,SRG-OS-000376-GPOS-00161 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml index 014047c718f..27989d6d3df 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml @@ -18,7 +18,7 @@ identifiers: cce@rhel10: CCE-88682-0 references: - disa: CCI-001954 + disa: CCI-004046 ism: 1382,1384,1386 nist: CM-6(a) srg: SRG-OS-000375-GPOS-00160 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml index 6f5e6c54af5..e9ac2ceb9f2 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml @@ -28,7 +28,7 @@ identifiers: cce@sle15: CCE-85844-9 references: - disa: CCI-001954 + disa: CCI-004046 ism: 1382,1384,1386 nist: IA-2(1),IA-2(2),IA-2(3),IA-2(4),IA-2(6),IA-2(7),IA-2(11),CM-6(a) pcidss: Req-8.3 diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml index b9bdfde666c..ee3d8e6352e 100644 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml @@ -30,7 +30,7 @@ identifiers: references: cui: 3.4.5 - disa: CCI-000366 + disa: CCI-000366,CCI-002235 hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii) nist: CM-6 ospp: FIA_UAU.1 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml index 7475fb25d78..3cbd74e9b58 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml @@ -41,7 +41,7 @@ references: cjis: 5.6.2.1.1 cobit5: DSS01.03,DSS03.05,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.5.6 - disa: CCI-000017,CCI-000795 + disa: CCI-003628,CCI-003627 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 6.2' iso27001-2013: A.12.4.1,A.12.4.3,A.18.1.4,A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml index 96604fd7d89..4fd6b372edc 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml @@ -41,7 +41,7 @@ references: cjis: 5.6.2.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.5.6 - disa: CCI-000199,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0418,1055,1402 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml index c24c2633032..84fd51d3690 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml @@ -40,7 +40,7 @@ references: cjis: 5.6.2.1.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.5.8 - disa: CCI-000198,CCI-004066 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0418,1055,1402 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml index cba84fad464..2abaa258132 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml @@ -37,7 +37,7 @@ references: cjis: 5.6.2.1 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.5.7 - disa: CCI-000205 + disa: CCI-004066 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml index 49552e4bc3b..70b804ce89c 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml @@ -30,7 +30,7 @@ references: cis@sle15: 5.4.1.2 cis@ubuntu2004: 5.4.1.1 cis@ubuntu2204: 5.5.1.2 - disa: CCI-000199 + disa: CCI-004066 nist: IA-5(f),IA-5(1)(d),CM-6(a) srg: SRG-OS-000076-GPOS-00044 stigid@ol7: OL07-00-010260 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml index 9020b257f08..43567e34347 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml @@ -30,7 +30,7 @@ references: cis@sle15: 5.4.1.3 cis@ubuntu2004: 5.4.1.2 cis@ubuntu2204: 5.5.1.1 - disa: CCI-000198 + disa: CCI-004066 nist: IA-5(f),IA-5(1)(d),CM-6(a) nist@sle15: IA-5(1).1(v) srg: SRG-OS-000075-GPOS-00043 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml index 1d2599559d9..b3ce8eb5557 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml @@ -35,7 +35,7 @@ references: cis@sle12: 5.4.1.1 cis@sle15: 5.4.1.1 cis@ubuntu2004: 5.3.4 - disa: CCI-004062 + disa: CCI-000803,CCI-004062 nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1 srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-010120 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml index d48df0a5d6a..a87555acb87 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml @@ -41,7 +41,7 @@ identifiers: cce@sle15: CCE-91173-5 references: - disa: CCI-000196 + disa: CCI-000803,CCI-004062 srg: SRG-OS-000073-GPOS-00041 ocil_clause: 'rounds is not set to {{{ xccdf_value("var_password_pam_unix_rounds") }}} or is commented out' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml index a86dd40d6da..32d82c0f977 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@sle15: CCE-91172-7 references: - disa: CCI-000196 + disa: CCI-000803,CCI-004062 srg: SRG-OS-000073-GPOS-00041 ocil_clause: 'rounds is not set to {{{ xccdf_value("var_password_pam_unix_rounds") }}} or is commented out' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml index 6c0ca626469..fdd04fd50e9 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml @@ -26,6 +26,7 @@ identifiers: references: cis@sle12: "5.6" cis@sle15: "5.6" + disa: CCI-002165,CCI-004895 ospp: FMT_SMF_EXT.1.1 srg: 'SRG-OS-000373-GPOS-00156,SRG-OS-000312-GPOS-00123' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml index 66da32f905b..15e56903d4a 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml @@ -52,7 +52,7 @@ references: cis@ubuntu2204: 5.5.5 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.11 - disa: CCI-000057,CCI-001133,CCI-002361 + disa: CCI-000057,CCI-001133 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml index c224d01f5f8..37ff12a68a9 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml @@ -23,7 +23,7 @@ identifiers: references: cis@ubuntu2004: 5.4.4 cis@ubuntu2204: 5.5.4 - disa: CCI-000366,CCI-003938 + disa: CCI-000366 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00228 stigid@ol7: OL07-00-021040 stigid@ol8: OL08-00-020352 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml index 94c2f2efcd6..eeaf319fadb 100644 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml @@ -23,7 +23,7 @@ identifiers: cce@rhel10: CCE-88971-7 references: - disa: CCI-000381 + disa: CCI-002824,CCI-000381 nist: SI-16 srg: SRG-OS-000433-GPOS-00193,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-040004 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml index 02d2dc1a9fc..3e1e837c8f2 100644 --- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@rhel10: CCE-87153-3 references: - disa: CCI-001084 + disa: CCI-000366,CCI-001084 nist: CM-7(a) ospp: FPT_ASLR_EXT.1 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml index 528f1c8f60f..bed7cba30bc 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml @@ -29,7 +29,7 @@ references: cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 cui: 3.4.5 - disa: CCI-000225 + disa: CCI-000366 hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii) isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml index 2ccefb10e1e..fada1730e39 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml @@ -29,7 +29,7 @@ references: cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 cui: 3.4.5 - disa: CCI-000225 + disa: CCI-000366 hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii) isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml index 6b12190a091..14abf739b21 100644 --- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml +++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml @@ -25,7 +25,7 @@ identifiers: cce@sle15: CCE-91199-0 references: - disa: CCI-000366 + disa: CCI-000366,CCI-000803 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-030680 stigid@rhel8: RHEL-08-030680 diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml index ff21210ec74..54fe1e568d6 100644 --- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml +++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml @@ -24,7 +24,7 @@ references: cis@ubuntu2004: 4.2.1.1 cis@ubuntu2204: 4.2.2.1 cobit5: APO11.04,BAI03.05,DSS05.04,DSS05.07,MEA02.01 - disa: CCI-001311,CCI-001312,CCI-000366 + disa: CCI-000366,CCI-000154,CCI-001851 hipaa: 164.312(a)(2)(ii) isa-62443-2009: 4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9' diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml index 3a6fbb5a0cf..1b4d83fd116 100644 --- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml @@ -43,7 +43,7 @@ references: cis@sle15: 4.2.1.6 cis@ubuntu2204: 4.2.2.7 cobit5: APO01.06,APO11.04,APO13.01,BAI03.05,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.05,DSS03.01,DSS05.02,DSS05.04,DSS05.07,DSS06.02,MEA02.01 - disa: CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-003938 + disa: CCI-000366 isa-62443-2009: 4.2.3.4,4.3.3.3.9,4.3.3.4,4.3.3.5.8,4.3.4.3.2,4.3.4.3.3,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4,4.4.3.3 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' ism: 0988,1405 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml index 6814d7eda32..58909be6e93 100644 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml @@ -49,7 +49,7 @@ references: cis@ubuntu2004: 4.2.1.5 cis@ubuntu2204: 4.2.2.6 cobit5: APO11.04,APO13.01,BAI03.05,BAI04.04,DSS05.04,DSS05.07,MEA02.01 - disa: CCI-000366,CCI-001348,CCI-000136,CCI-001851 + disa: CCI-000366,CCI-001851 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(5)(ii)(B),164.308(a)(5)(ii)(C),164.308(a)(6)(ii),164.308(a)(8),164.310(d)(2)(iii),164.312(b),164.314(a)(2)(i)(C),164.314(a)(2)(iii) isa-62443-2009: 4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 7.1,SR 7.2' diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml index 0f87bcf0c4f..5a6036bac14 100644 --- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml +++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml @@ -26,7 +26,7 @@ references: cis@ubuntu2004: 4.2.1.2 cis@ubuntu2204: 4.2.2.2 cobit5: APO10.01,APO10.03,APO10.04,APO10.05,APO11.04,APO13.01,BAI03.05,BAI04.04,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,MEA01.01,MEA01.02,MEA01.03,MEA01.04,MEA01.05,MEA02.01 - disa: CCI-001311,CCI-001312,CCI-001557,CCI-001851,CCI-000366 + disa: CCI-000366 hipaa: 164.312(a)(2)(ii) isa-62443-2009: 4.3.2.6.7,4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9,SR 6.1,SR 6.2,SR 7.1,SR 7.2' diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml index 8974459d046..13ab7604067 100644 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml @@ -28,7 +28,7 @@ identifiers: references: cis@sle15: 3.5.1.1 - disa: CCI-002314 + disa: CCI-000382,CCI-000366,CCI-002314,CCI-002322 nist: CM-6(a) nist@sle15: CM-7,CM-7.1(iii),CM-7(b),AC-17(1) ospp: FMT_SMF_EXT.1 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml index bca6850c3e0..d52baffd9f2 100644 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml @@ -29,7 +29,7 @@ references: cis@sle15: 3.5.1.3 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05 cui: 3.1.3,3.4.7 - disa: CCI-000366,CCI-000382,CCI-002314 + disa: CCI-000382,CCI-000366,CCI-002314 isa-62443-2009: 4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 7.6' iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml index 1a748d99dfb..9c8e188236a 100644 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml @@ -20,7 +20,7 @@ identifiers: cce@rhel10: CCE-89418-8 references: - disa: CCI-002314 + disa: CCI-000366 nist: AC-17 (1) srg: SRG-OS-000297-GPOS-00115 stigid@ol8: OL08-00-040090 diff --git a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml index f5b68a45e0f..6574790bdf5 100644 --- a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml +++ b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml @@ -24,7 +24,7 @@ identifiers: references: cis-csc: 1,12,13,14,15,16,18,4,6,8,9 cobit5: APO01.06,APO13.01,DSS01.05,DSS03.01,DSS05.02,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-000336 + disa: CCI-000366 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii) isa-62443-2009: 4.2.3.4,4.3.3.4,4.4.3.3 isa-62443-2013: 'SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' diff --git a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml index 492e962d7b0..cad05231f39 100644 --- a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml +++ b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml @@ -27,7 +27,7 @@ identifiers: references: cis-csc: 12,15,3,5,8 cobit5: APO13.01,DSS01.04,DSS05.02,DSS05.03,DSS05.04 - disa: CCI-001130,CCI-001131 + disa: CCI-000366,CCI-000803 isa-62443-2009: 4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8 isa-62443-2013: 'SR 1.13,SR 2.6,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' iso27001-2013: A.11.2.4,A.11.2.6,A.13.1.1,A.13.2.1,A.14.1.3,A.15.1.1,A.15.2.1,A.6.2.1,A.6.2.2 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml index e5a5c514db0..b865a00126d 100644 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml @@ -26,7 +26,7 @@ references: cis@ubuntu2204: 3.3.2 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06 cui: 3.1.20 - disa: CCI-000366,CCI-001551 + disa: CCI-000366 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 7.6' iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml index 3450a01af74..8764502215c 100644 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml @@ -26,7 +26,7 @@ references: cis@ubuntu2204: 3.3.2 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06 cui: 3.1.20 - disa: CCI-000366,CCI-001551 + disa: CCI-000366 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 7.6' iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml index 1248e7ba1fe..6367ef8eac6 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml @@ -34,7 +34,7 @@ references: cjis: 5.10.1.1 cobit5: APO13.01,BAI04.04,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS05.02,DSS05.05,DSS05.07,DSS06.06 cui: 3.1.20 - disa: CCI-000366,CCI-001503,CCI-001551 + disa: CCI-000366 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.12.1.2,A.12.1.3,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.17.2.1,A.9.1.2 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml index 566018a95cd..ad5c3564e87 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml @@ -29,7 +29,7 @@ references: cis@ubuntu2204: 3.3.4 cobit5: APO13.01,BAI04.04,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS01.04,DSS03.05,DSS05.02,DSS05.03,DSS05.05,DSS05.07,DSS06.06 cui: 3.1.20 - disa: CCI-000126 + disa: CCI-000366 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.11.2.6,A.12.1.2,A.12.1.3,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.17.2.1,A.6.2.1,A.6.2.2,A.9.1.2 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml index abf7b3c1169..9a76b723ef8 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml @@ -30,7 +30,7 @@ references: cis@ubuntu2204: 3.3.7 cobit5: APO01.06,APO13.01,BAI04.04,DSS01.03,DSS01.05,DSS03.01,DSS03.05,DSS05.02,DSS05.04,DSS05.07,DSS06.02 cui: 3.1.20 - disa: CCI-000366,CCI-001551 + disa: CCI-000366 isa-62443-2009: 4.2.3.4,4.3.3.4,4.4.3.3 isa-62443-2013: 'SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.1.1,A.12.1.2,A.12.1.3,A.13.1.1,A.13.1.2,A.13.1.3,A.13.2.1,A.13.2.2,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.17.2.1,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml index b404c780345..8f2b53aa8aa 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.10.1.1 cobit5: APO01.06,APO13.01,BAI04.04,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS01.05,DSS03.01,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.06 cui: 3.1.20 - disa: CCI-000366,CCI-001551 + disa: CCI-000366 isa-62443-2009: 4.2.3.4,4.3.3.4,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3,4.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.1.1,A.12.1.2,A.12.1.3,A.12.5.1,A.12.6.2,A.13.1.1,A.13.1.2,A.13.1.3,A.13.2.1,A.13.2.2,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.17.2.1,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml index 721bb3d3d88..bac36aac5e5 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml @@ -35,7 +35,7 @@ references: cjis: 5.10.1.1 cobit5: APO01.06,APO13.01,BAI04.04,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS01.05,DSS03.01,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.06 cui: 3.1.20 - disa: CCI-000366,CCI-001551 + disa: CCI-000366 isa-62443-2009: 4.2.3.4,4.3.3.4,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3,4.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.1.1,A.12.1.2,A.12.1.3,A.12.5.1,A.12.6.2,A.13.1.1,A.13.1.2,A.13.1.3,A.13.2.1,A.13.2.2,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.17.2.1,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml index 1516ea33ac9..58549208a69 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml @@ -29,7 +29,7 @@ references: cis@ubuntu2204: 3.3.4 cobit5: APO13.01,BAI04.04,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS01.04,DSS03.05,DSS05.02,DSS05.03,DSS05.05,DSS05.07,DSS06.06 cui: 3.1.20 - disa: CCI-000126 + disa: CCI-000366 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.11.2.6,A.12.1.2,A.12.1.3,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.17.2.1,A.6.2.1,A.6.2.2,A.9.1.2 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml index be611f54796..916b8a8c129 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml @@ -27,6 +27,7 @@ references: cis@ubuntu2204: 3.3.6 cobit5: APO13.01,BAI04.04,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS05.02,DSS05.05,DSS05.07,DSS06.06 cui: 3.1.20 + disa: CCI-000366 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.12.1.2,A.12.1.3,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.17.2.1,A.9.1.2 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml index 06a7a1367fa..6592a13bb7c 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.10.1.1 cobit5: APO01.06,APO13.01,BAI04.04,DSS01.03,DSS01.05,DSS03.01,DSS03.05,DSS05.02,DSS05.04,DSS05.07,DSS06.02 cui: 3.1.20 - disa: CCI-000366,CCI-001095 + disa: CCI-001095,CCI-000366,CCI-002385 isa-62443-2009: 4.2.3.4,4.3.3.4,4.4.3.3 isa-62443-2013: 'SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 6.2,SR 7.1,SR 7.2,SR 7.6' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.1.1,A.12.1.2,A.12.1.3,A.13.1.1,A.13.1.2,A.13.1.3,A.13.2.1,A.13.2.2,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.17.2.1,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml index fac1e289006..6e06e0c6d4b 100644 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@rhel10: CCE-89906-2 references: - disa: CCI-000381,CCI-000366 + disa: CCI-000381 nist: AC-18 srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040021 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml index 5725e3096e6..433d0101269 100644 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@rhel10: CCE-89282-8 references: - disa: CCI-000381,CCI-000366 + disa: CCI-000381 nist: AC-18 ospp: FMT_SMF_EXT.1 srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml index c18e5d498b0..ba4ca06160c 100644 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml @@ -33,7 +33,7 @@ references: cjis: 5.10.1 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06 cui: 3.4.6 - disa: CCI-000381,CCI-000366 + disa: CCI-000381 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 7.6' iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml index d3bd05e30e3..b834a0ea3fa 100644 --- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml +++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml @@ -28,7 +28,7 @@ references: cjis: 5.13.1.3 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06 cui: 3.1.16 - disa: CCI-000085,CCI-001443,CCI-001444,CCI-001551,CCI-002418 + disa: CCI-001443,CCI-000381 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.9.1.2 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml index 94bc8dd7f44..830e35504a4 100644 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml @@ -51,7 +51,7 @@ references: cis@ubuntu2204: 3.1.2 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06 cui: 3.1.16 - disa: CCI-000085,CCI-002418,CCI-002421,CCI-001443,CCI-001444 + disa: CCI-001443,CCI-001444,CCI-002421,CCI-002418 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' ism: 1315,1319 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml index 01b45438946..de314e8b26c 100644 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml @@ -23,7 +23,7 @@ identifiers: cce@sle15: CCE-91239-4 references: - disa: CCI-000366 + disa: CCI-000366,CCI-001090 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000138-GPOS-00069 stigid@rhel8: RHEL-08-010700 diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml index 7b689e4323f..814e0ceb54f 100644 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml @@ -39,7 +39,7 @@ references: cis@ubuntu2004: 6.1.12 cis@ubuntu2204: 6.1.11 cobit5: APO01.06,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.02,DSS06.03,DSS06.06,DSS06.10 - disa: CCI-000366,CCI-002165 + disa: CCI-000366 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.18.1.4,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml index b4359831c49..b8289834867 100644 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml @@ -38,7 +38,7 @@ references: cis@ubuntu2004: 6.1.11 cis@ubuntu2204: 6.1.10 cobit5: APO01.06,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.03,DSS06.06 - disa: CCI-000366,CCI-002165 + disa: CCI-000366 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 5.2,SR 7.6' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.1,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml index 6f80d0f53a7..94405eae80e 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml @@ -23,7 +23,7 @@ references: cis@sle15: 6.1.7 cis@ubuntu2004: 6.1.8 cis@ubuntu2204: 6.1.4 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml index b1677b1ee3d..2f82e60e23d 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml @@ -28,7 +28,7 @@ references: cis@sle15: 6.1.6 cis@ubuntu2004: 6.1.3 cis@ubuntu2204: 6.1.8 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml index 2dd158ce122..40dcc6e65ec 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml @@ -23,7 +23,7 @@ references: cis@sle15: 6.1.5 cis@ubuntu2004: 6.1.6 cis@ubuntu2204: 6.1.2 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml index 05f7f88a97e..f21866f57b3 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml @@ -29,6 +29,7 @@ references: cis@sle15: 6.1.6 cis@ubuntu2004: 6.1.7 cis@ubuntu2204: 6.1.6 + disa: CCI-000366 pcidss: Req-8.7 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml index 17a45295a06..7f0820d51c1 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml @@ -25,6 +25,7 @@ references: cis@ubuntu2204: 6.1.3 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml index 0d159d1f3ed..1df28099daf 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml @@ -30,6 +30,7 @@ references: cis@ubuntu2004: 6.1.9 cis@ubuntu2204: 6.1.7 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml index 886f5c0cf51..bd584443c84 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml @@ -25,6 +25,7 @@ references: cis@ubuntu2204: 6.1.1 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml index 45f608c2175..7aaf451d25a 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml @@ -31,6 +31,7 @@ references: cis@ubuntu2204: 6.1.5 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml index 2ec7e95cf42..1ec3de62406 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml @@ -23,7 +23,7 @@ references: cis@sle15: 6.1.7 cis@ubuntu2004: 6.1.8 cis@ubuntu2204: 6.1.4 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7.c srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml index dd07649fa0f..58c4f95669f 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml @@ -22,7 +22,7 @@ references: cis@sle15: 6.1.6 cis@ubuntu2004: 6.1.3 cis@ubuntu2204: 6.1.8 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml index bdbe257a723..9ee2259a662 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml @@ -23,7 +23,7 @@ references: cis@sle15: 6.1.5 cis@ubuntu2004: 6.1.6 cis@ubuntu2204: 6.1.2 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7.c srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml index 1928ab011f4..48ea2b31402 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml @@ -23,7 +23,7 @@ references: cis@sle15: 6.1.6 cis@ubuntu2004: 6.1.7 cis@ubuntu2204: 6.1.6 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7.c srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml index a19b2b9318c..0495a86a3dc 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml @@ -25,7 +25,7 @@ references: cis@ubuntu2204: 6.1.3 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml index a33d9df1578..03974341273 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml @@ -24,7 +24,7 @@ references: cis@ubuntu2004: 6.1.9 cis@ubuntu2204: 6.1.7 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml index 4a3ab56f538..61d0d44412e 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml @@ -25,7 +25,7 @@ references: cis@ubuntu2204: 6.1.1 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml index bb6826a8f8e..717e4a5512c 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml @@ -28,7 +28,7 @@ references: cis@ubuntu2204: 6.1.5 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml index 0e2f912cabd..1a59da1ab31 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml @@ -24,7 +24,7 @@ references: cis@sle15: 6.1.7 cis@ubuntu2004: 6.1.8 cis@ubuntu2204: 6.1.4 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7.c srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml index 491c0bc766c..22c05635db4 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml @@ -31,7 +31,7 @@ references: cis@sle15: 6.1.6 cis@ubuntu2004: 6.1.3 cis@ubuntu2204: 6.1.8 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml index f13442afb1a..4d8eef2f24e 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml @@ -24,7 +24,7 @@ references: cis@sle15: 6.1.5 cis@ubuntu2004: 6.1.6 cis@ubuntu2204: 6.1.2 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7.c srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml index 126fc77a62a..d1cc32bec16 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml @@ -32,7 +32,7 @@ references: cis@sle15: 6.1.6 cis@ubuntu2004: 6.1.7 cis@ubuntu2204: 6.1.6 - disa: CCI-002223 + disa: CCI-000366 nist: AC-6 (1) pcidss: Req-8.7.c srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml index a5368beb9c6..2886e5872fd 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml @@ -26,7 +26,7 @@ references: cis@ubuntu2204: 6.1.3 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml index 353bcab6ed2..164c35084a7 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml @@ -33,7 +33,7 @@ references: cis@ubuntu2004: 6.1.9 cis@ubuntu2204: 6.1.7 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml index 57235d23572..0dcba2b5b4f 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml @@ -28,7 +28,7 @@ references: cis@ubuntu2204: 6.1.1 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml index 6ee4795ac32..32c5b1f4c9b 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml @@ -37,7 +37,7 @@ references: cis@ubuntu2204: 6.1.5 cjis: 5.5.2.2 cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02 - disa: CCI-002223 + disa: CCI-000366 isa-62443-2009: 4.3.3.7.3 isa-62443-2013: 'SR 2.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml index 3f5cbe148d8..001b7744cd6 100644 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml @@ -21,7 +21,7 @@ identifiers: cce@sle15: CCE-91252-7 references: - disa: CCI-002165 + disa: CCI-002235,CCI-002165 nerc-cip: CIP-003-8 R5.1.1,CIP-003-8 R5.3,CIP-004-6 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2 nist: CM-6(a),AC-6(1) srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml index 69fab52fe32..c91bcb48202 100644 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml @@ -23,7 +23,7 @@ identifiers: cce@sle15: CCE-91253-5 references: - disa: CCI-002165 + disa: CCI-002235,CCI-002165 nerc-cip: CIP-003-8 R5.1.1,CIP-003-8 R5.3,CIP-004-6 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2 nist: CM-6(a),AC-6(1) srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml index 6f2dac0f69f..1016d727377 100644 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml @@ -34,7 +34,7 @@ references: cis@ubuntu2204: 1.1.10 cobit5: APO13.01,DSS01.04,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.1.21 - disa: CCI-000366,CCI-000778,CCI-001958 + disa: CCI-000778,CCI-001958,CCI-003959 hipaa: 164.308(a)(3)(i),164.308(a)(3)(ii)(A),164.310(d)(1),164.310(d)(2),164.312(a)(1),164.312(a)(2)(iv),164.312(b) isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.6' diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml index 3a047a6bdbe..d08959e4dd4 100644 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml @@ -41,7 +41,7 @@ references: cis@ubuntu2204: 1.1.9 cobit5: APO13.01,DSS01.04,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 cui: 3.4.6 - disa: CCI-000366,CCI-000778,CCI-001958 + disa: CCI-000778,CCI-000366,CCI-001958 hipaa: 164.308(a)(3)(i),164.308(a)(3)(ii)(A),164.310(d)(1),164.310(d)(2),164.312(a)(1),164.312(a)(2)(iv),164.312(b) isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.6' diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml index d9662e1ea0c..cd07e93340a 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@rhel9: CCE-86040-3 references: - disa: CCI-000366 + disa: CCI-000366,CCI-001764 nist: CM-6(b),CM-6.1(iv) srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010572 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml index a8be7c713f5..c42e1654563 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml @@ -25,6 +25,7 @@ identifiers: cce@rhel10: CCE-90132-2 references: + disa: CCI-001764 nerc-cip: CIP-003-8 R5.1.1,CIP-003-8 R5.3,CIP-004-6 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2 nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7 nist-csf: PR.IP-1,PR.PT-2,PR.PT-3 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml index b8e781df2db..a6727c94ade 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml @@ -25,7 +25,7 @@ identifiers: cce@sle15: CCE-91235-2 references: - disa: CCI-000366 + disa: CCI-000366,CCI-001764 nerc-cip: CIP-003-8 R5.1.1,CIP-003-8 R5.3,CIP-004-6 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2 nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7 nist-csf: PR.IP-1,PR.PT-2,PR.PT-3 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml index abbf9318b9f..275252fa319 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml @@ -33,6 +33,7 @@ references: cis@ubuntu1804: 1.1.13 cis@ubuntu2004: 1.1.18 cis@ubuntu2204: 1.1.7.2 + disa: CCI-001764 srg: SRG-OS-000368-GPOS-00154 platform: machine and mount[home] diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml index 3205d4da718..a85068edf41 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml @@ -27,7 +27,7 @@ references: cis-csc: 11,13,14,3,8,9 cis@ubuntu2204: 1.1.7.3 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS05.06,DSS06.06 - disa: CCI-000366 + disa: CCI-000366,CCI-001764 isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 7.6' iso27001-2013: A.11.2.9,A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.8.2.1,A.8.2.2,A.8.2.3,A.8.3.1,A.8.3.3,A.9.1.2 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml index b3dd38407e1..33a8c1a7ea8 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml @@ -30,7 +30,7 @@ references: cis@sle15: 1.1.19 cis@ubuntu1804: 1.1.19 cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.06,DSS05.07,DSS06.03,DSS06.06 - disa: CCI-000087,CCI-000366 + disa: CCI-000366 isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 7.6' iso27001-2013: A.11.2.6,A.11.2.9,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.7.1.1,A.8.2.1,A.8.2.2,A.8.2.3,A.8.3.1,A.8.3.3,A.9.1.2,A.9.2.1 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml index 316805e6209..01b23f208c6 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml @@ -26,6 +26,7 @@ identifiers: references: cis@ubuntu2204: 1.1.3.2 + disa: CCI-001764 nerc-cip: CIP-003-8 R5.1.1,CIP-003-8 R5.3,CIP-004-6 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2 nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7 nist-csf: PR.IP-1,PR.PT-2,PR.PT-3 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml index 93095207bd4..4dcd2adcacd 100644 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml @@ -38,7 +38,7 @@ references: cis-csc: 12,15,8 cobit5: APO13.01,DSS05.02 cui: 3.1.7 - disa: CCI-002530 + disa: CCI-002824 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e) isa-62443-2013: 'SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' iso27001-2013: A.13.1.1,A.13.2.1,A.14.1.3 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml index 197f5867295..a76453243ac 100644 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml @@ -23,7 +23,7 @@ identifiers: cce@slmicro5: CCE-93627-8 references: - disa: CCI-002824,CCI-000366 + disa: CCI-000366,CCI-002824,CCI-001082 nerc-cip: CIP-002-5 R1.1,CIP-002-5 R1.2,CIP-003-8 R5.1.1,CIP-003-8 R5.3,CIP-004-6 4.1,CIP-004-6 4.2,CIP-004-6 R2.2.3,CIP-004-6 R2.2.4,CIP-004-6 R2.3,CIP-004-6 R4,CIP-005-6 R1,CIP-005-6 R1.1,CIP-005-6 R1.2,CIP-007-3 R3,CIP-007-3 R3.1,CIP-007-3 R5.1,CIP-007-3 R5.1.2,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3,CIP-007-3 R8.4,CIP-009-6 R.1.1,CIP-009-6 R4 nist: SC-30,SC-30(2),SC-30(5),CM-6(a) srg: SRG-OS-000132-GPOS-00067,SRG-OS-000433-GPOS-00192,SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml index 41763878f6f..5140236fdcc 100644 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml @@ -24,7 +24,7 @@ identifiers: cce@rhel10: CCE-89086-3 references: - disa: CCI-001084 + disa: CCI-000366,CCI-001084 nist: CM-6(a) srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068 stigid@ol8: OL08-00-010421 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml index abb4349c058..c2ea1a89884 100644 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml @@ -24,7 +24,7 @@ identifiers: cce@rhel10: CCE-86675-6 references: - disa: CCI-001084 + disa: CCI-002824,CCI-001084 nist: CM-6(a) srg: SRG-OS-000433-GPOS-00192,SRG-OS-000134-GPOS-00068 stigid@ol8: OL08-00-010423 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml index 54f495f1567..5cfa8ff72e8 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml @@ -22,7 +22,7 @@ identifiers: references: cui: 3.1.5 - disa: CCI-001090,CCI-001314 + disa: CCI-001082,CCI-001090 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e) nist: SI-11(a),SI-11(b) srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml index ad546c78a0c..07124e163df 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml @@ -18,7 +18,7 @@ identifiers: cce@rhel10: CCE-89232-3 references: - disa: CCI-003992 + disa: CCI-003992,CCI-000366 nist: CM-6 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000366-GPOS-00153 stigid@ol8: OL08-00-010372 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml index 7d49faf070b..8f4f15c4178 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml @@ -19,7 +19,7 @@ identifiers: cce@sle15: CCE-91258-4 references: - disa: CCI-001090 + disa: CCI-001082,CCI-001090 nist: AC-6 ospp: FMT_SMF_EXT.1 srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml index 2bbf76911ab..18e0b4e7d67 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml @@ -18,7 +18,7 @@ identifiers: cce@rhel10: CCE-89405-5 references: - disa: CCI-000366 + disa: CCI-000366,CCI-001082 nist: AC-6,SC-7(10) srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040281 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml index c794c8f7d78..e8a46285b88 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@sle15: CCE-91262-6 references: - disa: CCI-000366 + disa: CCI-000366,CCI-001082 nist: SC-7(10) srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040282 diff --git a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml index 7d6b790dc7b..0119808221d 100644 --- a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml +++ b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml @@ -19,6 +19,7 @@ identifiers: cce@slmicro5: CCE-94091-6 references: + disa: CCI-000366 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml index a0aa0dc859f..5c6e7417e82 100644 --- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml +++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml @@ -29,7 +29,7 @@ identifiers: cce@slmicro5: CCE-94097-3 references: - disa: CCI-001084 + disa: CCI-000366,CCI-001084 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068 stigid@ol8: OL08-00-010171 stigid@rhel8: RHEL-08-010171 diff --git a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml index a6d5833a1b2..76143da2055 100644 --- a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml +++ b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml @@ -31,7 +31,7 @@ references: cis-csc: 1,11,12,13,14,15,16,18,2,3,5,6,7,8,9 cobit5: APO01.06,APO11.04,BAI01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.06,MEA02.01 cui: '3.1.2,3.1.5,3.7.2' - disa: CCI-000022,CCI-000032,CCI-000318,CCI-000366,CCI-000368,CCI-001812,CCI-001813,CCI-003938 + disa: CCI-000366 isa-62443-2009: 4.3.3.3.9,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 2.8,SR 2.9,SR 5.2,SR 6.2,SR 7.6' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.12.1.2,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.5.1,A.12.6.2,A.12.7.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.14.2.7,A.15.2.1,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml index 4777c63da2b..3369554bc90 100644 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml @@ -39,7 +39,7 @@ references: cis-csc: 1,11,12,13,14,15,16,18,3,4,5,6,8,9 cobit5: APO01.06,APO11.04,APO13.01,BAI03.05,DSS01.05,DSS03.01,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.03,DSS06.06,MEA02.01 cui: 3.1.2,3.7.2 - disa: CCI-002165,CCI-002696 + disa: CCI-002696 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e) isa-62443-2009: 4.2.3.4,4.3.3.2.2,4.3.3.3.9,4.3.3.4,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4,4.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml index 0e147497106..237064080e1 100644 --- a/linux_os/guide/system/selinux/selinux_state/rule.yml +++ b/linux_os/guide/system/selinux/selinux_state/rule.yml @@ -32,7 +32,7 @@ references: cis-csc: 1,11,12,13,14,15,16,18,3,4,5,6,8,9 cobit5: APO01.06,APO11.04,APO13.01,BAI03.05,DSS01.05,DSS03.01,DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS06.02,DSS06.03,DSS06.06,MEA02.01 cui: 3.1.2,3.7.2 - disa: CCI-001084,CCI-002165,CCI-002696 + disa: CCI-002696,CCI-001084 hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e) isa-62443-2009: 4.2.3.4,4.3.3.2.2,4.3.3.3.9,4.3.3.4,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4,4.4.3.3 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.10,SR 2.11,SR 2.12,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 2.8,SR 2.9,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml index 2cb9640c732..691dbc954fa 100644 --- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml +++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml @@ -69,7 +69,7 @@ references: cis-csc: 13,14 cobit5: APO01.06,BAI02.01,BAI06.01,DSS04.07,DSS05.03,DSS05.04,DSS05.07,DSS06.02,DSS06.06 cui: 3.13.16 - disa: CCI-001199,CCI-002475,CCI-002476 + disa: CCI-002476,CCI-001199,CCI-002475 hipaa: 164.308(a)(1)(ii)(D),164.308(b)(1),164.310(d),164.312(a)(1),164.312(a)(2)(iii),164.312(a)(2)(iv),164.312(b),164.312(c),164.314(b)(2)(i),164.312(d) isa-62443-2013: 'SR 3.4,SR 4.1,SR 5.2' iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml index 4df936b80a1..98341adcfff 100644 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml @@ -33,7 +33,7 @@ references: cis@ubuntu2004: 1.1.17 cis@ubuntu2204: 1.1.7.1 cobit5: APO13.01,DSS05.02 - disa: CCI-000366,CCI-001208 + disa: CCI-000366 isa-62443-2013: 'SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6' iso27001-2013: A.13.1.1,A.13.2.1,A.14.1.3 nist: CM-6(a),SC-5(2) diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml index 01944ea382e..17b47564d36 100644 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml @@ -29,6 +29,7 @@ references: cis@ubuntu1804: 1.1.6 cis@ubuntu2004: 1.1.11 cis@ubuntu2204: 1.1.4.1 + disa: CCI-000366 srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010544 stigid@rhel8: RHEL-08-010544 diff --git a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml index f0a119f0baa..265961c4fc3 100644 --- a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml +++ b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml @@ -29,6 +29,7 @@ identifiers: references: cis@sle12: '1.10' cis@sle15: '1.10' + disa: CCI-000366 hipaa: 164.308(a)(1)(ii)(B),164.308(a)(5)(ii)(A) pcidss: Req-6.2 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml index d2080f0d8ce..1f62e436c8c 100644 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml @@ -38,6 +38,7 @@ references: cis@sle15: '1.10' cis@ubuntu2004: '1.10' cis@ubuntu2204: 1.8.3 + disa: CCI-000366 nist: CM-6(a),AC-23 srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-010063 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml index f46be4e7bbb..ea6da5dbd34 100644 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml @@ -30,7 +30,7 @@ identifiers: cce@rhel10: CCE-87751-4 references: - disa: CCI-000056,CCI-000058 + disa: CCI-000057,CCI-000056 srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011 stigid@ol8: OL08-00-020050 stigid@rhel8: RHEL-08-020050 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml index 0cba1e6fdfb..b9d464f9ac3 100644 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml @@ -36,7 +36,7 @@ references: cis@ubuntu2204: 1.8.6 cobit5: APO13.01,DSS01.04,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03 cui: 3.1.7 - disa: CCI-000366,CCI-000778,CCI-001958 + disa: CCI-000778,CCI-000366,CCI-001958 isa-62443-2009: 4.3.3.2.2,4.3.3.5.2,4.3.3.6.6,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.4,SR 1.5,SR 1.9,SR 2.1,SR 2.6' iso27001-2013: A.11.2.6,A.13.1.1,A.13.2.1,A.6.2.1,A.6.2.2,A.7.1.1,A.9.2.1 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml index bd40127038c..cf0a80a8474 100644 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml @@ -36,7 +36,7 @@ references: cis@ubuntu2204: 1.8.8 cobit5: APO13.01,DSS01.04,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03 cui: 3.1.7 - disa: CCI-000366,CCI-000778,CCI-001958 + disa: CCI-000778,CCI-000366,CCI-001958 isa-62443-2009: 4.3.3.2.2,4.3.3.5.2,4.3.3.6.6,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.4,SR 1.5,SR 1.9,SR 2.1,SR 2.6' iso27001-2013: A.11.2.6,A.13.1.1,A.13.2.1,A.6.2.1,A.6.2.2,A.7.1.1,A.9.2.1 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml index e4e57bb7bae..4341b6a3534 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml @@ -28,7 +28,7 @@ references: cis@ubuntu2204: 1.8.5 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.10 - disa: CCI-000056,CCI-000057,CCI-000060 + disa: CCI-000057 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml index bca98d2b98a..654825af00b 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml @@ -43,7 +43,7 @@ references: cjis: 5.5.5 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.10 - disa: CCI-000056,CCI-000058,CCI-000060 + disa: CCI-000057,CCI-000056 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml index ad3a630c68c..9cc43aab35a 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml @@ -29,7 +29,7 @@ references: cis-csc: 1,12,15,16 cobit5: DSS05.04,DSS05.10,DSS06.10 cui: 3.1.10 - disa: CCI-000057,CCI-000060 + disa: CCI-000057 isa-62443-2009: 4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml index 8f5d6697fee..da8686d40bb 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml @@ -27,6 +27,7 @@ identifiers: cce@rhel10: CCE-86874-5 references: + disa: CCI-002418,CCI-002422 nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: SC-13,SC-12(2),SC-12(3) srg: SRG-OS-000423-GPOS-00187,SRG-OS-000426-GPOS-00190 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml index 93073191c98..e9895420cb5 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml @@ -60,6 +60,7 @@ identifiers: cce@sle15: CCE-85776-3 references: + disa: CCI-002890,CCI-002450,CCI-003123 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.312(e)(1),164.312(e)(2)(ii) ism: "1446" nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml index da3b61ed391..f7785a43615 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml @@ -24,6 +24,7 @@ identifiers: cce@rhel10: CCE-88640-8 references: + disa: CCI-000803 ism: 0418,1055,1402 nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: SC-13,SC-12(2),SC-12(3) diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml index ad4166c4f0b..eebc3f626e9 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml @@ -30,6 +30,7 @@ identifiers: cce@sle15: CCE-85791-2 references: + disa: CCI-000068 nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: CM-6(a),MA-4(6),SC-13,SC-12(2),SC-12(3) pcidss: Req-2.2 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml index f25e84f0ecc..5ddb29f3ea5 100644 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml @@ -27,7 +27,7 @@ identifiers: cce@rhel9: CCE-90125-6 references: - disa: CCI-000068,CCI-000877,CCI-001453,CCI-002418,CCI-002890,CCI-003123 + disa: CCI-001453 nist: AC-17(2) srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000423-GPOS-00187 stigid@ol8: OL08-00-010020 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml index 2b95e3b80ce..5d5b47d86a1 100644 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml @@ -27,7 +27,7 @@ identifiers: cce@rhel9: CCE-87332-3 references: - disa: CCI-000877,CCI-001453 + disa: CCI-001453 nist: AC-17(2) srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093 stigid@ol8: OL08-00-010291 diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml index 404e14e5b9d..72dc31e3db3 100644 --- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml @@ -19,6 +19,7 @@ identifiers: cce@rhel10: CCE-89668-8 references: + disa: CCI-002890,CCI-002450,CCI-003123 ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1 srg: SRG-OS-000396-GPOS-00176,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml index 9b95ba2dbb2..ea4eb058f9d 100644 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml @@ -24,7 +24,7 @@ identifiers: cce@rhel10: CCE-88066-6 references: - disa: CCI-000068,CCI-000803,CCI-002450 + disa: CCI-002450,CCI-000068,CCI-002418,CCI-000877 ism: "1446" nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml index d23514f611b..462bffc5b92 100644 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml @@ -41,7 +41,7 @@ identifiers: cce@rhel10: CCE-86982-6 references: - disa: CCI-000068,CCI-000803,CCI-002450 + disa: CCI-002450,CCI-000068,CCI-002418,CCI-000877 ism: "1446" nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: CM-3(6),SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12 diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml index af032cfe45e..ed4fc381bef 100644 --- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml +++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml @@ -29,7 +29,7 @@ identifiers: cce@rhel10: CCE-89047-5 references: - disa: CCI-000068,CCI-000803,CCI-000877,CCI-001453,CCI-002418,CCI-002450,CCI-002890,CCI-003123 + disa: CCI-002450,CCI-000068,CCI-002418,CCI-000877 nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12 srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml index 8585f0c6568..8b0fc6c633d 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml @@ -51,6 +51,7 @@ references: cis@ubuntu2204: 1.3.1 cjis: 5.10.1.3 cobit5: APO01.06,BAI01.06,BAI02.01,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS04.07,DSS05.02,DSS05.03,DSS05.05,DSS05.07,DSS06.02,DSS06.06 + disa: CCI-002696,CCI-001744 isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4 isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 4.1,SR 6.2,SR 7.6' iso27001-2013: A.11.2.4,A.12.1.2,A.12.2.1,A.12.4.1,A.12.5.1,A.12.6.2,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.14.2.7,A.15.2.1,A.8.2.3 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml index bf7c25fc5e4..054ccc597eb 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml @@ -39,7 +39,7 @@ identifiers: references: cis@ubuntu2204: 4.1.4.11 - disa: CCI-001496 + disa: CCI-001496,CCI-001494,CCI-001495,CCI-001493 nist: AU-9(3),AU-9(3).1 srg: SRG-OS-000278-GPOS-00108 stigid@ol8: OL08-00-030650 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml index ca0dff37d9d..00b277765ef 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml @@ -50,7 +50,7 @@ references: cis@ubuntu2204: 1.3.2 cjis: 5.10.1.3 cobit5: APO01.06,BAI01.06,BAI02.01,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS04.07,DSS05.02,DSS05.03,DSS05.05,DSS05.07,DSS06.02,DSS06.06 - disa: CCI-001744,CCI-002699,CCI-002702 + disa: CCI-002702,CCI-001744,CCI-002699 isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4 isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 4.1,SR 6.2,SR 7.6' iso27001-2013: A.11.2.4,A.12.1.2,A.12.2.1,A.12.4.1,A.12.5.1,A.12.6.2,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.14.2.7,A.15.2.1,A.8.2.3 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml index 028e6dc2f8d..457b1c08ab4 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml @@ -37,7 +37,7 @@ identifiers: references: cis-csc: 1,11,12,13,15,16,2,3,5,7,8,9 cobit5: BAI01.06,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS05.02,DSS05.05,DSS05.07 - disa: CCI-001744,CCI-002699,CCI-002702 + disa: CCI-002702,CCI-001744,CCI-002699 isa-62443-2009: 4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 6.2,SR 7.6' iso27001-2013: A.12.1.2,A.12.4.1,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.14.2.7,A.15.2.1 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml index d37dfbfefcd..f48bbacf394 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@rhel10: CCE-86839-8 references: - disa: CCI-001493,CCI-001494,CCI-001495 + disa: CCI-001493 nist: AU-9 srg: SRG-OS-000256-GPOS-00097,SRG-OS-000257-GPOS-00098,SRG-OS-000258-GPOS-00099 stigid@ol8: OL08-00-030640 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml index 9413a356bf3..beffcd55d72 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@rhel10: CCE-87874-4 references: - disa: CCI-001493,CCI-001494,CCI-001495 + disa: CCI-001493 nist: AU-9 srg: SRG-OS-000256-GPOS-00097,SRG-OS-000257-GPOS-00098,SRG-OS-000258-GPOS-00099 stigid@ol8: OL08-00-030630 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml index 04f59a304b5..6281f55b688 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml @@ -26,7 +26,7 @@ references: cis@ubuntu2204: 1.3.1 cjis: 5.10.1.3 cobit5: APO01.06,BAI01.06,BAI02.01,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.03,DSS03.05,DSS04.07,DSS05.02,DSS05.03,DSS05.05,DSS05.07,DSS06.02,DSS06.06 - disa: CCI-002696,CCI-002699,CCI-001744 + disa: CCI-002696,CCI-001744 isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4 isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 4.1,SR 6.2,SR 7.6' ism: 1034,1288,1341,1417 diff --git a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml index 85c5ef1a00c..092051fe6c6 100644 --- a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml +++ b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml @@ -27,6 +27,7 @@ references: cis@sle15: 1.3.1 cis@ubuntu2004: 1.3.1 cis@ubuntu2204: 5.3.1 + disa: CCI-002235 ism: 1382,1384,1386 nist: CM-6(a) ospp: FMT_MOF_EXT.1 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml index 2094a7db635..c72f29c20ae 100644 --- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml +++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml @@ -29,7 +29,7 @@ references: cis-csc: 1,12,15,16,5 cis@ubuntu2204: 5.3.5 cobit5: DSS05.04,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-002038 + disa: CCI-004895 isa-62443-2009: 4.3.3.5.1,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml index 6afd63dcd79..1a68d645430 100644 --- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml +++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml @@ -29,7 +29,7 @@ identifiers: references: cis-csc: 1,12,15,16,5 cobit5: DSS05.04,DSS05.10,DSS06.03,DSS06.10 - disa: CCI-002038 + disa: CCI-004895 isa-62443-2009: 4.3.3.5.1,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9' iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml index 594578e1082..04d3ad280be 100644 --- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml +++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml @@ -32,7 +32,7 @@ identifiers: references: cis@ubuntu2204: 5.3.6 - disa: CCI-002038 + disa: CCI-004895 nist: IA-11 srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158 stigid@ol7: OL07-00-010343 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml index 48c34329ec2..4500f23e94b 100644 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml @@ -32,7 +32,7 @@ identifiers: cce@slmicro5: CCE-93735-9 references: - disa: CCI-000366,CCI-002227 + disa: CCI-000366 nist: CM-6(b),CM-6.1(iv) srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-010342 diff --git a/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml index 18ab75439f9..9156540b986 100644 --- a/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml @@ -22,6 +22,7 @@ identifiers: cce@rhel10: CCE-90403-7 references: + disa: CCI-000366 ospp: FIA_X509_EXT.1,FIA_X509_EXT.1.1,FIA_X509_EXT.2 srg: SRG-OS-000480-GPOS-00227 diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml index 20fcf674cf1..5f33752d355 100644 --- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml @@ -17,7 +17,7 @@ identifiers: cce@rhel10: CCE-87596-3 references: - disa: CCI-000381,CCI-000366 + disa: CCI-000366,CCI-000381 srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040370 stigid@rhel8: RHEL-08-040370 diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml index eb5ac173e52..152061a7dc7 100644 --- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml @@ -18,7 +18,7 @@ identifiers: cce@rhel10: CCE-89809-8 references: - disa: CCI-000366 + disa: CCI-000366,CCI-000381 srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040380 stigid@rhel8: RHEL-08-040380 diff --git a/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml index a2d1fb4c4c8..5d237620a5c 100644 --- a/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml @@ -20,6 +20,8 @@ identifiers: cce@rhel10: CCE-87829-8 references: + disa: CCI-000366 + ospp: FMT_SMF_EXT.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml index a0385cb0094..230a064b681 100644 --- a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml @@ -28,6 +28,7 @@ identifiers: cce@rhel10: CCE-88542-6 references: + disa: CCI-003992 ism: 0940,1144,1467,1472,1483,1493,1494,1495 ospp: FPT_TUD_EXT.1,FPT_TUD_EXT.2 srg: SRG-OS-000366-GPOS-00153 diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml index 759671d7530..0e6096fd04a 100644 --- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml @@ -20,7 +20,7 @@ identifiers: cce@rhel10: CCE-87654-0 references: - disa: CCI-000366 + disa: CCI-000366,CCI-000381 srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040390 stigid@rhel8: RHEL-08-040390 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml index 493154c755e..0d38f08a0f1 100644 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml @@ -29,7 +29,7 @@ references: cis-csc: 11,3,9 cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05 cui: 3.4.8 - disa: CCI-001749 + disa: CCI-003992 hipaa: 164.308(a)(1)(ii)(D),164.312(b),164.312(c)(1),164.312(c)(2),164.312(e)(2)(i) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3 isa-62443-2013: 'SR 7.6' diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml index ead71f5be46..5a3ce069cf4 100644 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml @@ -32,7 +32,7 @@ references: cjis: 5.10.4.1 cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02 cui: 3.4.8 - disa: CCI-001749 + disa: CCI-003992 hipaa: 164.308(a)(1)(ii)(D),164.312(b),164.312(c)(1),164.312(c)(2),164.312(e)(2)(i) isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4 isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6' diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml index cbd37bfadab..f80ebf09b02 100644 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml @@ -49,7 +49,7 @@ references: cis@sle15: "1.9" cjis: 5.10.4.1 cobit5: APO12.01,APO12.02,APO12.03,APO12.04,BAI03.10,DSS05.01,DSS05.02 - disa: CCI-000366,CCI-001227 + disa: CCI-000366 isa-62443-2009: 4.2.3,4.2.3.12,4.2.3.7,4.2.3.9 iso27001-2013: A.12.6.1,A.14.2.3,A.16.1.3,A.18.2.2,A.18.2.3 nist: SI-2(5),SI-2(c),CM-6(a) From 3b3a992a76b24af42c6dc73c541e12ac399124d0 Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Thu, 19 Sep 2024 06:27:42 -0500 Subject: [PATCH 3/7] Add tools used for updating CCIs --- utils/clean_up_dupkeys.py | 91 +++++++++++++++++++++++++++++++++++++++ utils/update_cci.py | 90 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 181 insertions(+) create mode 100644 utils/clean_up_dupkeys.py create mode 100755 utils/update_cci.py diff --git a/utils/clean_up_dupkeys.py b/utils/clean_up_dupkeys.py new file mode 100644 index 00000000000..29c69f3cf4e --- /dev/null +++ b/utils/clean_up_dupkeys.py @@ -0,0 +1,91 @@ +import re +from pprint import pprint + + + +if __name__ == "__main__": + paths = [ +"linux_os/guide/services/ssh/ssh_server/disable_host_auth/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_enable_pam/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml", +"linux_os/guide/services/ssh/ssh_server/sshd_use_priv_separation/rule.yml", +"linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml", +"linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml", +"linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml", +"linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml", +"linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml", +"linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml", +"linux_os/guide/system/accounts/accounts-restrictions/password_storage/gid_passwd_group_same/rule.yml", +"linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml", +"linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml", +"linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml", +"linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml", +"linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml", +"linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml", +"linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml", +"linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml", +"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml", +"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml", +"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml", +"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml", +"linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml", +"linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml", +"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml", +"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml", +"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml", +"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml", +"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml", +"linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml", +"linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml", +"linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml", +"linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml", +"linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml", +"linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml", +"linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml", +"linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml", +"linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml", +"linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml", +"linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml", +"linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml", +"linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml", +"linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml", +"linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml", +"linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml", +"linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml", +"linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml", +"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml", +"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml", +"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml", +"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml", +"linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml", +"linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml", +"linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml", +"linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml", +] + for path in paths: + offending_lines = list() + with open(path, 'r') as fp: + lines = fp.readlines() + for idx, line in enumerate(lines): + if re.match(r'\s+disa:', line): + offending_lines.append(idx) + if len(offending_lines) == 2: + del lines[offending_lines[0]] + pprint(offending_lines) + with open(path, 'w') as fp: + fp.writelines(lines) diff --git a/utils/update_cci.py b/utils/update_cci.py new file mode 100755 index 00000000000..d19f2e3bd1d --- /dev/null +++ b/utils/update_cci.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python3 + +import json +import os.path +import re +import sys + +from collections import defaultdict +from typing import List + +import ssg.environment +import ssg.yaml +from utils.find_unused_rules import SSG_ROOT +from ssg.xml import open_xml, PREFIX_TO_NS +from ssg.controls import ControlsManager + +PRODUCT = "rhel9" +RHEL9_XML = os.path.join(SSG_ROOT, "shared", "references", "disa-stig-rhel9-v2r1-xccdf-manual.xml") +PRODUCT_YAML = os.path.join(SSG_ROOT, "products", PRODUCT, "product.yml") +BUILD_YAML = os.path.join(SSG_ROOT, "build", "build_config.yml") +REALLY_BAD_SECTION_REGEX = r'^\s+disa:.+$' + +def main() -> int: + rule_dirs_path = os.path.join(SSG_ROOT, "build", "rule_dirs.json") + env_yaml = ssg.environment.open_environment(BUILD_YAML, PRODUCT_YAML) + + + with open(rule_dirs_path, 'r') as json_fp: + rules = json.load(json_fp) + root = open_xml(RHEL9_XML).getroot() + stigid_to_cci = defaultdict(set) + for rule in root.findall('.//xccdf-1.1:Rule', PREFIX_TO_NS): + stig_id = rule.find('xccdf-1.1:version', PREFIX_TO_NS).text + ccis_elems = rule.findall( + "xccdf-1.1:ident[@system='http://cyber.mil/cci']", PREFIX_TO_NS) + for cci in ccis_elems: + stigid_to_cci[stig_id].add(cci.text) + controls_root = os.path.join(SSG_ROOT, "controls") + ctrl_manager = ControlsManager(controls_root, env_yaml) + ctrl_manager.load() + for stig_id, ccis in stigid_to_cci.items(): + control = ctrl_manager.get_control('stig_rhel9', stig_id) + if len(control.rules) < 1: + # print(f"{stig_id} has no rules.", file=sys.stderr) + continue + for rule in control.rules: + if '=' in rule: + continue + rule_obj = rules[rule] + rule_yaml_path = os.path.join(rule_obj['dir'], 'rule.yml') + with open(rule_yaml_path, 'r') as fp: + old_content = fp.readlines() + new_content = list() + ref_start_line = 0 + for index, line in enumerate(old_content): + if 'references:' in line: + ref_start_line = index + new_content.append(line) + continue + if not re.match(REALLY_BAD_SECTION_REGEX, line): + new_content.append(line) + else: + new_content.append(f"{' ' * 4}disa: {','.join(ccis)}\n") + if new_content != old_content: + validate_file(new_content, rule_yaml_path) + with open(rule_yaml_path, 'w') as fp: + fp.writelines(new_content) + continue + + new_line = f'{" " * 4}disa: {','.join(ccis)}\n' + if ref_start_line == 0: + raise ValueError + new_content.insert(ref_start_line+2, new_line) + if new_content != old_content: + with open(rule_yaml_path, 'w') as fp: + fp.writelines(new_content) + continue + return 0 + + +def validate_file(lines: List[str], filename: str): + offenders = list() + for idx, line in enumerate(lines): + if re.match(REALLY_BAD_SECTION_REGEX, line): + offenders.append(str(idx)) + if len(offenders) > 1: + print(f"Failure on lines {','.join(offenders)} in {filename}", file=sys.stderr) + +if __name__ == "__main__": + raise SystemExit(main()) From c01b39094193f8593d073e3deee4efd902cf456c Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Thu, 19 Sep 2024 06:28:51 -0500 Subject: [PATCH 4/7] Revert "Add tools used for updating CCIs" This reverts commit 6fe6cf33450fc5070fbfc62165f934efbe443bdd. The scripts due not need to stay the repo. --- utils/clean_up_dupkeys.py | 91 --------------------------------------- utils/update_cci.py | 90 -------------------------------------- 2 files changed, 181 deletions(-) delete mode 100644 utils/clean_up_dupkeys.py delete mode 100755 utils/update_cci.py diff --git a/utils/clean_up_dupkeys.py b/utils/clean_up_dupkeys.py deleted file mode 100644 index 29c69f3cf4e..00000000000 --- a/utils/clean_up_dupkeys.py +++ /dev/null @@ -1,91 +0,0 @@ -import re -from pprint import pprint - - - -if __name__ == "__main__": - paths = [ -"linux_os/guide/services/ssh/ssh_server/disable_host_auth/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_enable_pam/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml", -"linux_os/guide/services/ssh/ssh_server/sshd_use_priv_separation/rule.yml", -"linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml", -"linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml", -"linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml", -"linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml", -"linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml", -"linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml", -"linux_os/guide/system/accounts/accounts-restrictions/password_storage/gid_passwd_group_same/rule.yml", -"linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml", -"linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml", -"linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml", -"linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml", -"linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml", -"linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml", -"linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml", -"linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml", -"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml", -"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml", -"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml", -"linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml", -"linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml", -"linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml", -"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml", -"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml", -"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml", -"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml", -"linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml", -"linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml", -"linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml", -"linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml", -"linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml", -"linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml", -"linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml", -"linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml", -"linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml", -"linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml", -"linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml", -"linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml", -"linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml", -"linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml", -"linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml", -"linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml", -"linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml", -"linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml", -"linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml", -"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml", -"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml", -"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml", -"linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml", -"linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml", -"linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml", -"linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml", -"linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml", -] - for path in paths: - offending_lines = list() - with open(path, 'r') as fp: - lines = fp.readlines() - for idx, line in enumerate(lines): - if re.match(r'\s+disa:', line): - offending_lines.append(idx) - if len(offending_lines) == 2: - del lines[offending_lines[0]] - pprint(offending_lines) - with open(path, 'w') as fp: - fp.writelines(lines) diff --git a/utils/update_cci.py b/utils/update_cci.py deleted file mode 100755 index d19f2e3bd1d..00000000000 --- a/utils/update_cci.py +++ /dev/null @@ -1,90 +0,0 @@ -#!/usr/bin/env python3 - -import json -import os.path -import re -import sys - -from collections import defaultdict -from typing import List - -import ssg.environment -import ssg.yaml -from utils.find_unused_rules import SSG_ROOT -from ssg.xml import open_xml, PREFIX_TO_NS -from ssg.controls import ControlsManager - -PRODUCT = "rhel9" -RHEL9_XML = os.path.join(SSG_ROOT, "shared", "references", "disa-stig-rhel9-v2r1-xccdf-manual.xml") -PRODUCT_YAML = os.path.join(SSG_ROOT, "products", PRODUCT, "product.yml") -BUILD_YAML = os.path.join(SSG_ROOT, "build", "build_config.yml") -REALLY_BAD_SECTION_REGEX = r'^\s+disa:.+$' - -def main() -> int: - rule_dirs_path = os.path.join(SSG_ROOT, "build", "rule_dirs.json") - env_yaml = ssg.environment.open_environment(BUILD_YAML, PRODUCT_YAML) - - - with open(rule_dirs_path, 'r') as json_fp: - rules = json.load(json_fp) - root = open_xml(RHEL9_XML).getroot() - stigid_to_cci = defaultdict(set) - for rule in root.findall('.//xccdf-1.1:Rule', PREFIX_TO_NS): - stig_id = rule.find('xccdf-1.1:version', PREFIX_TO_NS).text - ccis_elems = rule.findall( - "xccdf-1.1:ident[@system='http://cyber.mil/cci']", PREFIX_TO_NS) - for cci in ccis_elems: - stigid_to_cci[stig_id].add(cci.text) - controls_root = os.path.join(SSG_ROOT, "controls") - ctrl_manager = ControlsManager(controls_root, env_yaml) - ctrl_manager.load() - for stig_id, ccis in stigid_to_cci.items(): - control = ctrl_manager.get_control('stig_rhel9', stig_id) - if len(control.rules) < 1: - # print(f"{stig_id} has no rules.", file=sys.stderr) - continue - for rule in control.rules: - if '=' in rule: - continue - rule_obj = rules[rule] - rule_yaml_path = os.path.join(rule_obj['dir'], 'rule.yml') - with open(rule_yaml_path, 'r') as fp: - old_content = fp.readlines() - new_content = list() - ref_start_line = 0 - for index, line in enumerate(old_content): - if 'references:' in line: - ref_start_line = index - new_content.append(line) - continue - if not re.match(REALLY_BAD_SECTION_REGEX, line): - new_content.append(line) - else: - new_content.append(f"{' ' * 4}disa: {','.join(ccis)}\n") - if new_content != old_content: - validate_file(new_content, rule_yaml_path) - with open(rule_yaml_path, 'w') as fp: - fp.writelines(new_content) - continue - - new_line = f'{" " * 4}disa: {','.join(ccis)}\n' - if ref_start_line == 0: - raise ValueError - new_content.insert(ref_start_line+2, new_line) - if new_content != old_content: - with open(rule_yaml_path, 'w') as fp: - fp.writelines(new_content) - continue - return 0 - - -def validate_file(lines: List[str], filename: str): - offenders = list() - for idx, line in enumerate(lines): - if re.match(REALLY_BAD_SECTION_REGEX, line): - offenders.append(str(idx)) - if len(offenders) > 1: - print(f"Failure on lines {','.join(offenders)} in {filename}", file=sys.stderr) - -if __name__ == "__main__": - raise SystemExit(main()) From 0485740a3aa28569263223598cf598edcf34667d Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Thu, 26 Sep 2024 08:10:22 -0500 Subject: [PATCH 5/7] Remove RHEL-09-211025 from the STIG No longer in RHEL 9 STIG as V2R1. --- controls/stig_rhel9.yml | 9 --------- tests/data/profile_stability/rhel9/stig.profile | 2 -- tests/data/profile_stability/rhel9/stig_gui.profile | 2 -- 3 files changed, 13 deletions(-) diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml index f62e2669f33..a0b9cfcd846 100644 --- a/controls/stig_rhel9.yml +++ b/controls/stig_rhel9.yml @@ -46,15 +46,6 @@ controls: - login_banner_text=dod_banners status: automated - - id: RHEL-09-211025 - levels: - - medium - title: RHEL 9 must implement the Endpoint Security for Linux Threat Prevention tool. - rules: - - package_mcafeetp_installed - - agent_mfetpd_running - status: automated - - id: RHEL-09-211030 levels: - medium diff --git a/tests/data/profile_stability/rhel9/stig.profile b/tests/data/profile_stability/rhel9/stig.profile index c6a454371c0..82d055ad9a2 100644 --- a/tests/data/profile_stability/rhel9/stig.profile +++ b/tests/data/profile_stability/rhel9/stig.profile @@ -78,7 +78,6 @@ selections: - accounts_user_home_paths_only - accounts_user_interactive_home_directory_defined - accounts_user_interactive_home_directory_exists -- agent_mfetpd_running - aide_build_database - aide_check_audit_tools - aide_periodic_cron_checking @@ -386,7 +385,6 @@ selections: - package_gssproxy_removed - package_iprutils_removed - package_libreswan_installed -- package_mcafeetp_installed - package_nfs-utils_removed - package_nss-tools_installed - package_opensc_installed diff --git a/tests/data/profile_stability/rhel9/stig_gui.profile b/tests/data/profile_stability/rhel9/stig_gui.profile index 7e1b940cd0a..d2f36a33b81 100644 --- a/tests/data/profile_stability/rhel9/stig_gui.profile +++ b/tests/data/profile_stability/rhel9/stig_gui.profile @@ -90,7 +90,6 @@ selections: - accounts_user_home_paths_only - accounts_user_interactive_home_directory_defined - accounts_user_interactive_home_directory_exists -- agent_mfetpd_running - aide_build_database - aide_check_audit_tools - aide_periodic_cron_checking @@ -397,7 +396,6 @@ selections: - package_gssproxy_removed - package_iprutils_removed - package_libreswan_installed -- package_mcafeetp_installed - package_nss-tools_installed - package_opensc_installed - package_openssh-clients_installed From d7706031137330854662a75b84aaf2ebc3a0710d Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Thu, 26 Sep 2024 08:26:42 -0500 Subject: [PATCH 6/7] Update CCIs for dconf_gnome_disable_autorun --- .../gnome_media_settings/dconf_gnome_disable_autorun/rule.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml index cf0a80a8474..d2428459dc5 100644 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml @@ -36,7 +36,7 @@ references: cis@ubuntu2204: 1.8.8 cobit5: APO13.01,DSS01.04,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS06.03 cui: 3.1.7 - disa: CCI-000778,CCI-000366,CCI-001958 + disa: CCI-000366,CCI-001764,CCI-001958,CCI-000778 isa-62443-2009: 4.3.3.2.2,4.3.3.5.2,4.3.3.6.6,4.3.3.7.2,4.3.3.7.4 isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.4,SR 1.5,SR 1.9,SR 2.1,SR 2.6' iso27001-2013: A.11.2.6,A.13.1.1,A.13.2.1,A.6.2.1,A.6.2.2,A.7.1.1,A.9.2.1 From e068799dcded8793e84483c6ad4584cb02481192 Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Thu, 26 Sep 2024 08:27:47 -0500 Subject: [PATCH 7/7] Update CCI for configure_crypto_policy --- .../software/integrity/crypto/configure_crypto_policy/rule.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml index e9895420cb5..e5b8bd84f57 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml @@ -60,7 +60,7 @@ identifiers: cce@sle15: CCE-85776-3 references: - disa: CCI-002890,CCI-002450,CCI-003123 + disa: CCI-000068,CCI-003123,CCI-002450,CCI-000877,CCI-002418,CCI-001453,CCI-002890 hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.312(e)(1),164.312(e)(2)(ii) ism: "1446" nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1