Details
Set SELinux to enable when the system is booted.
Rationale:
SELinux must be enabled at boot time in to ensure that the controls it provides are in effect at all times. If the system is running, resetting the config file may cause some risks.
Solution
Edit the /etc/selinux/config file to set the SELINUX parameter:
SELINUX=enforcing
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.