Ensure system is disabled when audit logs are full – space_left_action = halt
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...
- Home
- Security Hardening
- CIS CentOS Linux 8 Workstation L2 V1.0.1
CIS CentOS Linux 8 Workstation L2 V1.0.1
Ensure system is disabled when audit logs are full – space_left_action = root
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system-wide crypto policy is FUTURE or FIPS
Details The system-wide crypto-policies followed by the crypto core components allow consistently deprecating and disabling algorithms system-wide. The individual policy...Ensure the MCS Translation Service (mcstrans) is not installed
Details The mcstransd daemon provides category label information to client processes requesting information. The label translations are defined in /etc/selinux/targeted/setrans.conf...Ensure the SELinux state is enforcing – Current mode: enforcing
Details Set SELinux to enable when the system is booted. Rationale: SELinux must be enabled at boot time to ensure...Ensure the SELinux state is enforcing – /etc/selinux/config
Details Set SELinux to enable when the system is booted. Rationale: SELinux must be enabled at boot time to ensure...Ensure the SELinux state is enforcing – SELinux status: enabled
Details Set SELinux to enable when the system is booted. Rationale: SELinux must be enabled at boot time to ensure...Ensure the SELinux state is enforcing – Mode from config file: enforcing
Details Set SELinux to enable when the system is booted. Rationale: SELinux must be enabled at boot time to ensure...Ensure TIPC is disabled – lsmod
Details The Transparent Inter-Process Communication (TIPC) protocol is designed to provide communication between cluster nodes. Rationale: If the protocol is...Ensure TIPC is disabled – modprobe
Details The Transparent Inter-Process Communication (TIPC) protocol is designed to provide communication between cluster nodes. Rationale: If the protocol is...