Ensure events that modify user/group information are collected – /etc/gshadow
Details Record events affecting the group , passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on...
- Home
- Security Hardening
- CIS Debian 9 Workstation L2 V1.0.1
CIS Debian 9 Workstation L2 V1.0.1
Ensure events that modify user/group information are collected – /etc/passwd
Details Record events affecting the group , passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on...Ensure events that modify user/group information are collected – /etc/security/opasswd
Details Record events affecting the group , passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on...Ensure events that modify user/group information are collected – /etc/shadow
Details Record events affecting the group , passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on...Ensure no unconfined daemons exist
Details Daemons that are not defined in SELinux policy will inherit the security context of their parent process. Rationale: Since...Ensure SELinux is enabled in the bootloader configuration – security=selinux
Details Configure SELINUX to be enabled at boot time and verify that it has not been overwritten by the grub...Ensure SELinux is enabled in the bootloader configuration – selinux = 1
Details Configure SELINUX to be enabled at boot time and verify that it has not been overwritten by the grub...Ensure SELinux or AppArmor are installed
Details SELinux and AppArmor provide Mandatory Access Controls. Rationale: Without a Mandatory Access Control system installed only the default Discretionary...Ensure SELinux policy is configured
Details Configure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only. Rationale: Security...Ensure separate partition exists for /home
Details The /home directory is used to support disk storage needs of local users. Rationale: If the system is intended...