Ensure session initiation information is collected – utmp
Details Monitor session initiation events. The parameters in this section track changes to the files associated with session events. The...
- Home
- Security Hardening
- CIS Red Hat Enterprise Linux 7 STIG V2.0.0 L2 Server
CIS Red Hat Enterprise Linux 7 STIG V2.0.0 L2 Server
Ensure session initiation information is collected – wtmp
Details Monitor session initiation events. The parameters in this section track changes to the files associated with session events. The...Ensure system administrator command executions (sudo) are collected – 32 bit
Details sudo provides users with temporary elevated privileges to perform operations. Monitor the administrator with temporary elevated privileges and the...Ensure system administrator command executions (sudo) are collected – 32 bit auditctl
Details sudo provides users with temporary elevated privileges to perform operations. Monitor the administrator with temporary elevated privileges and the...Ensure system administrator command executions (sudo) are collected – 64 bit
Details sudo provides users with temporary elevated privileges to perform operations. Monitor the administrator with temporary elevated privileges and the...Ensure system administrator command executions (sudo) are collected – 64 bit auditctl
Details sudo provides users with temporary elevated privileges to perform operations. Monitor the administrator with temporary elevated privileges and the...Ensure system is disabled when audit logs are full – ‘action_mail_acct = root’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system is disabled when audit logs are full – ‘admin_space_left_action = halt’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system is disabled when audit logs are full – ‘space_left_action = email’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure the SELinux mode is enforcing – /etc/selinux/config
Details SELinux can run in one of three modes: disabled, permissive, or enforcing: Enforcing – Is the default, and recommended,...