| Checked | Name | Title |
|---|
| ☐ | SV-99003r1_rule | The SLES for vRealize must provide automated mechanisms for supporting account management functions. |
| ☐ | SV-99005r1_rule | The SLES for vRealize must automatically remove or disable temporary user accounts after 72 hours. |
| ☐ | SV-99007r1_rule | The SLES for vRealize must audit all account creations. |
| ☐ | SV-99009r1_rule | In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications, any unexpected users, groups, or modifications must be investigated for legitimacy. |
| ☐ | SV-99011r1_rule | The SLES for vRealize must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. |
| ☐ | SV-99013r1_rule | The SLES for vRealize must display the Standard Mandatory DoD Notice and Consent Banner before granting access via SSH. |
| ☐ | SV-99015r1_rule | The SLES for vRealize must limit the number of concurrent sessions to ten for all accounts and/or account types. |
| ☐ | SV-99017r1_rule | The SLES for vRealize must initiate a session lock after a 15-minute period of inactivity for all connection types. |
| ☐ | SV-99019r1_rule | The SLES for vRealize must initiate a session lock after a 15-minute period of inactivity for an SSH connection. |
| ☐ | SV-99021r1_rule | The SLES for vRealize must monitor remote access methods - SSH Daemon. |
| ☐ | SV-99023r1_rule | The SLES for vRealize must implement DoD-approved encryption to protect the confidentiality of remote access sessions - SSH Daemon. |
| ☐ | SV-99025r1_rule | The SLES for vRealize must implement DoD-approved encryption to protect the confidentiality of remote access sessions - SSH Client. |
| ☐ | SV-99027r1_rule | The SLES for vRealize must produce audit records. |
| ☐ | SV-99029r1_rule | The SLES for vRealize must alert the ISSO and SA (at a minimum) in the event of an audit processing failure. |
| ☐ | SV-99031r1_rule | The SLES for vRealize must shut down by default upon audit failure (unless availability is an overriding concern). |
| ☐ | SV-99033r1_rule | The SLES for vRealize must protect audit information from unauthorized read access - ownership. |
| ☐ | SV-99035r1_rule | The SLES for vRealize must protect audit information from unauthorized read access - group ownership. |
| ☐ | SV-99037r1_rule | The SLES for vRealize must protect audit information from unauthorized modification. |
| ☐ | SV-99039r1_rule | The SLES for vRealize must protect audit information from unauthorized deletion. |
| ☐ | SV-99041r1_rule | The SLES for vRealize must protect audit information from unauthorized deletion - log directories. |
| ☐ | SV-99043r1_rule | The SLES for vRealize audit system must be configured to audit all administrative, privileged, and security actions. |
| ☐ | SV-99045r1_rule | The SLES for vRealize audit system must be configured to audit all attempts to alter system time through adjtimex. |
| ☐ | SV-99047r1_rule | The SLES for vRealize audit system must be configured to audit all attempts to alter system time through settimeofday. |
| ☐ | SV-99049r1_rule | The SLES for vRealize audit system must be configured to audit all attempts to alter system time through stime. |
| ☐ | SV-99051r1_rule | The SLES for vRealize audit system must be configured to audit all attempts to alter system time through clock_settime. |
| ☐ | SV-99053r1_rule | The SLES for vRealize audit system must be configured to audit all attempts to alter system time through /etc/localtime. |
| ☐ | SV-99055r1_rule | The SLES for vRealize audit system must be configured to audit all attempts to alter the system through sethostname. |
| ☐ | SV-99057r1_rule | The SLES for vRealize audit system must be configured to audit all attempts to alter the system through setdomainname. |
| ☐ | SV-99059r1_rule | The SLES for vRealize must be configured to audit all attempts to alter the system through sched_setparam. |
| ☐ | SV-99061r1_rule | The SLES for vRealize must be configured to audit all attempts to alter the system through sched_setscheduler. |
| ☐ | SV-99063r1_rule | The SLES for vRealize must be configured to audit all attempts to alter /var/log/faillog. |
| ☐ | SV-99065r1_rule | The SLES for vRealize must be configured to audit all attempts to alter /var/log/lastlog. |
| ☐ | SV-99067r1_rule | The SLES for vRealize must be configured to audit all attempts to alter /var/log/tallylog. |
| ☐ | SV-99069r1_rule | The SLES for vRealize must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited - Permissions. |
| ☐ | SV-99071r1_rule | The SLES for vRealize must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited - ownership. |
| ☐ | SV-99073r1_rule | The SLES for vRealize must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited - group ownership. |
| ☐ | SV-99075r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The operating system must generate audit records for all discretionary access control permission modifications using chmod. |
| ☐ | SV-99077r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using chown. |
| ☐ | SV-99079r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using fchmod. |
| ☐ | SV-99081r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using fchmodat. |
| ☐ | SV-99083r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using fchown. |
| ☐ | SV-99085r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using fchownat. |
| ☐ | SV-99087r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using fremovexattr. |
| ☐ | SV-99089r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using fsetxattr. |
| ☐ | SV-99091r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using lchown. |
| ☐ | SV-99093r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using lremovexattr. |
| ☐ | SV-99095r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using lsetxattr. |
| ☐ | SV-99097r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using removexattr. |
| ☐ | SV-99099r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all discretionary access control permission modifications using setxattr. |
| ☐ | SV-99101r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access privileges occur. The SLES for vRealize must generate audit records for all failed attempts to access files and programs. |
| ☐ | SV-99103r1_rule | The SLES for vRealize must enforce password complexity by requiring that at least one upper-case character be used. |
| ☐ | SV-99105r1_rule | Global settings defined in common- {account,auth,password,session} must be applied in the pam.d definition files. |
| ☐ | SV-99107r1_rule | The SLES for vRealize must enforce password complexity by requiring that at least one lower-case character be used. |
| ☐ | SV-99109r1_rule | The SLES for vRealize must enforce password complexity by requiring that at least one numeric character be used. |
| ☐ | SV-99111r1_rule | The SLES for vRealize must require the change of at least eight of the total number of characters when passwords are changed. |
| ☐ | SV-99113r1_rule | The SLES for vRealize must store only encrypted representations of passwords. |
| ☐ | SV-99115r1_rule | SLES for vRealize must enforce 24 hours/1 day as the minimum password lifetime. |
| ☐ | SV-99117r1_rule | Users must not be able to change passwords more than once every 24 hours. |
| ☐ | SV-99119r1_rule | SLES for vRealize must enforce a 60-day maximum password lifetime restriction. |
| ☐ | SV-99121r1_rule | User passwords must be changed at least every 60 days. |
| ☐ | SV-99123r1_rule | The SLES for vRealize must prohibit password reuse for a minimum of five generations. |
| ☐ | SV-99125r1_rule | The SLES for vRealize must prohibit password reuse for a minimum of five generations. Ensure the old passwords are being stored. |
| ☐ | SV-99127r1_rule | The SLES for vRealize must enforce a minimum 15-character password length. |
| ☐ | SV-99129r1_rule | The SLES for vRealize must require root password authentication upon booting into single-user mode. |
| ☐ | SV-99131r1_rule | Bootloader authentication must be enabled to prevent users without privilege to gain access restricted file system resources. |
| ☐ | SV-99133r1_rule | The SLES for the vRealize boot loader configuration file(s) must have mode 0600 or less permissive. |
| ☐ | SV-99135r1_rule | The SLES for the vRealize boot loader configuration files must be owned by root. |
| ☐ | SV-99137r1_rule | The SLES for the vRealize boot loader configuration file(s) must be group-owned by root, bin, sys, or system. |
| ☐ | SV-99139r1_rule | The Bluetooth protocol handler must be disabled or not installed. |
| ☐ | SV-99141r1_rule | The SLES for vRealize must have USB Mass Storage disabled unless needed. |
| ☐ | SV-99143r1_rule | The SLES for vRealize must have USB disabled unless needed. |
| ☐ | SV-99145r1_rule | The telnet-server package must not be installed. |
| ☐ | SV-99147r1_rule | The rsh-server package must not be installed. |
| ☐ | SV-99149r1_rule | The ypserv package must not be installed. |
| ☐ | SV-99151r1_rule | The yast2-tftp-server package must not be installed. |
| ☐ | SV-99153r1_rule | The Datagram Congestion Control Protocol (DCCP) must be disabled unless required. |
| ☐ | SV-99155r1_rule | The Stream Control Transmission Protocol (SCTP) must be disabled unless required. |
| ☐ | SV-99157r1_rule | The Reliable Datagram Sockets (RDS) protocol must be disabled or not installed unless required. |
| ☐ | SV-99159r1_rule | The Transparent Inter-Process Communication (TIPC) must be disabled or not installed. |
| ☐ | SV-99161r1_rule | The xinetd service must be disabled if no network services utilizing it are enabled. |
| ☐ | SV-99163r1_rule | The ypbind service must not be running if no network services utilizing it are enabled. |
| ☐ | SV-99165r1_rule | NIS/NIS+/yp files must be owned by root, sys, or bin. |
| ☐ | SV-99167r1_rule | The NIS/NIS+/yp command files must have mode 0755 or less permissive. |
| ☐ | SV-99169r1_rule | The SLES for vRealize must not use UDP for NIS/NIS+. |
| ☐ | SV-99171r1_rule | NIS maps must be protected through hard-to-guess domain names. |
| ☐ | SV-99173r1_rule | Mail relaying must be restricted. |
| ☐ | SV-99175r1_rule | The alias files must be owned by root. |
| ☐ | SV-99177r1_rule | The alias files must be group-owned by root, or a system group. |
| ☐ | SV-99179r1_rule | The alias files must have mode 0644 or less permissive. |
| ☐ | SV-99181r1_rule | Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root. |
| ☐ | SV-99183r1_rule | Files executed through a mail aliases file must be group-owned by root, bin, sys, or system, and must reside within a directory group-owned by root, bin, sys, or system. |
| ☐ | SV-99185r1_rule | Files executed through a mail aliases file must have mode 0755 or less permissive. |
| ☐ | SV-99187r1_rule | Sendmail logging must not be set to less than nine in the sendmail.cf file. |
| ☐ | SV-99189r1_rule | The system syslog service must log informational and more severe SMTP service messages. |
| ☐ | SV-99191r1_rule | The SMTP service log files must be owned by root. |
| ☐ | SV-99193r1_rule | The SMTP service log file must have mode 0644 or less permissive. |
| ☐ | SV-99195r1_rule | The SMTP service HELP command must not be enabled. |
| ☐ | SV-99197r1_rule | The SMTP services SMTP greeting must not provide version information. |
| ☐ | SV-99199r1_rule | The SMTP service must not use .forward files. |
| ☐ | SV-99201r1_rule | The SMTP service must not have the EXPN feature active. |
| ☐ | SV-99203r1_rule | The SMTP service must not have the VRFY feature active. |
| ☐ | SV-99205r1_rule | The Lightweight User Datagram Protocol (UDP-Lite) must be disabled unless required. |
| ☐ | SV-99207r1_rule | The Internetwork Packet Exchange (IPX) protocol must be disabled or not installed. |
| ☐ | SV-99209r1_rule | The AppleTalk protocol must be disabled or not installed. |
| ☐ | SV-99211r1_rule | The DECnet protocol must be disabled or not installed. |
| ☐ | SV-99213r1_rule | Proxy Neighbor Discovery Protocol (NDP) must not be enabled on SLES for vRealize. |
| ☐ | SV-99215r1_rule | The SLES for vRealize must not have 6to4 enabled. |
| ☐ | SV-99217r1_rule | The SLES for vRealize must not have Teredo enabled. |
| ☐ | SV-99219r1_rule | The DHCP client must be disabled if not needed. |
| ☐ | SV-99221r1_rule | The SLES for vRealize must have IEEE 1394 (Firewire) disabled unless needed. |
| ☐ | SV-99223r1_rule | Duplicate User IDs (UIDs) must not exist for users within the organization. |
| ☐ | SV-99225r1_rule | The SLES for vRealize must prevent direct logon into the root account. |
| ☐ | SV-99227r1_rule | The SLES for vRealize must enforce SSHv2 for network access to privileged accounts. |
| ☐ | SV-99229r1_rule | The SLES for vRealize must enforce SSHv2 for network access to non-privileged accounts. |
| ☐ | SV-99231r1_rule | The SLES for vRealize must disable account identifiers of individuals and roles (such as root) after 35 days of inactivity after password expiration. |
| ☐ | SV-99233r1_rule | The SLES for vRealize must use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module. |
| ☐ | SV-99235r1_rule | The SLES for vRealize must uniquely identify and must authenticate non-organizational users (or processes acting on behalf of non-organizational users). |
| ☐ | SV-99237r1_rule | The SLES for vRealize must uniquely identify and must authenticate non-organizational users (or processes acting on behalf of non-organizational users). |
| ☐ | SV-99239r1_rule | The SLES for vRealize must be configured such that emergency administrator accounts are never automatically removed or disabled. |
| ☐ | SV-99241r1_rule | The SLES for vRealize must employ strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions. |
| ☐ | SV-99243r1_rule | The SLES for vRealize must terminate all sessions and network connections related to nonlocal maintenance when nonlocal maintenance is completed. |
| ☐ | SV-99245r1_rule | The SLES for vRealize must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service (DoS) attacks. |
| ☐ | SV-99247r1_rule | The SLES for vRealize must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service (DoS) attacks. |
| ☐ | SV-99249r1_rule | The SLES for vRealize must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for user sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity, except to fulfill documented and validated mission requirements. |
| ☐ | SV-99251r1_rule | The /var/log directory must be group-owned by root. |
| ☐ | SV-99253r1_rule | The /var/log directory must be owned by root. |
| ☐ | SV-99255r1_rule | The /var/log directory must have mode 0750 or less permissive. |
| ☐ | SV-99257r1_rule | The /var/log/messages file must be group-owned by root. |
| ☐ | SV-99259r1_rule | The /var/log/messages file must be owned by root. |
| ☐ | SV-99261r1_rule | The /var/log/messages file must have mode 0640 or less permissive. |
| ☐ | SV-99263r1_rule | The SLES for vRealize must reveal error messages only to authorized users. |
| ☐ | SV-99265r1_rule | The SLES for vRealize must reveal error messages only to authorized users. |
| ☐ | SV-99267r1_rule | The SLES for vRealize must reveal error messages only to authorized users. |
| ☐ | SV-99269r1_rule | Any publically accessible connection to the SLES for vRealize must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system. |
| ☐ | SV-99271r1_rule | The SLES for vRealize must audit all account modifications. |
| ☐ | SV-99273r1_rule | The SLES for vRealize must audit all account modifications. |
| ☐ | SV-99275r1_rule | The SLES for vRealize must audit all account-disabling actions. |
| ☐ | SV-99277r1_rule | The SLES for vRealize must audit all account removal actions. |
| ☐ | SV-99279r1_rule | The SLES for vRealize must implement cryptography to protect the integrity of remote access sessions. |
| ☐ | SV-99281r1_rule | The SLES for vRealize must initiate session audits at system start-up. |
| ☐ | SV-99283r1_rule | The SLES for vRealize must produce audit records containing information to establish the identity of any individual or process associated with the event. |
| ☐ | SV-99285r1_rule | The SLES for vRealize must protect audit tools from unauthorized access. |
| ☐ | SV-99287r1_rule | The SLES for vRealize must protect audit tools from unauthorized modification. |
| ☐ | SV-99289r1_rule | The SLES for vRealize must protect audit tools from unauthorized deletion. |
| ☐ | SV-99291r1_rule | The SLES for vRealize must enforce password complexity by requiring that at least one special character be used. |
| ☐ | SV-99293r1_rule | The SLES for vRealize must notify System Administrators and Information Systems Security Officer when accounts are created. |
| ☐ | SV-99295r1_rule | The SLES for vRealize must notify System Administrators and Information System Security Officers when accounts are modified. |
| ☐ | SV-99297r1_rule | The SLES for vRealize must notify System Administrators and Information System Security Officers when accounts are disabled. |
| ☐ | SV-99299r1_rule | The SLES for vRealize must notify System Administrators and Information System Security Officers when accounts are removed. |
| ☐ | SV-99301r1_rule | The SLES for vRealize must use cryptographic mechanisms to protect the integrity of audit tools. |
| ☐ | SV-99303r1_rule | The SLES for vRealize must automatically terminate a user session after inactivity time-outs have expired or at shutdown. |
| ☐ | SV-99305r1_rule | The SLES for vRealize must control remote access methods. |
| ☐ | SV-99307r1_rule | The SLES for vRealize must audit all account enabling actions. |
| ☐ | SV-99309r1_rule | The SLES for vRealize must notify System Administrators and Information System Security Officers when accounts are created, or enabled when previously disabled. |
| ☐ | SV-99311r1_rule | The SLES for vRealize must audit the execution of privileged functions. |
| ☐ | SV-99313r1_rule | The SLES for vRealize must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts in 15 minutes occur. |
| ☐ | SV-99315r1_rule | The SLES for vRealize must off-load audit records onto a different system or media from the system being audited. |
| ☐ | SV-99317r1_rule | The SLES for vRealize must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. |
| ☐ | SV-99319r1_rule | The SLES for vRealize must provide an immediate real-time alert to the SA and ISSO, at a minimum, of all audit failure events requiring real-time alerts. |
| ☐ | SV-99321r1_rule | The SLES for vRealize must, for networked systems, compare internal information system clocks at least every 24 hours with a server which is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS). |
| ☐ | SV-99323r1_rule | The time synchronization configuration file (such as /etc/ntp.conf) must be owned by root. |
| ☐ | SV-99325r1_rule | The time synchronization configuration file (such as /etc/ntp.conf) must be group-owned by root, bin, sys, or system. |
| ☐ | SV-99327r1_rule | The time synchronization configuration file (such as /etc/ntp.conf) must have mode 0640 or less permissive. |
| ☐ | SV-99329r1_rule | The SLES for vRealize must synchronize internal information system clocks to the authoritative time source when the time difference is greater than one second. |
| ☐ | SV-99331r1_rule | The SLES for vRealize must notify designated personnel if baseline configurations are changed in an unauthorized manner. |
| ☐ | SV-99333r1_rule | The SLES for vRealize must audit the enforcement actions used to restrict access associated with changes to the system. |
| ☐ | SV-99335r1_rule | The RPM package management tool must cryptographically verify the authenticity of all software packages during installation. |
| ☐ | SV-99337r1_rule | The SLES for vRealize must audit all activities performed during nonlocal maintenance and diagnostic sessions. |
| ☐ | SV-99339r1_rule | The SLES for vRealize must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications, when used for nonlocal maintenance sessions. |
| ☐ | SV-99341r1_rule | The SLES for vRealize must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications, when used for nonlocal maintenance sessions. |
| ☐ | SV-99343r1_rule | The SLES for vRealize must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. |
| ☐ | SV-99345r1_rule | The SLES for vRealize must protect the confidentiality and integrity of transmitted information. |
| ☐ | SV-99347r1_rule | The SLES for vRealize must implement cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution System (PDS). |
| ☐ | SV-99349r1_rule | The SLES for vRealize must implement non-executable data to protect its memory from unauthorized code execution. |
| ☐ | SV-99351r1_rule | The SLES for vRealize must implement address space layout randomization to protect its memory from unauthorized code execution. |
| ☐ | SV-99353r1_rule | The SLES for vRealize must shut down the information system, restart the information system, and/or notify the system administrator when anomalies in the operation of any security functions are discovered. |
| ☐ | SV-99355r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access security objects occur. |
| ☐ | SV-99357r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to access categories of information (e.g., classification levels) occur. |
| ☐ | SV-99359r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to modify privileges occur. |
| ☐ | SV-99361r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to modify security objects occur. |
| ☐ | SV-99363r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to modify categories of information (e.g., classification levels) occur. |
| ☐ | SV-99365r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to delete privileges occur. |
| ☐ | SV-99367r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to delete security levels occur. |
| ☐ | SV-99369r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful attempts to delete security objects occur. |
| ☐ | SV-99371r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful logon attempts occur. |
| ☐ | SV-99373r1_rule | The SLES for vRealize must generate audit records for privileged activities or other system-level access. |
| ☐ | SV-99375r1_rule | The SLES for vRealize audit system must be configured to audit the loading and unloading of dynamic kernel modules. |
| ☐ | SV-99377r1_rule | The SLES for vRealize must generate audit records showing starting and ending time for user access to the system. |
| ☐ | SV-99379r1_rule | The SLES for vRealize must generate audit records when concurrent logons to the same account occur from different sources. |
| ☐ | SV-99381r1_rule | The SLES for vRealize must generate audit records when successful/unsuccessful accesses to objects occur. |
| ☐ | SV-99383r1_rule | The SLES for vRealize audit system must be configured to audit failed attempts to access files and programs. |
| ☐ | SV-99385r1_rule | The SLES for vRealize audit system must be configured to audit failed attempts to access files and programs. |
| ☐ | SV-99387r1_rule | The SLES for vRealize audit system must be configured to audit failed attempts to access files and programs. |
| ☐ | SV-99389r1_rule | The SLES for vRealize audit system must be configured to audit failed attempts to access files and programs. |
| ☐ | SV-99391r1_rule | The SLES for vRealize audit system must be configured to audit failed attempts to access files and programs. |
| ☐ | SV-99393r1_rule | The SLES for vRealize audit system must be configured to audit user deletions of files and programs. |
| ☐ | SV-99395r1_rule | The SLES for vRealize audit system must be configured to audit file deletions. |
| ☐ | SV-99397r1_rule | Audit logs must be rotated daily. |
| ☐ | SV-99399r1_rule | The SLES for vRealize must generate audit records for all direct access to the information system. |
| ☐ | SV-99401r1_rule | The SLES for vRealize must generate audit records for all account creations, modifications, disabling, and termination events. |
| ☐ | SV-99403r1_rule | The SLES for vRealize must generate audit records for all kernel module load, unload, and restart actions, and also for all program initiations. |
| ☐ | SV-99405r1_rule | The SLES for vRealize must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. |
| ☐ | SV-99407r1_rule | The SLES for vRealize must, at a minimum, off-load interconnected systems in real time and off-load standalone systems weekly. |
| ☐ | SV-99409r1_rule | The SLES for vRealize must prevent the use of dictionary words for passwords. |
| ☐ | SV-99411r1_rule | The SLES for vRealize must prevent the use of dictionary words for passwords. |
| ☐ | SV-99413r1_rule | The SLES for vRealize must prevent the use of dictionary words for passwords. |
| ☐ | SV-99415r1_rule | The SLES for vRealize must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. |
| ☐ | SV-99417r1_rule | The SLES for vRealize must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. |
| ☐ | SV-99419r1_rule | The SLES for vRealize must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. |
| ☐ | SV-99421r1_rule | The SLES for vRealize must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. |
| ☐ | SV-99423r1_rule | The SLES for vRealize must define default permissions for all authenticated users in such a way that the user can only read and modify their own files. |
STIGQter: STIG Summary: