STIG Rules List - 2

CCE Number

Rule Name

Control Group

Default Status

Passed/Exception

CCE-82197-5

Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD

N/A

disabled

Exception

N/A

The operating system must require Re-Authentication when using the sudo command. Ensure sudo timestamp_timeout is appropriate - sudo timestamp_timeout

N/A

disabled

Exception

CCE-83425-9

The operating system must restrict privilege elevation to authorized personnel

N/A

enabled

Passed

CCE-86377-9

Ensure sudo only includes the default configuration directory

N/A

enabled

Passed

CCE-83422-6

Ensure invoking users password for privilege escalation when using sudo

N/A

N/A

Exception

CCE-82943-2

Uninstall gssproxy Package

N/A

N/A

Exception

CCE-82946-5

Uninstall iprutils Package

N/A

N/A

Exception

CCE-82931-7

Uninstall krb5-workstation Package

N/A

N/A

N/A

CCE-82904-4

Uninstall tuned Package

N/A

N/A

Exception

CCE-80865-9

Ensure Software Patches Installed

N/A

enabled

Passed

CCE-80768-5

Enable GNOME3 Login Warning Banner

N/A

N/A

N/A

CCE-80770-1

Set the GNOME3 Login Warning Banner Text

N/A

N/A

N/A

CCE-80763-6

Modify the System Login Banner

ssh

enabled

EXCEPTION

CCE-86248-2

An SELinux Context must be configured for the pam_faillock.so records directory

auth

enabled

Passed

CCE-83478-8

Limit Password Reuse: password-auth

N/A

N/A

Exception

CCE-83480-4

Limit Password Reuse: system-auth

N/A

N/A

Exception

CCE-86099-9

Account Lockouts Must Be Logged

N/A

N/A

Exception

CCE-80667-9

Lock Accounts After Failed Password Attempts

N/A

N/A

Exception

CCE-80668-7

Configure the root Account for Failed Password Attempts

N/A

N/A

Exception

CCE-86067-6

Lock Accounts Must Persist

N/A

N/A

Exception

CCE-80669-5

Set Interval For Counting Failed Password Attempts

N/A

N/A

Exception