Add noexec Option to Removable Media Partitions The 'noexec' mount option prevents the direct execution of binaries on the mounted filesystem. Preventing the direct execution of binaries from removable media (such as a USB key) provides a defense against malicious software that may be present on such untrusted media. Add the 'noexec' option to the fourth column of '/etc/fstab' for the line which controls mounting of any removable media partitions. Rationale: Allowing users to execute binaries from removable media such as USB keys exposes the system to potential compromise. Fix: No Remediation Info oval:org.secpod.oval:def:30304 oval:org.secpod.oval:def:31027 SCAP Repo OVAL Definition 2015-11-13