[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30426 Download | Alert*

A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can b ...

The Ubuntu operating system must be configured so that Advance Package Tool (APT) removes all software components after updated versions have been installed. Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatica ...

Without reauthentication, users may access resources or perform tasks for which they do not have authorization.

Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the ad ...

The contents of /etc/motd file are displayed to users after login and function as a message of the day for authenticated users. Rationale: Warning messages inform users who are attempting to login to the system of their legal status regarding the system and must include the name of the organization that owns the system and any monitoring policies that are in place. Displaying OS and patch level i ...

Description: The `nodev` mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var filesystem is not intended to support devices, set this option to ensure that users cannot create a block or character special devices in /var . Audit: Verify that the `nodev` option is set if a `/var` partition exists.Run the following command and verify that nothing is re ...

Description: The `nodev` mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var/log filesystem is not intended to support devices, set this option to ensure that users cannot create a block or character special devices in /var/log . Audit: Verify that the `nodev` option is set if a `/var` partition exists.Run the following command and verify that nothi ...

Description: The `nosuid` mount option specifies that the filesystem cannot contain `setuid` files. Rationale: Setting this option on a file system prevents users from introducing privileged programs onto the system and allowing non-root users to execute them. Audit: Verify that the `nosuid` option is set if a `/var/log` partition exists.Run the following command and verify that nothing is returne ...

Sudo caches used credentials for a default of 15 minutes. This is for ease of use when there are multiple administrative tasks to perform. The timeout can be modified to suit local security policies. If the value is set to an integer less than 0, the user's time stamp will not expire and the user will not have to re-authenticate for privileged actions until the user's session is terminated.

Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the information system (e.g., module or policy filter). Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-0000 ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   3042

© SecPod Technologies