Download
| Alert*
CCE-26638-7
Implement Blank Screen Saver setting should be configured appropriately. CCE-26282-4 Set SSH Client Alive Count setting should be configured appropriately. CCE-27002-5 Set Password Minimum Length in login.defs setting should be configured appropriately. CCE-26975-3 Verify Group Who Owns gshadow File setting should be configured appropriately. CCE-26709-6 Ensure gpgcheck Enabled In Main Yum Configuration setting should be configured appropriately. CCE-26544-7 Disable Mounting of freevxfs setting should be configured appropriately. CCE-26969-6 Ensure SELinux State is Enforcing setting should be configured appropriately. CCE-26242-8 Record attempts to alter time through adjtimex setting should be configured appropriately. CCE-26807-8 The rsyslog service provides syslog-style logging by default on CentOS 6. The rsyslog service can be enabled with the following command: # chkconfig --level 2345 rsyslog on CCE-26856-5 Verify Group Who Owns passwd File setting should be configured appropriately. CCE-26325-1 Enable Postfix Service setting should be configured appropriately. CCE-26555-3 Use Only Approved Ciphers setting should be configured appropriately. CCE-26947-2 Verify User Who Owns shadow File setting should be configured appropriately. CCE-27091-8 Disable Host-Based Authentication setting should be configured appropriately. CCE-26670-0 Disable Mounting of jffs2 setting should be configured appropriately. CCE-27026-4 Verify User Who Owns gshadow File setting should be configured appropriately. CCE-26340-0 Disable Mounting of cramfs setting should be configured appropriately. CCE-26822-7 Verify User Who Owns group File setting should be configured appropriately. CCE-26868-0 Verify Permissions on passwd File setting should be configured appropriately. CCE-26930-8 Verify Group Who Owns group File setting should be configured appropriately. CCE-27013-2 The PASS_MIN_DAYS parameter in /etc/login.defs allows an administrator to prevent users from changing their password until a minimum number of days have passed since the last time the user changed their password. It is recommended that PASS_MIN_DAYS parameter be set to 7 or more days. Rationale: By ... CCE-26985-2 The PASS_MAX_DAYS parameter in /etc/login.defs allows an administrator to force passwords to expire once they reach a defined age. It is recommended that the PASS_MAX_DAYS parameter be set to less than or equal to 60 days. Rationale: The window of opportunity for an attacker to leverage compromised ... |