Control updates introduced for Red Hat Enterprise Linux 7 STIG, Version 3, Release 12
The Compliance Enforcement Module (CEM) for Linux v1.7.0 introduces enforcement for an updated Security Technical Implementation Guide (STIG) standard: Red Hat Enterprise Linux STIG 7 - Version 3, Release 12. The transition from the previously supported version (Version 3, Release 8) resulted in module updates.
-
Added
- The following controls are added to the module:
- V-255925 - The Red Hat Enterprise Linux operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.
- V-255926 - The Red Hat Enterprise Linux operating system must have the screen package installed.
- V-255927 - The Red Hat Enterprise Linux operating system must restrict access to the kernel message buffer.
- V-255928 - The Red Hat Enterprise Linux
operating system must be configured to prevent overwriting
of custom authentication configuration settings by the
authconfigutility. - V-256969 - The Red Hat Enterprise Linux operating system must disable the login screen user list for graphical user interfaces.
- V-256970 - The Red Hat Enterprise Linux operating system must be configured to allow sending email notifications of configuration changes and adverse events to designated personnel.
- The following controls are added to the module: