CCI-000085 requires monitoring for unauthorized connections of mobile devices. The referenced rule disables booting from a USB device.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/permissions/mounting.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/permissions/mounting.xml b/rhel6/src/input/system/permissions/mounting.xml index 8436498..7df811a 100644 --- a/rhel6/src/input/system/permissions/mounting.xml +++ b/rhel6/src/input/system/permissions/mounting.xml @@ -111,7 +111,7 @@ any security measures offered by the native OS. Attackers could mount partitions configuration of the native OS. The BIOS should be configured to disallow booting from USB media.</rationale> <ident cce="3944-6" /> <!-- <oval id="bios_disable_usb_boot" /> --> -<ref nist="CM-6, CM-7" disa="1250" /> +<ref nist="CM-6, CM-7" disa="1250,85" /> </Rule> <Rule id="service_autofs_disabled"> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
