CCI-000085 requires monitoring for unauthorized connections of mobile devices. The referenced rule disables the USB storage driver on the system.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/permissions/mounting.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/permissions/mounting.xml b/rhel6/src/input/system/permissions/mounting.xml index 569fd7a..ed270ed 100644 --- a/rhel6/src/input/system/permissions/mounting.xml +++ b/rhel6/src/input/system/permissions/mounting.xml @@ -57,7 +57,7 @@ software and other vulnerabilities. Support for these devices should be disabled the devices themselves should be tightly controlled.</rationale> <ident cce="4187-1" /> <oval id="kernel_module_usb-storage_disabled" /> -<ref nist="CM-6, CM-7" disa="1250" /> +<ref nist="CM-6, CM-7" disa="1250,85" /> </Rule> <Rule id="kernel_module_usb-storage_removed"> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
