Signed-off-by: Jeffrey Blank <[email protected]>
---
RHEL6/input/auxiliary/alt-titles-stig.xml | 24 ++++++++++++++++++------
RHEL6/input/auxiliary/srg_support.xml | 6 +++---
2 files changed, 21 insertions(+), 9 deletions(-)
diff --git a/RHEL6/input/auxiliary/alt-titles-stig.xml
b/RHEL6/input/auxiliary/alt-titles-stig.xml
index d91f4c2..915bd1a 100644
--- a/RHEL6/input/auxiliary/alt-titles-stig.xml
+++ b/RHEL6/input/auxiliary/alt-titles-stig.xml
@@ -724,17 +724,29 @@ There must be no world-writable files on the system.
</title>
<title rule="unmet_impractical_product" shorttitle="Product Does Not Meet this
Requirement Due to Impracticality or Scope">
This requirement must be satisfied via an external application or server.
-</title>
+</title>
<title rule="unmet_impractical_guidance" shorttitle="Guidance Does Not Meet
this Requirement Due to Impracticality or Scope">
This requirement must be satisfied via an external application, policy, or
service.
-</title>
+</title>
<title rule="requirement_unclear" shorttitle="Implementation of the
Requirement is Unclear">
This requirement must be clarified.
-</title>
-<title rule="new_rule_needed" shorttitle="A New Policy/Manual? Rule is
Needed.">
-This rule remains to be written.
-</title>
+</title>
<title rule="met_inherently" shorttitle="Product Meets This Requirement">
The system can not be configured not to meet this requirement.
</title>
+<title rule="encrypt_partitions" shorttitle="Encrypt Partitions">
+The operating system must employ cryptographic mechanisms to protect
information in storage.
+</title>
+<title rule="set_daemon_umask" shorttitle="Set Daemon Umask">
+The system default umask for daemons must be 027 or 022.
+</title>
+<title rule="service_postfix_enable" shorttitle="Enable Postfix Service">
+The postfix service must be enabled for mail delivery.
+</title>
+<title rule="snmpd_use_newer_protocol" shorttitle="Configure SNMP Service to
Use Only SNMPv3 or Newer ">
+The snmpd service must use only SNMP protocol version 3 or newer.
+</title>
+<title rule="snmpd_not_default_password" shorttitle="Ensure Default Password
Is Not Used">
+The snmpd service must not use a default password.
+</title>
</titles>
diff --git a/RHEL6/input/auxiliary/srg_support.xml
b/RHEL6/input/auxiliary/srg_support.xml
index 849e23b..7e00479 100644
--- a/RHEL6/input/auxiliary/srg_support.xml
+++ b/RHEL6/input/auxiliary/srg_support.xml
@@ -21,7 +21,7 @@ compliance. This is a permanent not a finding.
<description>
This requirement is permanent not a finding. No fix is required.
</description>
-<ref
disa="56,1084,42,66,135,223,131,132,133,134,85,159,1694,770,804,162,163,164,345,346,1493,1494,1495,1096,1111,1291,386,156,186,1083,1082,1090,804,1248,1265,1314,1362,1368,1310,1311,1328,1399,1400,1425,1427,1499,1693,1665,1674,206"
/>
+<ref
disa="56,130,1084,42,66,86,135,185,223,131,132,133,134,85,159,171,172,1694,770,804,162,163,164,345,346,1493,1494,1495,1096,1111,1291,386,156,186,1083,1082,1090,804,1127,1128,1129,1248,1265,1314,1362,1368,1310,1311,1328,1399,1400,1425,1427,1499,1632,1693,1665,1674,206"
/>
</Rule>
@@ -46,7 +46,7 @@ This requirement is permanent not a finding. No fix is
required.
<!-- The CCI/SRG item listed here are:
- satisfied (by Rules in the guidance, which include the reference)
- not selected in DoD baseline -->
-<!--
disa="26,27,32,771,772,779,831,884,888,1095,1115,1117,1250,1339,1348,1353,1428,1464,1496"
-->
+<!--
disa="26,27,32,771,772,831,884,888,1095,1115,1117,1250,1339,1348,1353,1428,1464,1496"
-->
<!-- The CCI/SRG item referenced here are:
@@ -66,7 +66,7 @@ application, policy, or service. This requirement is NA.
<description>
This requirement is NA. No fix is required.
</description>
-<ref
disa="21,25,28,29,30,165,221,354,780,781,1009,1094,1123,1124,1125,1132,1135,1140,1141,1142,1143,1145,1147,1148,1166,1295,1340,1341,1350,1373,1374,1383,1391,1392,1395,1662"
/>
+<ref
disa="21,25,28,29,30,165,221,354,779,780,781,1009,1094,1123,1124,1125,1132,1135,1140,1141,1142,1143,1145,1147,1148,1166,1295,1340,1341,1350,1356,1373,1374,1383,1391,1392,1395,1632,1662"
/>
</Rule>
--
1.7.1
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
