|
 |
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/C2S.profile scap-security-guide-0.1.46/rhel7/profiles/C2S.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/C2S.profile 2019-08-28 13:46:33.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/C2S.profile 2020-04-02 00:13:14.710523405 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'C2S for Red Hat Enterprise Linux 7'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile demonstrates compliance against the
|
|
|
0f521b |
U.S. Government Commercial Cloud Services (C2S) baseline.
|
|
|
0f521b |
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/cjis.profile scap-security-guide-0.1.46/rhel7/profiles/cjis.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/cjis.profile 2019-08-28 13:46:33.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/cjis.profile 2020-04-02 00:14:09.815642451 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'Criminal Justice Information Services (CJIS) Security Policy'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile is derived from FBI's CJIS v5.4
|
|
|
0f521b |
Security Policy. A copy of this policy can be found at the CJIS Security
|
|
|
0f521b |
Policy Resource Center:
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/cui.profile scap-security-guide-0.1.46/rhel7/profiles/cui.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/cui.profile 2019-08-28 12:35:00.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/cui.profile 2020-04-02 00:14:39.735707092 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
From NIST 800-171, Section 2.2:
|
|
|
0f521b |
Security requirements for protecting the confidentiality of CUI in non-federal
|
|
|
0f521b |
information systems and organizations have a well-defined structure that
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/e8.profile scap-security-guide-0.1.46/rhel7/profiles/e8.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/e8.profile 2020-04-02 00:07:38.530797155 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/e8.profile 2020-04-02 00:15:34.521825440 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains configuration checks for Red Hat Enterprise Linux 7
|
|
|
0f521b |
that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
|
|
|
0f521b |
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/hipaa.profile scap-security-guide-0.1.46/rhel7/profiles/hipaa.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/hipaa.profile 2019-08-28 13:46:33.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/hipaa.profile 2020-04-02 00:16:12.605907713 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: True
|
|
|
0f521b |
title: 'Health Insurance Portability and Accountability Act (HIPAA)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
The HIPAA Security Rule establishes U.S. national standards to protect individuals’
|
|
|
0f521b |
electronic personal health information that is created, received, used, or
|
|
|
0f521b |
maintained by a covered entity. The Security Rule requires appropriate
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/ncp.profile scap-security-guide-0.1.46/rhel7/profiles/ncp.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/ncp.profile 2019-08-28 13:46:33.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/ncp.profile 2020-04-02 00:19:00.198269763 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'NIST National Checklist Program Security Guide'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This compliance profile reflects the core set of security
|
|
|
0f521b |
related configuration settings for deployment of Red Hat Enterprise
|
|
|
0f521b |
Linux 7.x into U.S. Defense, Intelligence, and Civilian agencies.
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/ospp.profile scap-security-guide-0.1.46/rhel7/profiles/ospp.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/ospp.profile 2020-04-02 00:07:38.523797140 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/ospp.profile 2020-04-02 00:18:53.448255187 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'OSPP - Protection Profile for General Purpose Operating Systems v4.2.1'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile reflects mandatory configuration controls identified in the
|
|
|
0f521b |
NIAP Configuration Annex to the Protection Profile for General Purpose
|
|
|
0f521b |
Operating Systems (Protection Profile Version 4.2.1).
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/pci-dss.profile scap-security-guide-0.1.46/rhel7/profiles/pci-dss.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/pci-dss.profile 2019-08-28 12:35:00.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/pci-dss.profile 2020-04-02 00:19:22.109317098 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 7'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
Ensures PCI-DSS v3.2.1 security configuration settings are applied.
|
|
|
0f521b |
|
|
|
0f521b |
selections:
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/rhelh-stig.profile scap-security-guide-0.1.46/rhel7/profiles/rhelh-stig.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/rhelh-stig.profile 2019-08-28 13:46:33.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/rhelh-stig.profile 2020-04-02 00:20:04.168407959 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: '[DRAFT] DISA STIG for Red Hat Enterprise Linux Virtualization Host (RHELH)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This *draft* profile contains configuration checks that align to the
|
|
|
0f521b |
DISA STIG for Red Hat Enterprise Linux Virtualization Host (RHELH).
|
|
|
0f521b |
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/rhelh-vpp.profile scap-security-guide-0.1.46/rhel7/profiles/rhelh-vpp.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/rhelh-vpp.profile 2019-08-28 13:46:33.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/rhelh-vpp.profile 2020-04-02 00:18:01.448142852 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'VPP - Protection Profile for Virtualization v. 1.0 for Red Hat Enterprise Linux Hypervisor (RHELH)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This compliance profile reflects the core set of security
|
|
|
0f521b |
related configuration settings for deployment of Red Hat Enterprise
|
|
|
0f521b |
Linux Hypervisor (RHELH) 7.x into U.S. Defense, Intelligence, and Civilian agencies.
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/rht-ccp.profile scap-security-guide-0.1.46/rhel7/profiles/rht-ccp.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/rht-ccp.profile 2019-08-28 13:46:33.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/rht-ccp.profile 2020-04-02 00:20:25.205453406 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains the minimum security relevant
|
|
|
0f521b |
configuration settings recommended by Red Hat, Inc for
|
|
|
0f521b |
Red Hat Enterprise Linux 7 instances deployed by Red Hat Certified
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.46.orig/rhel7/profiles/standard.profile scap-security-guide-0.1.46/rhel7/profiles/standard.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.46.orig/rhel7/profiles/standard.profile 2019-08-28 12:35:00.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.46/rhel7/profiles/standard.profile 2020-04-02 00:21:05.637540751 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'Standard System Security Profile for Red Hat Enterprise Linux 7'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains rules to ensure standard security baseline
|
|
|
0f521b |
of a Red Hat Enterprise Linux 7 system. Regardless of your system's workload
|
|
|
0f521b |
all of these checks should pass.
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_enhanced.profile scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_enhanced.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_enhanced.profile 2021-04-27 16:26:32.968036292 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_enhanced.profile 2021-04-27 16:32:59.501871327 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'ANSSI-BP-028 (enhanced)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains configurations that align to ANSSI-BP-028 at the enhanced hardening level.
|
|
|
0f521b |
|
|
|
0f521b |
ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_high.profile scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_high.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_high.profile 2021-04-27 16:26:32.968036292 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_high.profile 2021-04-27 16:33:22.015919959 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'DRAFT - ANSSI-BP-028 (high)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains configurations that align to ANSSI-BP-028 at the high hardening level.
|
|
|
0f521b |
|
|
|
0f521b |
ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_intermediary.profile scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_intermediary.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_intermediary.profile 2021-04-27 16:26:32.968036292 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_intermediary.profile 2021-04-27 16:33:46.957973842 +0000
|
|
|
0f521b |
@@ -4,6 +4,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'ANSSI-BP-028 (intermediary)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains configurations that align to ANSSI-BP-028 at the intermediary hardening level.
|
|
|
0f521b |
|
|
|
0f521b |
ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_minimal.profile scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_minimal.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.54.orig/rhel7/profiles/anssi_nt28_minimal.profile 2021-04-27 16:26:32.968036292 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.54/rhel7/profiles/anssi_nt28_minimal.profile 2021-04-27 16:34:23.703053225 +0000
|
|
|
0f521b |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
0f521b |
title: 'ANSSI-BP-028 (minimal)'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains configurations that align to ANSSI-BP-028 at the minimal hardening level.
|
|
|
0f521b |
|
|
|
0f521b |
ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.54.orig/rhel7/profiles/cis.profile scap-security-guide-0.1.54/rhel7/profiles/cis.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.54.orig/rhel7/profiles/cis.profile 2021-02-03 10:54:10.000000000 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.54/rhel7/profiles/cis.profile 2021-04-27 16:34:49.526109008 +0000
|
|
|
0f521b |
@@ -12,6 +12,8 @@ reference: https://www.cisecurity.org/ci
|
|
|
0f521b |
title: 'CIS Red Hat Enterprise Linux 7 Benchmark'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile defines a baseline that aligns to the Center for Internet Security®
|
|
|
0f521b |
Red Hat Enterprise Linux 7 Benchmark™, v2.2.0, released 12-27-2017.
|
|
|
0f521b |
|
|
|
0f521b |
diff -uNrp scap-security-guide-0.1.54.orig/rhel7/profiles/stig.profile scap-security-guide-0.1.54/rhel7/profiles/stig.profile
|
|
|
0f521b |
--- scap-security-guide-0.1.54.orig/rhel7/profiles/stig.profile 2021-04-27 16:26:32.906036158 +0000
|
|
|
0f521b |
+++ scap-security-guide-0.1.54/rhel7/profiles/stig.profile 2021-04-27 16:38:56.557642673 +0000
|
|
|
0f521b |
@@ -10,6 +10,8 @@ reference: https://public.cyber.mil/stig
|
|
|
0f521b |
title: 'DISA STIG for Red Hat Enterprise Linux 7'
|
|
|
0f521b |
|
|
|
0f521b |
description: |-
|
|
|
0f521b |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
0f521b |
+
|
|
|
0f521b |
This profile contains configuration checks that align to the
|
|
|
0f521b |
DISA STIG for Red Hat Enterprise Linux V3R2.
|
|
|
0f521b |
|