|
|
0c1482 |
commit 527027f3265cf06e26d36df260eabe63b8a24166
|
|
|
0c1482 |
Author: Gabriel Becker <ggasparb@redhat.com>
|
|
|
0c1482 |
Date: Thu Feb 17 12:32:24 2022 +0100
|
|
|
0c1482 |
|
|
|
0c1482 |
Custom patch for RHEL7.9 PR 8140.
|
|
|
0c1482 |
|
|
|
0c1482 |
diff --git a/products/rhel7/profiles/stig.profile b/products/rhel7/profiles/stig.profile
|
|
|
0c1482 |
index e2c4f9a..f020bc0 100644
|
|
|
0c1482 |
--- a/products/rhel7/profiles/stig.profile
|
|
|
0c1482 |
+++ b/products/rhel7/profiles/stig.profile
|
|
|
0c1482 |
@@ -1,7 +1,7 @@
|
|
|
0c1482 |
documentation_complete: true
|
|
|
0c1482 |
|
|
|
0c1482 |
metadata:
|
|
|
0c1482 |
- version: V3R5
|
|
|
0c1482 |
+ version: V3R6
|
|
|
0c1482 |
SMEs:
|
|
|
0c1482 |
- ggbecker
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -11,7 +11,7 @@ title: 'DISA STIG for Red Hat Enterprise Linux 7'
|
|
|
0c1482 |
|
|
|
0c1482 |
description: |-
|
|
|
0c1482 |
This profile contains configuration checks that align to the
|
|
|
0c1482 |
- DISA STIG for Red Hat Enterprise Linux V3R5.
|
|
|
0c1482 |
+ DISA STIG for Red Hat Enterprise Linux V3R6.
|
|
|
0c1482 |
|
|
|
0c1482 |
In addition to being applicable to Red Hat Enterprise Linux 7, DISA recognizes this
|
|
|
0c1482 |
configuration baseline as applicable to the operating system tier of
|
|
|
0c1482 |
diff --git a/products/rhel7/profiles/stig_gui.profile b/products/rhel7/profiles/stig_gui.profile
|
|
|
0c1482 |
index 2c5821f..932d034 100644
|
|
|
0c1482 |
--- a/products/rhel7/profiles/stig_gui.profile
|
|
|
0c1482 |
+++ b/products/rhel7/profiles/stig_gui.profile
|
|
|
0c1482 |
@@ -1,7 +1,7 @@
|
|
|
0c1482 |
documentation_complete: true
|
|
|
0c1482 |
|
|
|
0c1482 |
metadata:
|
|
|
0c1482 |
- version: V3R5
|
|
|
0c1482 |
+ version: V3R6
|
|
|
0c1482 |
SMEs:
|
|
|
0c1482 |
- ggbecker
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -11,7 +11,7 @@ title: 'DISA STIG with GUI for Red Hat Enterprise Linux 7'
|
|
|
0c1482 |
|
|
|
0c1482 |
description: |-
|
|
|
0c1482 |
This profile contains configuration checks that align to the
|
|
|
0c1482 |
- DISA STIG with GUI for Red Hat Enterprise Linux V3R5.
|
|
|
0c1482 |
+ DISA STIG with GUI for Red Hat Enterprise Linux V3R6.
|
|
|
0c1482 |
|
|
|
0c1482 |
In addition to being applicable to Red Hat Enterprise Linux 7, DISA recognizes this
|
|
|
0c1482 |
configuration baseline as applicable to the operating system tier of
|
|
|
0c1482 |
diff --git a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r6-xccdf-manual.xml
|
|
|
0c1482 |
similarity index 81%
|
|
|
0c1482 |
rename from shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
|
|
|
0c1482 |
rename to shared/references/disa-stig-rhel7-v3r6-xccdf-manual.xml
|
|
|
0c1482 |
index a674d50..62c5f36 100644
|
|
|
0c1482 |
--- a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
|
|
|
0c1482 |
+++ b/shared/references/disa-stig-rhel7-v3r6-xccdf-manual.xml
|
|
|
0c1482 |
@@ -1,4 +1,4 @@
|
|
|
0c1482 |
-<Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="RHEL_7_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2021-08-18">accepted</status><title>Red Hat Enterprise Linux 7 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 5 Benchmark Date: 27 Oct 2021</plain-text><plain-text id="generator">3.2.2.36079</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>3</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Group id="V-204392"><title>SRG-OS-000257-GPOS-00098</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204392r646841_rule" weight="10.0" severity="high"><version>RHEL-07-010010</version><title>The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.</title><description><VulnDiscussion>Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.
|
|
|
0c1482 |
+<Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="RHEL_7_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2021-12-02">accepted</status><title>Red Hat Enterprise Linux 7 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 6 Benchmark Date: 27 Jan 2022</plain-text><plain-text id="generator">3.2.2.36079</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>3</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Group id="V-204392"><title>SRG-OS-000257-GPOS-00098</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204392r646841_rule" weight="10.0" severity="high"><version>RHEL-07-010010</version><title>The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.</title><description><VulnDiscussion>Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.
|
|
|
0c1482 |
|
|
|
0c1482 |
Satisfies: SRG-OS-000257-GPOS-00098, SRG-OS-000278-GPOS-00108</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71849</ident><ident system="http://cyber.mil/legacy">SV-86473</ident><ident system="http://cyber.mil/cci">CCI-001494</ident><ident system="http://cyber.mil/cci">CCI-001496</ident><ident system="http://cyber.mil/cci">CCI-002165</ident><ident system="http://cyber.mil/cci">CCI-002235</ident><fixtext fixref="F-36302r646840_fix">Run the following command to determine which package owns the file:
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -543,20 +543,20 @@ Check for the value of the "maxrepeat" option in "/etc/security/pwquality.conf"
|
|
|
0c1482 |
# grep maxrepeat /etc/security/pwquality.conf
|
|
|
0c1482 |
maxrepeat = 3
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the value of "maxrepeat" is set to more than "3", this is a finding.</check-content></check></Rule></Group><Group id="V-204414"><title>SRG-OS-000072-GPOS-00040</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204414r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010190</version><title>The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters.</title><description><VulnDiscussion>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
|
|
|
0c1482 |
+If the value of "maxrepeat" is set to more than "3", this is a finding.</check-content></check></Rule></Group><Group id="V-204414"><title>SRG-OS-000072-GPOS-00040</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204414r809186_rule" weight="10.0" severity="medium"><version>RHEL-07-010190</version><title>The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters.</title><description><VulnDiscussion>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
|
|
|
0c1482 |
|
|
|
0c1482 |
Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86541</ident><ident system="http://cyber.mil/legacy">V-71917</ident><ident system="http://cyber.mil/cci">CCI-000195</ident><fixtext fixref="F-4538r88435_fix">Configure the operating system to require the change of the number of repeating characters of the same character class when passwords are changed by setting the "maxclassrepeat" option.
|
|
|
0c1482 |
|
|
|
0c1482 |
Add the following line to "/etc/security/pwquality.conf" conf (or modify the line to have the required value):
|
|
|
0c1482 |
|
|
|
0c1482 |
-maxclassrepeat = 4</fixtext><fix id="F-4538r88435_fix" /><check system="C-4538r88434_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>The "maxclassrepeat" option sets the maximum number of allowed same consecutive characters in the same class in the new password.
|
|
|
0c1482 |
+maxclassrepeat = 4</fixtext><fix id="F-4538r88435_fix" /><check system="C-4538r809185_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>The "maxclassrepeat" option sets the maximum number of allowed same consecutive characters in the same class in the new password.
|
|
|
0c1482 |
|
|
|
0c1482 |
Check for the value of the "maxclassrepeat" option in "/etc/security/pwquality.conf" with the following command:
|
|
|
0c1482 |
|
|
|
0c1482 |
-# grep maxclassrepeat /etc/security/pwquality.conf
|
|
|
0c1482 |
+$ sudo grep maxclassrepeat /etc/security/pwquality.conf
|
|
|
0c1482 |
maxclassrepeat = 4
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the value of "maxclassrepeat" is set to more than "4", this is a finding.</check-content></check></Rule></Group><Group id="V-204415"><title>SRG-OS-000073-GPOS-00041</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204415r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010200</version><title>The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords.</title><description><VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords encrypted with a weak algorithm are no more protected than if they are kept in plain text.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71919</ident><ident system="http://cyber.mil/legacy">SV-86543</ident><ident system="http://cyber.mil/cci">CCI-000196</ident><fixtext fixref="F-4539r88438_fix">Configure the operating system to store only SHA512 encrypted representations of passwords.
|
|
|
0c1482 |
+If the value of "maxclassrepeat" is set to "0", more than "4" or is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204415"><title>SRG-OS-000073-GPOS-00041</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204415r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010200</version><title>The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords.</title><description><VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords encrypted with a weak algorithm are no more protected than if they are kept in plain text.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71919</ident><ident system="http://cyber.mil/legacy">SV-86543</ident><ident system="http://cyber.mil/cci">CCI-000196</ident><fixtext fixref="F-4539r88438_fix">Configure the operating system to store only SHA512 encrypted representations of passwords.
|
|
|
0c1482 |
|
|
|
0c1482 |
Add the following line in "/etc/pam.d/system-auth":
|
|
|
0c1482 |
pam_unix.so sha512 shadow try_first_pass use_authtok
|
|
|
0c1482 |
@@ -661,7 +661,7 @@ Check for the value of the "minlen" option in "/etc/security/pwquality.conf" wit
|
|
|
0c1482 |
# grep minlen /etc/security/pwquality.conf
|
|
|
0c1482 |
minlen = 15
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the command does not return a "minlen" value of 15 or greater, this is a finding.</check-content></check></Rule></Group><Group id="V-204424"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204424r603261_rule" weight="10.0" severity="high"><version>RHEL-07-010290</version><title>The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords.</title><description><VulnDiscussion>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71937</ident><ident system="http://cyber.mil/legacy">SV-86561</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4548r88465_fix">If an account is configured for password authentication but does not have an assigned password, it may be possible to log on to the account without authenticating.
|
|
|
0c1482 |
+If the command does not return a "minlen" value of 15 or greater, this is a finding.</check-content></check></Rule></Group><Group id="V-204424"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204424r809187_rule" weight="10.0" severity="high"><version>RHEL-07-010290</version><title>The Red Hat Enterprise Linux operating system must not allow accounts configured with blank or null passwords.</title><description><VulnDiscussion>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71937</ident><ident system="http://cyber.mil/legacy">SV-86561</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4548r88465_fix">If an account is configured for password authentication but does not have an assigned password, it may be possible to log on to the account without authenticating.
|
|
|
0c1482 |
|
|
|
0c1482 |
Remove any instances of the "nullok" option in "/etc/pam.d/system-auth" and "/etc/pam.d/password-auth" to prevent logons with empty passwords.
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -682,20 +682,21 @@ PermitEmptyPasswords no
|
|
|
0c1482 |
|
|
|
0c1482 |
If no line, a commented line, or a line indicating the value "no" is returned, the required value is set.
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the required value is not set, this is a finding.</check-content></check></Rule></Group><Group id="V-204426"><title>SRG-OS-000118-GPOS-00060</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204426r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010310</version><title>The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires.</title><description><VulnDiscussion>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
|
|
|
0c1482 |
+If the required value is not set, this is a finding.</check-content></check></Rule></Group><Group id="V-204426"><title>SRG-OS-000118-GPOS-00060</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204426r809190_rule" weight="10.0" severity="medium"><version>RHEL-07-010310</version><title>The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires.</title><description><VulnDiscussion>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
|
|
|
0c1482 |
|
|
|
0c1482 |
-Operating systems need to track periods of inactivity and disable application identifiers after zero days of inactivity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86565</ident><ident system="http://cyber.mil/legacy">V-71941</ident><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-4550r88471_fix">Configure the operating system to disable account identifiers (individuals, groups, roles, and devices) after the password expires.
|
|
|
0c1482 |
+Operating systems need to track periods of inactivity and disable application identifiers after 35 days of inactivity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86565</ident><ident system="http://cyber.mil/legacy">V-71941</ident><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-4550r809189_fix">Configure the operating system to disable account identifiers (individuals, groups, roles, and devices) 35 days after the password expires.
|
|
|
0c1482 |
|
|
|
0c1482 |
Add the following line to "/etc/default/useradd" (or modify the line to have the required value):
|
|
|
0c1482 |
|
|
|
0c1482 |
-INACTIVE=0</fixtext><fix id="F-4550r88471_fix" /><check system="C-4550r88470_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>If passwords are not being used for authentication, this is Not Applicable.
|
|
|
0c1482 |
+INACTIVE=35
|
|
|
0c1482 |
+DoD recommendation is 35 days, but a lower value is acceptable. The value "-1" will disable this feature, and "0" will disable the account immediately after the password expires.</fixtext><fix id="F-4550r809189_fix" /><check system="C-4550r809188_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>If passwords are not being used for authentication, this is Not Applicable.
|
|
|
0c1482 |
|
|
|
0c1482 |
Verify the operating system disables account identifiers (individuals, groups, roles, and devices) after the password expires with the following command:
|
|
|
0c1482 |
|
|
|
0c1482 |
# grep -i inactive /etc/default/useradd
|
|
|
0c1482 |
-INACTIVE=0
|
|
|
0c1482 |
+INACTIVE=35
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the value is not set to "0", is commented out, or is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204427"><title>SRG-OS-000329-GPOS-00128</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204427r603824_rule" weight="10.0" severity="medium"><version>RHEL-07-010320</version><title>The Red Hat Enterprise Linux operating system must be configured to lock accounts for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe.</title><description><VulnDiscussion>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
|
|
|
0c1482 |
+If "INACTIVE" is set to "-1", a value greater than "35", is commented out, or is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204427"><title>SRG-OS-000329-GPOS-00128</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204427r603824_rule" weight="10.0" severity="medium"><version>RHEL-07-010320</version><title>The Red Hat Enterprise Linux operating system must be configured to lock accounts for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe.</title><description><VulnDiscussion>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
|
|
|
0c1482 |
|
|
|
0c1482 |
Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71943</ident><ident system="http://cyber.mil/legacy">SV-86567</ident><ident system="http://cyber.mil/cci">CCI-000044</ident><ident system="http://cyber.mil/cci">CCI-002236</ident><ident system="http://cyber.mil/cci">CCI-002237</ident><ident system="http://cyber.mil/cci">CCI-002238</ident><fixtext fixref="F-4551r622287_fix">Configure the operating system to lock an account for the maximum period when three unsuccessful logon attempts in 15 minutes are made.
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -1615,7 +1616,7 @@ Note: The example will be for a system that is configured to create users' home
|
|
|
0c1482 |
|
|
|
0c1482 |
# grep <file> /home/*/.*
|
|
|
0c1482 |
|
|
|
0c1482 |
-If any local initialization files are found to reference world-writable files, this is a finding.</check-content></check></Rule></Group><Group id="V-204479"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204479r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-020900</version><title>The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification.</title><description><VulnDiscussion>If an unauthorized or modified device is allowed to exist on the system, there is the possibility the system may perform unintended or unauthorized operations.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72039</ident><ident system="http://cyber.mil/legacy">SV-86663</ident><ident system="http://cyber.mil/cci">CCI-000318</ident><ident system="http://cyber.mil/cci">CCI-000368</ident><ident system="http://cyber.mil/cci">CCI-001812</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><fixtext fixref="F-4603r88630_fix">Run the following command to determine which package owns the device file:
|
|
|
0c1482 |
+If any local initialization files are found to reference world-writable files, this is a finding.</check-content></check></Rule></Group><Group id="V-204479"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204479r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-020900</version><title>The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification.</title><description><VulnDiscussion>If an unauthorized or modified device is allowed to exist on the system, there is the possibility the system may perform unintended or unauthorized operations.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86663</ident><ident system="http://cyber.mil/legacy">V-72039</ident><ident system="http://cyber.mil/cci">CCI-000318</ident><ident system="http://cyber.mil/cci">CCI-000368</ident><ident system="http://cyber.mil/cci">CCI-001812</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><fixtext fixref="F-4603r88630_fix">Run the following command to determine which package owns the device file:
|
|
|
0c1482 |
|
|
|
0c1482 |
# rpm -qf <filename>
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -2269,526 +2270,120 @@ The audit daemon must be restarted for the changes to take effect.</fixtext>
|
|
|
0c1482 |
|
|
|
0c1482 |
If both the "b32" and "b64" audit rules for "SUID" files are not defined, this is a finding.
|
|
|
0c1482 |
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules for "SGID" files are not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204517"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204517r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030370</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chown syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86721</ident><ident system="http://cyber.mil/legacy">V-72097</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4641r462559_fix">Add or update the following rule in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4641r462559_fix" /><check system="C-4641r462558_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "chown" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw chown /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "chown" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204518"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204518r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030380</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchown syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86723</ident><ident system="http://cyber.mil/legacy">V-72099</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4642r462562_fix">Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4642r462562_fix" /><check system="C-4642r462561_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchown" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw fchown /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "fchown" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204519"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204519r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030390</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the lchown syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72101</ident><ident system="http://cyber.mil/legacy">SV-86725</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4643r462565_fix">Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4643r462565_fix" /><check system="C-4643r462564_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "lchown" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw lchown /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "lchown" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204520"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204520r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030400</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchownat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72103</ident><ident system="http://cyber.mil/legacy">SV-86727</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4644r462568_fix">Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4644r462568_fix" /><check system="C-4644r462567_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchownat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw fchownat /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "fchownat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204521"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204521r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030410</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chmod syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86729</ident><ident system="http://cyber.mil/legacy">V-72105</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4645r462571_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "chmod" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4645r462571_fix" /><check system="C-4645r462570_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "chmod" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw chmod /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "chmod" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204522"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204522r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030420</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchmod syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86731</ident><ident system="http://cyber.mil/legacy">V-72107</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4646r462574_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fchmod" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4646r462574_fix" /><check system="C-4646r462573_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchmod" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw fchmod /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "fchmod" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204523"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204523r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030430</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchmodat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86733</ident><ident system="http://cyber.mil/legacy">V-72109</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4647r462577_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fchmodat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4647r462577_fix" /><check system="C-4647r462576_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchmodat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw fchmodat /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "fchmodat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204524"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204524r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030440</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the setxattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86735</ident><ident system="http://cyber.mil/legacy">V-72111</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4648r462732_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "setxattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4648r462732_fix" /><check system="C-4648r462731_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "setxattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw setxattr /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "setxattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204525"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204525r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030450</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fsetxattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86737</ident><ident system="http://cyber.mil/legacy">V-72113</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4649r462580_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4649r462580_fix" /><check system="C-4649r462579_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw fsetxattr /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "fsetxattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204526"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204526r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030460</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the lsetxattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72115</ident><ident system="http://cyber.mil/legacy">SV-86739</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4650r462583_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4650r462583_fix" /><check system="C-4650r462582_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw lsetxattr /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "lsetxattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204527"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204527r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030470</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the removexattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72117</ident><ident system="http://cyber.mil/legacy">SV-86741</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4651r462586_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "removexattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4651r462586_fix" /><check system="C-4651r462585_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "removexattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw removexattr /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "removexattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204528"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204528r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030480</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fremovexattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86743</ident><ident system="http://cyber.mil/legacy">V-72119</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4652r462589_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4652r462589_fix" /><check system="C-4652r462588_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw fremovexattr /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "fremovexattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204529"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204529r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030490</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the lremovexattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72121</ident><ident system="http://cyber.mil/legacy">SV-86745</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4653r462592_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4653r462592_fix" /><check system="C-4653r462591_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw lremovexattr /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "lremovexattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204530"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204530r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030500</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the creat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72123</ident><ident system="http://cyber.mil/legacy">SV-86747</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4654r462595_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "creat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S creat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4654r462595_fix" /><check system="C-4654r462594_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "creat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw creat /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S creat F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "creat" syscall, this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204531"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204531r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030510</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the open syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86749</ident><ident system="http://cyber.mil/legacy">V-72125</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4655r462598_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "open" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4655r462598_fix" /><check system="C-4655r462597_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "open" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw open /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "open" syscall, this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204532"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204532r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030520</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the openat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72127</ident><ident system="http://cyber.mil/legacy">SV-86751</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4656r462601_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "openat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4656r462601_fix" /><check system="C-4656r462600_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "openat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw openat /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "openat" syscall, this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204533"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204533r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030530</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the open_by_handle_at syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86753</ident><ident system="http://cyber.mil/legacy">V-72129</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4657r462604_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4657r462604_fix" /><check system="C-4657r462603_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw open_by_handle_at /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "open_by_handle_at" syscall, this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204534"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204534r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030540</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the truncate syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86755</ident><ident system="http://cyber.mil/legacy">V-72131</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4658r462607_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "truncate" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4658r462607_fix" /><check system="C-4658r462606_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "truncate" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw truncate /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "truncate" syscall, this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204535"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204535r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030550</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the ftruncate syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72133</ident><ident system="http://cyber.mil/legacy">SV-86757</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4659r462610_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "ftruncate" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4659r462610_fix" /><check system="C-4659r462609_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "ftruncate" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw ftruncate /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules for "SGID" files are not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204517"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204517r809570_rule" weight="10.0" severity="medium"><version>RHEL-07-030370</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat, and lchown syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86721</ident><ident system="http://cyber.mil/legacy">V-72097</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4641r809192_fix">Add or update the following rule in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "ftruncate" syscall, this is a finding.
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
|
|
|
0c1482 |
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4641r809192_fix" /><check system="C-4641r809569_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "chown", "fchown", "fchownat", and "lchown" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+# grep chown /etc/audit/audit.rules
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules are not defined for the "chown", "fchown", "fchownat", and "lchown" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204521"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204521r809772_rule" weight="10.0" severity="medium"><version>RHEL-07-030410</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chmod, fchmod, and fchmodat syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86729</ident><ident system="http://cyber.mil/legacy">V-72105</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4645r809771_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "chmod", "fchmod", and "fchmodat" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4645r809771_fix" /><check system="C-4645r809571_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "chmod", "fchmod", and "fchmodat" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the file system rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+# grep chmod /etc/audit/audit.rules
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules are not defined for the "chmod", "fchmod", and "fchmodat" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204524"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204524r809775_rule" weight="10.0" severity="medium"><version>RHEL-07-030440</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86735</ident><ident system="http://cyber.mil/legacy">V-72111</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4648r809774_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4648r809774_fix" /><check system="C-4648r809773_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+# grep xattr /etc/audit/audit.rules
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules are not defined for the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204531"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204531r809815_rule" weight="10.0" severity="medium"><version>RHEL-07-030510</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86749</ident><ident system="http://cyber.mil/legacy">V-72125</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4655r809814_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4655r809814_fix" /><check system="C-4655r809812_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+# grep 'open\|truncate\|creat' /etc/audit/audit.rules
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules are not defined for the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls, this is a finding.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204536"><title>SRG-OS-000392-GPOS-00172</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204536r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030560</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the semanage command.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
|
|
|
0c1482 |
Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
@@ -3273,51 +2868,31 @@ Check the auditing rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
|
|
|
0c1482 |
-a always,exit -F arch=b64 -S create_module -k module-change
|
|
|
0c1482 |
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "create_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204560"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204560r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030820</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the init_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000471-GPOS-00216, SRG-OS-000477-GPOS-00222</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72187</ident><ident system="http://cyber.mil/legacy">SV-86811</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4684r88873_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "init_module" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S init_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S init_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4684r88873_fix" /><check system="C-4684r88872_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "init_module" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the auditing rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw init_module /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S init_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S init_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "init_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204561"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204561r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030821</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the finit_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000471-GPOS-00216, SRG-OS-000477-GPOS-00222</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-79001</ident><ident system="http://cyber.mil/legacy">SV-93707</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4685r88876_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "finit_module" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S finit_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S finit_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4685r88876_fix" /><check system="C-4685r88875_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "finit_module" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the auditing rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw finit_module /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S finit_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S finit_module -k module-change
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "finit_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204562"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204562r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030830</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the delete_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules are not defined for the "create_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204560"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204560r809822_rule" weight="10.0" severity="medium"><version>RHEL-07-030820</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the init_module and finit_module syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Satisfies: SRG-OS-000471-GPOS-00216, SRG-OS-000477-GPOS-00222</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72187</ident><ident system="http://cyber.mil/legacy">SV-86811</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4684r809821_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "init_module" and "finit_module" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S init_module,finit_module -k modulechange
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S init_module,finit_module -k modulechange
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4684r809821_fix" /><check system="C-4684r809816_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "init_module" and "finit_module" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the auditing rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+# grep init_module /etc/audit/audit.rules
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S init_module,finit_module -k modulechange
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S init_module,finit_module -k modulechange
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules are not defined for the "init_module" and "finit_module" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204562"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204562r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030830</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the delete_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
|
|
|
0c1482 |
|
|
|
0c1482 |
Audit records can be generated from various components within the information system (e.g., module or policy filter).
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -3442,117 +3017,31 @@ Check the auditing rules in "/etc/audit/audit.rules" with the following command:
|
|
|
0c1482 |
|
|
|
0c1482 |
-w /etc/security/opasswd -p wa -k identity
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the command does not return a line, or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204569"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204569r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030880</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the rename syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86823</ident><ident system="http://cyber.mil/legacy">V-72199</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4693r462676_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "rename" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S rename -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S rename -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4693r462676_fix" /><check system="C-4693r462675_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "rename" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw rename /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S rename -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S rename -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "rename" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204570"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204570r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030890</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the renameat syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86825</ident><ident system="http://cyber.mil/legacy">V-72201</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4694r462679_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "renameat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S renameat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S renameat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4694r462679_fix" /><check system="C-4694r462678_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "renameat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw renameat /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S renameat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S renameat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "renameat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204571"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204571r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030900</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the rmdir syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72203</ident><ident system="http://cyber.mil/legacy">SV-86827</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4695r462682_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "rmdir" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4695r462682_fix" /><check system="C-4695r462681_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "rmdir" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw rmdir /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "rmdir" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204572"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204572r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030910</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the unlink syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72205</ident><ident system="http://cyber.mil/legacy">SV-86829</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4696r462685_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "unlink" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S unlink -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S unlink -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4696r462685_fix" /><check system="C-4696r462684_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "unlink" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw unlink /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S unlink -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S unlink -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "unlink" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204573"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204573r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030920</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the unlinkat syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72207</ident><ident system="http://cyber.mil/legacy">SV-86831</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4697r462688_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "unlinkat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Add the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4697r462688_fix" /><check system="C-4697r462687_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "unlinkat" syscall occur.
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-# grep -iw unlinkat /etc/audit/audit.rules
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b32 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
--a always,exit -F arch=b64 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
-
|
|
|
0c1482 |
-If both the "b32" and "b64" audit rules are not defined for the "unlinkat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204574"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204574r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-031000</version><title>The Red Hat Enterprise Linux operating system must send rsyslog output to a log aggregation server.</title><description><VulnDiscussion>Sending rsyslog output to another system ensures that the logs cannot be removed or modified in the event that the system is compromised or has a hardware failure.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86833</ident><ident system="http://cyber.mil/legacy">V-72209</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4698r88915_fix">Modify the "/etc/rsyslog.conf" or an "/etc/rsyslog.d/*.conf" file to contain a configuration line to send all "rsyslog" output to a log aggregation system:
|
|
|
0c1482 |
+If the command does not return a line, or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204572"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204572r809825_rule" weight="10.0" severity="medium"><version>RHEL-07-030910</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72205</ident><ident system="http://cyber.mil/legacy">SV-86829</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4696r809824_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Add the following rules in "/etc/audit/rules.d/audit.rules":
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4696r809824_fix" /><check system="C-4696r809823_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+# grep 'unlink\|rename\|rmdir' /etc/audit/audit.rules
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If both the "b32" and "b64" audit rules are not defined for the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204574"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204574r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-031000</version><title>The Red Hat Enterprise Linux operating system must send rsyslog output to a log aggregation server.</title><description><VulnDiscussion>Sending rsyslog output to another system ensures that the logs cannot be removed or modified in the event that the system is compromised or has a hardware failure.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86833</ident><ident system="http://cyber.mil/legacy">V-72209</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4698r88915_fix">Modify the "/etc/rsyslog.conf" or an "/etc/rsyslog.d/*.conf" file to contain a configuration line to send all "rsyslog" output to a log aggregation system:
|
|
|
0c1482 |
*.* @@<log aggregation system name></fixtext><fix id="F-4698r88915_fix" /><check system="C-4698r88914_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify "rsyslog" is configured to send all messages to a log aggregation server.
|
|
|
0c1482 |
|
|
|
0c1482 |
Check the configuration of "rsyslog" with the following command:
|
|
|
0c1482 |
@@ -4119,15 +3608,15 @@ Check that the SSH daemon performs compression after a user successfully authent
|
|
|
0c1482 |
# grep -i compression /etc/ssh/sshd_config
|
|
|
0c1482 |
Compression delayed
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the "Compression" keyword is set to "yes", is missing, or the returned line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204603"><title>SRG-OS-000355-GPOS-00143</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204603r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-040500</version><title>The Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).</title><description><VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
|
|
|
0c1482 |
+If the "Compression" keyword is set to "yes", is missing, or the returned line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204603"><title>SRG-OS-000355-GPOS-00143</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204603r809230_rule" weight="10.0" severity="medium"><version>RHEL-07-040500</version><title>The Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).</title><description><VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
|
|
|
0c1482 |
|
|
|
0c1482 |
Synchronizing internal information system clocks provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.
|
|
|
0c1482 |
|
|
|
0c1482 |
Organizations should consider endpoints that may not have regular access to the authoritative time server (e.g., mobile, teleworking, and tactical endpoints).
|
|
|
0c1482 |
|
|
|
0c1482 |
-Satisfies: SRG-OS-000355-GPOS-00143, SRG-OS-000356-GPOS-00144</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72269</ident><ident system="http://cyber.mil/legacy">SV-86893</ident><ident system="http://cyber.mil/cci">CCI-001891</ident><ident system="http://cyber.mil/cci">CCI-002046</ident><fixtext fixref="F-4727r89002_fix">Edit the "/etc/ntp.conf" or "/etc/chrony.conf" file and add or update an entry to define "maxpoll" to "10" as follows:
|
|
|
0c1482 |
+Satisfies: SRG-OS-000355-GPOS-00143, SRG-OS-000356-GPOS-00144</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72269</ident><ident system="http://cyber.mil/legacy">SV-86893</ident><ident system="http://cyber.mil/cci">CCI-001891</ident><ident system="http://cyber.mil/cci">CCI-002046</ident><fixtext fixref="F-4727r809210_fix">Edit the "/etc/ntp.conf" or "/etc/chrony.conf" file and add or update an entry to define "maxpoll" to "16" as follows:
|
|
|
0c1482 |
|
|
|
0c1482 |
-server 0.rhel.pool.ntp.org iburst maxpoll 10
|
|
|
0c1482 |
+server 0.rhel.pool.ntp.org iburst maxpoll 16
|
|
|
0c1482 |
|
|
|
0c1482 |
If NTP was running and "maxpoll" was updated, the NTP service must be restarted:
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -4143,7 +3632,7 @@ If "chronyd" was running and "maxpoll" was updated, the service must be restarte
|
|
|
0c1482 |
|
|
|
0c1482 |
If "chronyd" was not running, it must be started:
|
|
|
0c1482 |
|
|
|
0c1482 |
-# systemctl start chronyd.service</fixtext><fix id="F-4727r89002_fix" /><check system="C-4727r89001_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Check to see if NTP is running in continuous mode:
|
|
|
0c1482 |
+# systemctl start chronyd.service</fixtext><fix id="F-4727r809210_fix" /><check system="C-4727r809209_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Check to see if NTP is running in continuous mode:
|
|
|
0c1482 |
|
|
|
0c1482 |
# ps -ef | grep ntp
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -4157,9 +3646,9 @@ If the NTP process is found, then check the "ntp.conf" file for the "maxpoll" op
|
|
|
0c1482 |
|
|
|
0c1482 |
# grep maxpoll /etc/ntp.conf
|
|
|
0c1482 |
|
|
|
0c1482 |
-server 0.rhel.pool.ntp.org iburst maxpoll 10
|
|
|
0c1482 |
+server 0.rhel.pool.ntp.org iburst maxpoll 16
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the option is set to "17" or is not set, this is a finding.
|
|
|
0c1482 |
+If the "maxpoll" option is set to a number greater than 16 or the line is commented out, this is a finding.
|
|
|
0c1482 |
|
|
|
0c1482 |
If the file does not exist, check the "/etc/cron.daily" subdirectory for a crontab file controlling the execution of the "ntpd -q" command.
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -4174,7 +3663,7 @@ If the "chronyd" process is found, then check the "chrony.conf" file for the "ma
|
|
|
0c1482 |
|
|
|
0c1482 |
# grep maxpoll /etc/chrony.conf
|
|
|
0c1482 |
|
|
|
0c1482 |
-server 0.rhel.pool.ntp.org iburst maxpoll 10
|
|
|
0c1482 |
+server 0.rhel.pool.ntp.org iburst maxpoll 16
|
|
|
0c1482 |
|
|
|
0c1482 |
If the option is not set or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204604"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204604r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-040520</version><title>The Red Hat Enterprise Linux operating system must enable an application firewall, if available.</title><description><VulnDiscussion>Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -4919,11 +4408,11 @@ $ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*
|
|
|
0c1482 |
|
|
|
0c1482 |
If the either of the following entries are returned, this is a finding:
|
|
|
0c1482 |
ALL ALL=(ALL) ALL
|
|
|
0c1482 |
-ALL ALL=(ALL:ALL) ALL</check-content></check></Rule></Group><Group id="V-237634"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237634r646853_rule" weight="10.0" severity="medium"><version>RHEL-07-010342</version><title>The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using "sudo".</title><description><VulnDiscussion>The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.
|
|
|
0c1482 |
+ALL ALL=(ALL:ALL) ALL</check-content></check></Rule></Group><Group id="V-237634"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237634r809213_rule" weight="10.0" severity="medium"><version>RHEL-07-010342</version><title>The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using "sudo".</title><description><VulnDiscussion>The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.
|
|
|
0c1482 |
For more information on each of the listed configurations, reference the sudoers(5) manual page.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002227</ident><fixtext fixref="F-40816r646852_fix">Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:
|
|
|
0c1482 |
Defaults !targetpw
|
|
|
0c1482 |
Defaults !rootpw
|
|
|
0c1482 |
-Defaults !runaspw</fixtext><fix id="F-40816r646852_fix" /><check system="C-40853r646851_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
|
|
|
0c1482 |
+Defaults !runaspw</fixtext><fix id="F-40816r646852_fix" /><check system="C-40853r809212_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
|
|
|
0c1482 |
|
|
|
0c1482 |
$ sudo egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#'
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -4931,10 +4420,11 @@ $ sudo egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | g
|
|
|
0c1482 |
/etc/sudoers:Defaults !rootpw
|
|
|
0c1482 |
/etc/sudoers:Defaults !runaspw
|
|
|
0c1482 |
|
|
|
0c1482 |
-If no results are returned, this is a finding
|
|
|
0c1482 |
+If no results are returned, this is a finding.
|
|
|
0c1482 |
+If results are returned from more than one file location, this is a finding.
|
|
|
0c1482 |
If "Defaults !targetpw" is not defined, this is a finding.
|
|
|
0c1482 |
If "Defaults !rootpw" is not defined, this is a finding.
|
|
|
0c1482 |
-If "Defaults !runaspw" is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-237635"><title>SRG-OS-000373-GPOS-00156</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237635r792836_rule" weight="10.0" severity="medium"><version>RHEL-07-010343</version><title>The Red Hat Enterprise Linux operating system must require re-authentication when using the "sudo" command.</title><description><VulnDiscussion>Without re-authentication, users may access resources or perform tasks for which they do not have authorization.
|
|
|
0c1482 |
+If "Defaults !runaspw" is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-237635"><title>SRG-OS-000373-GPOS-00156</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237635r809215_rule" weight="10.0" severity="medium"><version>RHEL-07-010343</version><title>The Red Hat Enterprise Linux operating system must require re-authentication when using the "sudo" command.</title><description><VulnDiscussion>Without re-authentication, users may access resources or perform tasks for which they do not have authorization.
|
|
|
0c1482 |
|
|
|
0c1482 |
When operating systems provide the capability to escalate a functional capability, it is critical the organization requires the user to re-authenticate when using the "sudo" command.
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -4944,11 +4434,13 @@ $ sudo visudo
|
|
|
0c1482 |
|
|
|
0c1482 |
Add or modify the following line:
|
|
|
0c1482 |
Defaults timestamp_timeout=[value]
|
|
|
0c1482 |
-Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-40817r646855_fix" /><check system="C-40854r792835_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
|
|
|
0c1482 |
+Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-40817r646855_fix" /><check system="C-40854r809214_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
|
|
|
0c1482 |
|
|
|
0c1482 |
$ sudo grep -i 'timestamp_timeout' /etc/sudoers /etc/sudoers.d/*
|
|
|
0c1482 |
/etc/sudoers:Defaults timestamp_timeout=0
|
|
|
0c1482 |
|
|
|
0c1482 |
+If results are returned from more than one file location, this is a finding.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
If "timestamp_timeout" is set to a negative number, is commented out, or no results are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-244557"><title>SRG-OS-000080-GPOS-00048</title><description><GroupDescription></GroupDescription></description><Rule id="SV-244557r792838_rule" weight="10.0" severity="medium"><version>RHEL-07-010483</version><title>Red Hat Enterprise Linux operating systems version 7.2 or newer booted with a BIOS must have a unique name for the grub superusers account when booting into single-user and maintenance modes.</title><description><VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
|
|
|
0c1482 |
The GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-47789r744062_fix">Configure the system to have a unique name for the grub superusers account.
|
|
|
0c1482 |
|
|
|
0c1482 |
@@ -5029,19 +4521,80 @@ Check the SELinux ssh_sysadm_login boolean with the following command:
|
|
|
0c1482 |
$ sudo getsebool ssh_sysadm_login
|
|
|
0c1482 |
ssh_sysadm_login --> off
|
|
|
0c1482 |
|
|
|
0c1482 |
-If the "ssh_sysadm_login" boolean is not "off" and is not documented with the ISSO as an operational requirement, this is a finding.</check-content></check></Rule></Group><Group id="V-250314"><title>SRG-OS-000324-GPOS-00125</title><description><GroupDescription></GroupDescription></description><Rule id="SV-250314r792849_rule" weight="10.0" severity="medium"><version>RHEL-07-020023</version><title>The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command.</title><description><VulnDiscussion>Preventing non-privileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.
|
|
|
0c1482 |
+If the "ssh_sysadm_login" boolean is not "off" and is not documented with the ISSO as an operational requirement, this is a finding.</check-content></check></Rule></Group><Group id="V-250314"><title>SRG-OS-000324-GPOS-00125</title><description><GroupDescription></GroupDescription></description><Rule id="SV-250314r809217_rule" weight="10.0" severity="medium"><version>RHEL-07-020023</version><title>The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command.</title><description><VulnDiscussion>Preventing non-privileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.
|
|
|
0c1482 |
|
|
|
0c1482 |
Privileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Non-privileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from non-privileged users.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002165</ident><ident system="http://cyber.mil/cci">CCI-002235</ident><fixtext fixref="F-53702r792848_fix">Configure the operating system to elevate the SELinux context when an administrator calls the sudo command.
|
|
|
0c1482 |
Edit a file in the /etc/sudoers.d directory with the following command:
|
|
|
0c1482 |
$ sudo visudo -f /etc/sudoers.d/<customfile>
|
|
|
0c1482 |
|
|
|
0c1482 |
Use the following example to build the <customfile> in the /etc/sudoers.d directory to allow any administrator belonging to a designated sudoers admin group to elevate their SELinux context with the use of the sudo command:
|
|
|
0c1482 |
-%wheel ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL</fixtext><fix id="F-53702r792848_fix" /><check system="C-53748r792847_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Note: Per OPORD 16-0080, the preferred endpoint security tool is Endpoint Security for Linux (ENSL) in conjunction with SELinux.
|
|
|
0c1482 |
+%wheel ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL</fixtext><fix id="F-53702r792848_fix" /><check system="C-53748r809216_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Note: Per OPORD 16-0080, the preferred endpoint security tool is Endpoint Security for Linux (ENSL) in conjunction with SELinux.
|
|
|
0c1482 |
|
|
|
0c1482 |
Verify the operating system elevates the SELinux context when an administrator calls the sudo command with the following command:
|
|
|
0c1482 |
|
|
|
0c1482 |
This command must be ran as root:
|
|
|
0c1482 |
-# grep sysadm_r /etc/sudoers.d/*
|
|
|
0c1482 |
+# grep sysadm_r /etc/sudoers /etc/sudoers.d/*
|
|
|
0c1482 |
%wheel ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL
|
|
|
0c1482 |
|
|
|
0c1482 |
-If a designated sudoers administrator group or account(s) is not configured to elevate the SELinux type and role to "sysadm_t" and "sysadm_r" with the use of the sudo command, this is a finding.</check-content></check></Rule></Group></Benchmark>
|
|
|
0c1482 |
\ No newline at end of file
|
|
|
0c1482 |
+If results are returned from more than one file location, this is a finding.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If a designated sudoers administrator group or account(s) is not configured to elevate the SELinux type and role to "sysadm_t" and "sysadm_r" with the use of the sudo command, this is a finding.</check-content></check></Rule></Group><Group id="V-251702"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251702r809220_rule" weight="10.0" severity="high"><version>RHEL-07-010291</version><title>The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords.</title><description><VulnDiscussion>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-55093r809219_fix">Configure all accounts on the system to have a password or lock the account with the following commands:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Perform a password reset:
|
|
|
0c1482 |
+$ sudo passwd [username]
|
|
|
0c1482 |
+Lock an account:
|
|
|
0c1482 |
+$ sudo passwd -l [username]</fixtext><fix id="F-55093r809219_fix" /><check system="C-55139r809218_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Check the "/etc/shadow" file for blank passwords with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+$ sudo awk -F: '!$2 {print $1}' /etc/shadow
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If the command returns any results, this is a finding.</check-content></check></Rule></Group><Group id="V-251703"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251703r809566_rule" weight="10.0" severity="medium"><version>RHEL-07-010339</version><title>The Red Hat Enterprise Linux operating system must specify the default "include" directory for the /etc/sudoers file.</title><description><VulnDiscussion>The "sudo" command allows authorized users to run programs (including shells) as other users, system users, and root. The "/etc/sudoers" file is used to configure authorized "sudo" users as well as the programs they are allowed to run. Some configuration options in the "/etc/sudoers" file allow configured users to run programs without re-authenticating. Use of these configuration options makes it easier for one compromised account to be used to compromise other accounts.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+It is possible to include other sudoers files from within the sudoers file currently being parsed using the #include and #includedir directives. When sudo reaches this line it will suspend processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are included may themselves include other files. A hard limit of 128 nested include files is enforced to prevent include file loops.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-55094r809222_fix">Configure the /etc/sudoers file to only include the /etc/sudoers.d directory.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Edit the /etc/sudoers file with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+$ sudo visudo
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Add or modify the following line:
|
|
|
0c1482 |
+#includedir /etc/sudoers.d</fixtext><fix id="F-55094r809222_fix" /><check system="C-55140r809221_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system specifies only the default "include" directory for the /etc/sudoers file with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+$ sudo grep include /etc/sudoers
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+#includedir /etc/sudoers.d
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If the results are not "/etc/sudoers.d" or additional files or directories are specified, this is a finding.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Verify the operating system does not have nested "include" files or directories within the /etc/sudoers.d directory with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+$ sudo grep include /etc/sudoers.d/*
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If results are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-251704"><title>SRG-OS-000373-GPOS-00156</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251704r809568_rule" weight="10.0" severity="medium"><version>RHEL-07-010344</version><title>The Red Hat Enterprise Linux operating system must not be configured to bypass password requirements for privilege escalation.</title><description><VulnDiscussion>Without re-authentication, users may access resources or perform tasks for which they do not have authorization.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+When operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002038</ident><fixtext fixref="F-55095r809567_fix">Configure the operating system to require users to supply a password for privilege escalation.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the configuration of the "/etc/ pam.d/sudo" file with the following command:
|
|
|
0c1482 |
+$ sudo vi /etc/pam.d/sudo
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Remove any occurrences of "pam_succeed_if" in the file.</fixtext><fix id="F-55095r809567_fix" /><check system="C-55141r809224_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system is not be configured to bypass password requirements for privilege escalation.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check the configuration of the "/etc/pam.d/sudo" file with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+$ sudo grep pam_succeed_if /etc/pam.d/sudo
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If any occurrences of "pam_succeed_if" is returned from the command, this is a finding.</check-content></check></Rule></Group><Group id="V-251705"><title>SRG-OS-000445-GPOS-00199</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251705r809229_rule" weight="10.0" severity="medium"><version>RHEL-07-020029</version><title>The Red Hat Enterprise Linux operating system must use a file integrity tool to verify correct operation of all security functions.</title><description><VulnDiscussion>Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+This requirement applies to the Red Hat Enterprise Linux operating system performing security function verification/testing and/or systems and environments that require this functionality.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002696</ident><fixtext fixref="F-55096r809228_fix">Install the AIDE package by running the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+$ sudo yum install aide</fixtext><fix id="F-55096r809228_fix" /><check system="C-55142r809227_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+Check that the AIDE package is installed with the following command:
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+$ sudo rpm -q aide
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+aide-0.16-14.el8.x86_64
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.
|
|
|
0c1482 |
+
|
|
|
0c1482 |
+If there is no application installed to perform integrity checks, this is a finding.</check-content></check></Rule></Group></Benchmark>
|
|
|
0c1482 |
\ No newline at end of file
|