Blame SOURCES/scap-security-guide-0.1.61-update_RHEL_07_STIG-PR_8140.patch

0c1482
commit 527027f3265cf06e26d36df260eabe63b8a24166
0c1482
Author: Gabriel Becker <ggasparb@redhat.com>
0c1482
Date:   Thu Feb 17 12:32:24 2022 +0100
0c1482
0c1482
    Custom patch for RHEL7.9 PR 8140.
0c1482
0c1482
diff --git a/products/rhel7/profiles/stig.profile b/products/rhel7/profiles/stig.profile
0c1482
index e2c4f9a..f020bc0 100644
0c1482
--- a/products/rhel7/profiles/stig.profile
0c1482
+++ b/products/rhel7/profiles/stig.profile
0c1482
@@ -1,7 +1,7 @@
0c1482
 documentation_complete: true
0c1482
 
0c1482
 metadata:
0c1482
-    version: V3R5
0c1482
+    version: V3R6
0c1482
     SMEs:
0c1482
         - ggbecker
0c1482
 
0c1482
@@ -11,7 +11,7 @@ title: 'DISA STIG for Red Hat Enterprise Linux 7'
0c1482
 
0c1482
 description: |-
0c1482
     This profile contains configuration checks that align to the
0c1482
-    DISA STIG for Red Hat Enterprise Linux V3R5.
0c1482
+    DISA STIG for Red Hat Enterprise Linux V3R6.
0c1482
 
0c1482
     In addition to being applicable to Red Hat Enterprise Linux 7, DISA recognizes this
0c1482
     configuration baseline as applicable to the operating system tier of
0c1482
diff --git a/products/rhel7/profiles/stig_gui.profile b/products/rhel7/profiles/stig_gui.profile
0c1482
index 2c5821f..932d034 100644
0c1482
--- a/products/rhel7/profiles/stig_gui.profile
0c1482
+++ b/products/rhel7/profiles/stig_gui.profile
0c1482
@@ -1,7 +1,7 @@
0c1482
 documentation_complete: true
0c1482
 
0c1482
 metadata:
0c1482
-    version: V3R5
0c1482
+    version: V3R6
0c1482
     SMEs:
0c1482
         - ggbecker
0c1482
 
0c1482
@@ -11,7 +11,7 @@ title: 'DISA STIG with GUI for Red Hat Enterprise Linux 7'
0c1482
 
0c1482
 description: |-
0c1482
     This profile contains configuration checks that align to the
0c1482
-    DISA STIG with GUI for Red Hat Enterprise Linux V3R5.
0c1482
+    DISA STIG with GUI for Red Hat Enterprise Linux V3R6.
0c1482
 
0c1482
     In addition to being applicable to Red Hat Enterprise Linux 7, DISA recognizes this
0c1482
     configuration baseline as applicable to the operating system tier of
0c1482
diff --git a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r6-xccdf-manual.xml
0c1482
similarity index 81%
0c1482
rename from shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
0c1482
rename to shared/references/disa-stig-rhel7-v3r6-xccdf-manual.xml
0c1482
index a674d50..62c5f36 100644
0c1482
--- a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
0c1482
+++ b/shared/references/disa-stig-rhel7-v3r6-xccdf-manual.xml
0c1482
@@ -1,4 +1,4 @@
0c1482
-<Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="RHEL_7_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2021-08-18">accepted</status><title>Red Hat Enterprise Linux 7 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 5 Benchmark Date: 27 Oct 2021</plain-text><plain-text id="generator">3.2.2.36079</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>3</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204518" selected="true" /><select idref="V-204519" selected="true" /><select idref="V-204520" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204522" selected="true" /><select idref="V-204523" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204525" selected="true" /><select idref="V-204526" selected="true" /><select idref="V-204527" selected="true" /><select idref="V-204528" selected="true" /><select idref="V-204529" selected="true" /><select idref="V-204530" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204532" selected="true" /><select idref="V-204533" selected="true" /><select idref="V-204534" selected="true" /><select idref="V-204535" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204561" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204569" selected="true" /><select idref="V-204570" selected="true" /><select idref="V-204571" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204573" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /></Profile><Group id="V-204392"><title>SRG-OS-000257-GPOS-00098</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204392r646841_rule" weight="10.0" severity="high"><version>RHEL-07-010010</version><title>The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.</title><description><VulnDiscussion>Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.
0c1482
+<Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="RHEL_7_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2021-12-02">accepted</status><title>Red Hat Enterprise Linux 7 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 6 Benchmark Date: 27 Jan 2022</plain-text><plain-text id="generator">3.2.2.36079</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>3</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description><ProfileDescription></ProfileDescription></description><select idref="V-204392" selected="true" /><select idref="V-204393" selected="true" /><select idref="V-204394" selected="true" /><select idref="V-204395" selected="true" /><select idref="V-204396" selected="true" /><select idref="V-204397" selected="true" /><select idref="V-204398" selected="true" /><select idref="V-204399" selected="true" /><select idref="V-204400" selected="true" /><select idref="V-204402" selected="true" /><select idref="V-204403" selected="true" /><select idref="V-204404" selected="true" /><select idref="V-204405" selected="true" /><select idref="V-204406" selected="true" /><select idref="V-204407" selected="true" /><select idref="V-204408" selected="true" /><select idref="V-204409" selected="true" /><select idref="V-204410" selected="true" /><select idref="V-204411" selected="true" /><select idref="V-204412" selected="true" /><select idref="V-204413" selected="true" /><select idref="V-204414" selected="true" /><select idref="V-204415" selected="true" /><select idref="V-204416" selected="true" /><select idref="V-204417" selected="true" /><select idref="V-204418" selected="true" /><select idref="V-204419" selected="true" /><select idref="V-204420" selected="true" /><select idref="V-204421" selected="true" /><select idref="V-204422" selected="true" /><select idref="V-204423" selected="true" /><select idref="V-204424" selected="true" /><select idref="V-204425" selected="true" /><select idref="V-204426" selected="true" /><select idref="V-204427" selected="true" /><select idref="V-204428" selected="true" /><select idref="V-204429" selected="true" /><select idref="V-204430" selected="true" /><select idref="V-204431" selected="true" /><select idref="V-204432" selected="true" /><select idref="V-204433" selected="true" /><select idref="V-204434" selected="true" /><select idref="V-204435" selected="true" /><select idref="V-204437" selected="true" /><select idref="V-204438" selected="true" /><select idref="V-204440" selected="true" /><select idref="V-204441" selected="true" /><select idref="V-204442" selected="true" /><select idref="V-204443" selected="true" /><select idref="V-204444" selected="true" /><select idref="V-204445" selected="true" /><select idref="V-204446" selected="true" /><select idref="V-204447" selected="true" /><select idref="V-204448" selected="true" /><select idref="V-204449" selected="true" /><select idref="V-204450" selected="true" /><select idref="V-204451" selected="true" /><select idref="V-204452" selected="true" /><select idref="V-204453" selected="true" /><select idref="V-204454" selected="true" /><select idref="V-204455" selected="true" /><select idref="V-204456" selected="true" /><select idref="V-204457" selected="true" /><select idref="V-204458" selected="true" /><select idref="V-204459" selected="true" /><select idref="V-204460" selected="true" /><select idref="V-204461" selected="true" /><select idref="V-204462" selected="true" /><select idref="V-204463" selected="true" /><select idref="V-204464" selected="true" /><select idref="V-204466" selected="true" /><select idref="V-204467" selected="true" /><select idref="V-204468" selected="true" /><select idref="V-204469" selected="true" /><select idref="V-204470" selected="true" /><select idref="V-204471" selected="true" /><select idref="V-204472" selected="true" /><select idref="V-204473" selected="true" /><select idref="V-204474" selected="true" /><select idref="V-204475" selected="true" /><select idref="V-204476" selected="true" /><select idref="V-204477" selected="true" /><select idref="V-204478" selected="true" /><select idref="V-204479" selected="true" /><select idref="V-204480" selected="true" /><select idref="V-204481" selected="true" /><select idref="V-204482" selected="true" /><select idref="V-204483" selected="true" /><select idref="V-204486" selected="true" /><select idref="V-204487" selected="true" /><select idref="V-204488" selected="true" /><select idref="V-204489" selected="true" /><select idref="V-204490" selected="true" /><select idref="V-204491" selected="true" /><select idref="V-204492" selected="true" /><select idref="V-204493" selected="true" /><select idref="V-204494" selected="true" /><select idref="V-204495" selected="true" /><select idref="V-204496" selected="true" /><select idref="V-204497" selected="true" /><select idref="V-204498" selected="true" /><select idref="V-204499" selected="true" /><select idref="V-204500" selected="true" /><select idref="V-204501" selected="true" /><select idref="V-204502" selected="true" /><select idref="V-204503" selected="true" /><select idref="V-204504" selected="true" /><select idref="V-204506" selected="true" /><select idref="V-204507" selected="true" /><select idref="V-204508" selected="true" /><select idref="V-204509" selected="true" /><select idref="V-204510" selected="true" /><select idref="V-204511" selected="true" /><select idref="V-204512" selected="true" /><select idref="V-204513" selected="true" /><select idref="V-204514" selected="true" /><select idref="V-204515" selected="true" /><select idref="V-204516" selected="true" /><select idref="V-204517" selected="true" /><select idref="V-204521" selected="true" /><select idref="V-204524" selected="true" /><select idref="V-204531" selected="true" /><select idref="V-204536" selected="true" /><select idref="V-204537" selected="true" /><select idref="V-204538" selected="true" /><select idref="V-204539" selected="true" /><select idref="V-204540" selected="true" /><select idref="V-204541" selected="true" /><select idref="V-204542" selected="true" /><select idref="V-204543" selected="true" /><select idref="V-204544" selected="true" /><select idref="V-204545" selected="true" /><select idref="V-204546" selected="true" /><select idref="V-204547" selected="true" /><select idref="V-204548" selected="true" /><select idref="V-204549" selected="true" /><select idref="V-204550" selected="true" /><select idref="V-204551" selected="true" /><select idref="V-204552" selected="true" /><select idref="V-204553" selected="true" /><select idref="V-204554" selected="true" /><select idref="V-204555" selected="true" /><select idref="V-204556" selected="true" /><select idref="V-204557" selected="true" /><select idref="V-204558" selected="true" /><select idref="V-204559" selected="true" /><select idref="V-204560" selected="true" /><select idref="V-204562" selected="true" /><select idref="V-204563" selected="true" /><select idref="V-204564" selected="true" /><select idref="V-204565" selected="true" /><select idref="V-204566" selected="true" /><select idref="V-204567" selected="true" /><select idref="V-204568" selected="true" /><select idref="V-204572" selected="true" /><select idref="V-204574" selected="true" /><select idref="V-204575" selected="true" /><select idref="V-204576" selected="true" /><select idref="V-204577" selected="true" /><select idref="V-204578" selected="true" /><select idref="V-204579" selected="true" /><select idref="V-204580" selected="true" /><select idref="V-204581" selected="true" /><select idref="V-204582" selected="true" /><select idref="V-204583" selected="true" /><select idref="V-204584" selected="true" /><select idref="V-204585" selected="true" /><select idref="V-204586" selected="true" /><select idref="V-204587" selected="true" /><select idref="V-204588" selected="true" /><select idref="V-204589" selected="true" /><select idref="V-204590" selected="true" /><select idref="V-204591" selected="true" /><select idref="V-204592" selected="true" /><select idref="V-204593" selected="true" /><select idref="V-204594" selected="true" /><select idref="V-204595" selected="true" /><select idref="V-204596" selected="true" /><select idref="V-204597" selected="true" /><select idref="V-204598" selected="true" /><select idref="V-204599" selected="true" /><select idref="V-204600" selected="true" /><select idref="V-204601" selected="true" /><select idref="V-204602" selected="true" /><select idref="V-204603" selected="true" /><select idref="V-204604" selected="true" /><select idref="V-204605" selected="true" /><select idref="V-204606" selected="true" /><select idref="V-204607" selected="true" /><select idref="V-204608" selected="true" /><select idref="V-204609" selected="true" /><select idref="V-204610" selected="true" /><select idref="V-204611" selected="true" /><select idref="V-204612" selected="true" /><select idref="V-204613" selected="true" /><select idref="V-204614" selected="true" /><select idref="V-204615" selected="true" /><select idref="V-204616" selected="true" /><select idref="V-204617" selected="true" /><select idref="V-204618" selected="true" /><select idref="V-204619" selected="true" /><select idref="V-204620" selected="true" /><select idref="V-204621" selected="true" /><select idref="V-204622" selected="true" /><select idref="V-204623" selected="true" /><select idref="V-204624" selected="true" /><select idref="V-204625" selected="true" /><select idref="V-204626" selected="true" /><select idref="V-204627" selected="true" /><select idref="V-204628" selected="true" /><select idref="V-204629" selected="true" /><select idref="V-204630" selected="true" /><select idref="V-204631" selected="true" /><select idref="V-204632" selected="true" /><select idref="V-204633" selected="true" /><select idref="V-204634" selected="true" /><select idref="V-214799" selected="true" /><select idref="V-214800" selected="true" /><select idref="V-214801" selected="true" /><select idref="V-214937" selected="true" /><select idref="V-219059" selected="true" /><select idref="V-228563" selected="true" /><select idref="V-228564" selected="true" /><select idref="V-233307" selected="true" /><select idref="V-237633" selected="true" /><select idref="V-237634" selected="true" /><select idref="V-237635" selected="true" /><select idref="V-244557" selected="true" /><select idref="V-244558" selected="true" /><select idref="V-250312" selected="true" /><select idref="V-250313" selected="true" /><select idref="V-250314" selected="true" /><select idref="V-251702" selected="true" /><select idref="V-251703" selected="true" /><select idref="V-251704" selected="true" /><select idref="V-251705" selected="true" /></Profile><Group id="V-204392"><title>SRG-OS-000257-GPOS-00098</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204392r646841_rule" weight="10.0" severity="high"><version>RHEL-07-010010</version><title>The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.</title><description><VulnDiscussion>Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.
0c1482
 
0c1482
 Satisfies: SRG-OS-000257-GPOS-00098, SRG-OS-000278-GPOS-00108</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71849</ident><ident system="http://cyber.mil/legacy">SV-86473</ident><ident system="http://cyber.mil/cci">CCI-001494</ident><ident system="http://cyber.mil/cci">CCI-001496</ident><ident system="http://cyber.mil/cci">CCI-002165</ident><ident system="http://cyber.mil/cci">CCI-002235</ident><fixtext fixref="F-36302r646840_fix">Run the following command to determine which package owns the file:
0c1482
 
0c1482
@@ -543,20 +543,20 @@ Check for the value of the "maxrepeat" option in "/etc/security/pwquality.conf"
0c1482
 # grep maxrepeat /etc/security/pwquality.conf 
0c1482
 maxrepeat = 3
0c1482
 
0c1482
-If the value of "maxrepeat" is set to more than "3", this is a finding.</check-content></check></Rule></Group><Group id="V-204414"><title>SRG-OS-000072-GPOS-00040</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204414r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010190</version><title>The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters.</title><description><VulnDiscussion>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
0c1482
+If the value of "maxrepeat" is set to more than "3", this is a finding.</check-content></check></Rule></Group><Group id="V-204414"><title>SRG-OS-000072-GPOS-00040</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204414r809186_rule" weight="10.0" severity="medium"><version>RHEL-07-010190</version><title>The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters.</title><description><VulnDiscussion>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
0c1482
 
0c1482
 Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86541</ident><ident system="http://cyber.mil/legacy">V-71917</ident><ident system="http://cyber.mil/cci">CCI-000195</ident><fixtext fixref="F-4538r88435_fix">Configure the operating system to require the change of the number of repeating characters of the same character class when passwords are changed by setting the "maxclassrepeat" option.
0c1482
 
0c1482
 Add the following line to "/etc/security/pwquality.conf" conf (or modify the line to have the required value):
0c1482
 
0c1482
-maxclassrepeat = 4</fixtext><fix id="F-4538r88435_fix" /><check system="C-4538r88434_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>The "maxclassrepeat" option sets the maximum number of allowed same consecutive characters in the same class in the new password.
0c1482
+maxclassrepeat = 4</fixtext><fix id="F-4538r88435_fix" /><check system="C-4538r809185_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>The "maxclassrepeat" option sets the maximum number of allowed same consecutive characters in the same class in the new password.
0c1482
 
0c1482
 Check for the value of the "maxclassrepeat" option in "/etc/security/pwquality.conf" with the following command:
0c1482
 
0c1482
-# grep maxclassrepeat /etc/security/pwquality.conf 
0c1482
+$ sudo grep maxclassrepeat /etc/security/pwquality.conf 
0c1482
 maxclassrepeat = 4
0c1482
 
0c1482
-If the value of "maxclassrepeat" is set to more than "4", this is a finding.</check-content></check></Rule></Group><Group id="V-204415"><title>SRG-OS-000073-GPOS-00041</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204415r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010200</version><title>The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords.</title><description><VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords encrypted with a weak algorithm are no more protected than if they are kept in plain text.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71919</ident><ident system="http://cyber.mil/legacy">SV-86543</ident><ident system="http://cyber.mil/cci">CCI-000196</ident><fixtext fixref="F-4539r88438_fix">Configure the operating system to store only SHA512 encrypted representations of passwords.
0c1482
+If the value of "maxclassrepeat" is set to "0", more than "4" or is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204415"><title>SRG-OS-000073-GPOS-00041</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204415r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010200</version><title>The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords.</title><description><VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords encrypted with a weak algorithm are no more protected than if they are kept in plain text.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71919</ident><ident system="http://cyber.mil/legacy">SV-86543</ident><ident system="http://cyber.mil/cci">CCI-000196</ident><fixtext fixref="F-4539r88438_fix">Configure the operating system to store only SHA512 encrypted representations of passwords.
0c1482
 
0c1482
 Add the following line in "/etc/pam.d/system-auth":
0c1482
 pam_unix.so sha512 shadow try_first_pass use_authtok
0c1482
@@ -661,7 +661,7 @@ Check for the value of the "minlen" option in "/etc/security/pwquality.conf" wit
0c1482
 # grep minlen /etc/security/pwquality.conf
0c1482
 minlen = 15
0c1482
 
0c1482
-If the command does not return a "minlen" value of 15 or greater, this is a finding.</check-content></check></Rule></Group><Group id="V-204424"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204424r603261_rule" weight="10.0" severity="high"><version>RHEL-07-010290</version><title>The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords.</title><description><VulnDiscussion>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71937</ident><ident system="http://cyber.mil/legacy">SV-86561</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4548r88465_fix">If an account is configured for password authentication but does not have an assigned password, it may be possible to log on to the account without authenticating.
0c1482
+If the command does not return a "minlen" value of 15 or greater, this is a finding.</check-content></check></Rule></Group><Group id="V-204424"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204424r809187_rule" weight="10.0" severity="high"><version>RHEL-07-010290</version><title>The Red Hat Enterprise Linux operating system must not allow accounts configured with blank or null passwords.</title><description><VulnDiscussion>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71937</ident><ident system="http://cyber.mil/legacy">SV-86561</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4548r88465_fix">If an account is configured for password authentication but does not have an assigned password, it may be possible to log on to the account without authenticating.
0c1482
 
0c1482
 Remove any instances of the "nullok" option in "/etc/pam.d/system-auth" and "/etc/pam.d/password-auth" to prevent logons with empty passwords.
0c1482
 
0c1482
@@ -682,20 +682,21 @@ PermitEmptyPasswords no
0c1482
 
0c1482
 If no line, a commented line, or a line indicating the value "no" is returned, the required value is set.
0c1482
 
0c1482
-If the required value is not set, this is a finding.</check-content></check></Rule></Group><Group id="V-204426"><title>SRG-OS-000118-GPOS-00060</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204426r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-010310</version><title>The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires.</title><description><VulnDiscussion>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
0c1482
+If the required value is not set, this is a finding.</check-content></check></Rule></Group><Group id="V-204426"><title>SRG-OS-000118-GPOS-00060</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204426r809190_rule" weight="10.0" severity="medium"><version>RHEL-07-010310</version><title>The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires.</title><description><VulnDiscussion>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
0c1482
 
0c1482
-Operating systems need to track periods of inactivity and disable application identifiers after zero days of inactivity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86565</ident><ident system="http://cyber.mil/legacy">V-71941</ident><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-4550r88471_fix">Configure the operating system to disable account identifiers (individuals, groups, roles, and devices) after the password expires.
0c1482
+Operating systems need to track periods of inactivity and disable application identifiers after 35 days of inactivity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86565</ident><ident system="http://cyber.mil/legacy">V-71941</ident><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-4550r809189_fix">Configure the operating system to disable account identifiers (individuals, groups, roles, and devices) 35 days after the password expires.
0c1482
 
0c1482
 Add the following line to "/etc/default/useradd" (or modify the line to have the required value):
0c1482
 
0c1482
-INACTIVE=0</fixtext><fix id="F-4550r88471_fix" /><check system="C-4550r88470_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>If passwords are not being used for authentication, this is Not Applicable.
0c1482
+INACTIVE=35
0c1482
+DoD recommendation is 35 days, but a lower value is acceptable. The value "-1" will disable this feature, and "0" will disable the account immediately after the password expires.</fixtext><fix id="F-4550r809189_fix" /><check system="C-4550r809188_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>If passwords are not being used for authentication, this is Not Applicable.
0c1482
 
0c1482
 Verify the operating system disables account identifiers (individuals, groups, roles, and devices) after the password expires with the following command:
0c1482
 
0c1482
 # grep -i inactive /etc/default/useradd
0c1482
-INACTIVE=0
0c1482
+INACTIVE=35
0c1482
 
0c1482
-If the value is not set to "0", is commented out, or is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204427"><title>SRG-OS-000329-GPOS-00128</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204427r603824_rule" weight="10.0" severity="medium"><version>RHEL-07-010320</version><title>The Red Hat Enterprise Linux operating system must be configured to lock accounts for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe.</title><description><VulnDiscussion>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
0c1482
+If "INACTIVE" is set to "-1", a value greater than "35", is commented out, or is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204427"><title>SRG-OS-000329-GPOS-00128</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204427r603824_rule" weight="10.0" severity="medium"><version>RHEL-07-010320</version><title>The Red Hat Enterprise Linux operating system must be configured to lock accounts for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe.</title><description><VulnDiscussion>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
0c1482
 
0c1482
 Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-71943</ident><ident system="http://cyber.mil/legacy">SV-86567</ident><ident system="http://cyber.mil/cci">CCI-000044</ident><ident system="http://cyber.mil/cci">CCI-002236</ident><ident system="http://cyber.mil/cci">CCI-002237</ident><ident system="http://cyber.mil/cci">CCI-002238</ident><fixtext fixref="F-4551r622287_fix">Configure the operating system to lock an account for the maximum period when three unsuccessful logon attempts in 15 minutes are made.
0c1482
 
0c1482
@@ -1615,7 +1616,7 @@ Note: The example will be for a system that is configured to create users' home
0c1482
 
0c1482
 # grep <file> /home/*/.*
0c1482
 
0c1482
-If any local initialization files are found to reference world-writable files, this is a finding.</check-content></check></Rule></Group><Group id="V-204479"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204479r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-020900</version><title>The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification.</title><description><VulnDiscussion>If an unauthorized or modified device is allowed to exist on the system, there is the possibility the system may perform unintended or unauthorized operations.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72039</ident><ident system="http://cyber.mil/legacy">SV-86663</ident><ident system="http://cyber.mil/cci">CCI-000318</ident><ident system="http://cyber.mil/cci">CCI-000368</ident><ident system="http://cyber.mil/cci">CCI-001812</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><fixtext fixref="F-4603r88630_fix">Run the following command to determine which package owns the device file:
0c1482
+If any local initialization files are found to reference world-writable files, this is a finding.</check-content></check></Rule></Group><Group id="V-204479"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204479r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-020900</version><title>The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification.</title><description><VulnDiscussion>If an unauthorized or modified device is allowed to exist on the system, there is the possibility the system may perform unintended or unauthorized operations.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86663</ident><ident system="http://cyber.mil/legacy">V-72039</ident><ident system="http://cyber.mil/cci">CCI-000318</ident><ident system="http://cyber.mil/cci">CCI-000368</ident><ident system="http://cyber.mil/cci">CCI-001812</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><fixtext fixref="F-4603r88630_fix">Run the following command to determine which package owns the device file:
0c1482
 
0c1482
 # rpm -qf <filename>
0c1482
 
0c1482
@@ -2269,526 +2270,120 @@ The audit daemon must be restarted for the changes to take effect.</fixtext>
0c1482
 
0c1482
 If both the "b32" and "b64" audit rules for "SUID" files are not defined, this is a finding.
0c1482
 
0c1482
-If both the "b32" and "b64" audit rules for "SGID" files are not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204517"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204517r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030370</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chown syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86721</ident><ident system="http://cyber.mil/legacy">V-72097</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4641r462559_fix">Add or update the following rule in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4641r462559_fix" /><check system="C-4641r462558_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "chown" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw chown /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S chown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "chown" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204518"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204518r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030380</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchown syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86723</ident><ident system="http://cyber.mil/legacy">V-72099</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4642r462562_fix">Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4642r462562_fix" /><check system="C-4642r462561_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchown" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw fchown /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "fchown" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204519"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204519r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030390</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the lchown syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72101</ident><ident system="http://cyber.mil/legacy">SV-86725</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4643r462565_fix">Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4643r462565_fix" /><check system="C-4643r462564_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "lchown" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw lchown /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "lchown" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204520"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204520r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030400</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchownat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72103</ident><ident system="http://cyber.mil/legacy">SV-86727</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4644r462568_fix">Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4644r462568_fix" /><check system="C-4644r462567_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchownat" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw fchownat /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchownat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "fchownat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204521"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204521r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030410</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chmod syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86729</ident><ident system="http://cyber.mil/legacy">V-72105</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4645r462571_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "chmod" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4645r462571_fix" /><check system="C-4645r462570_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "chmod" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following command:
0c1482
-
0c1482
-# grep -iw chmod /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S chmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "chmod" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204522"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204522r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030420</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchmod syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86731</ident><ident system="http://cyber.mil/legacy">V-72107</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4646r462574_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fchmod" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4646r462574_fix" /><check system="C-4646r462573_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchmod" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following command:
0c1482
-
0c1482
-# grep -iw fchmod /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchmod -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "fchmod" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204523"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204523r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030430</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fchmodat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86733</ident><ident system="http://cyber.mil/legacy">V-72109</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4647r462577_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fchmodat" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4647r462577_fix" /><check system="C-4647r462576_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fchmodat" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following command:
0c1482
-
0c1482
-# grep -iw fchmodat /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "fchmodat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204524"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204524r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030440</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the setxattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86735</ident><ident system="http://cyber.mil/legacy">V-72111</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4648r462732_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "setxattr" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4648r462732_fix" /><check system="C-4648r462731_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "setxattr" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw setxattr /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S setxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "setxattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204525"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204525r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030450</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fsetxattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86737</ident><ident system="http://cyber.mil/legacy">V-72113</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4649r462580_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4649r462580_fix" /><check system="C-4649r462579_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw fsetxattr /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "fsetxattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204526"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204526r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030460</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the lsetxattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72115</ident><ident system="http://cyber.mil/legacy">SV-86739</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4650r462583_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4650r462583_fix" /><check system="C-4650r462582_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw lsetxattr /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S lsetxattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "lsetxattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204527"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204527r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030470</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the removexattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72117</ident><ident system="http://cyber.mil/legacy">SV-86741</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4651r462586_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "removexattr" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4651r462586_fix" /><check system="C-4651r462585_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "removexattr" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw removexattr /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S removexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "removexattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204528"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204528r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030480</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the fremovexattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86743</ident><ident system="http://cyber.mil/legacy">V-72119</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4652r462589_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4652r462589_fix" /><check system="C-4652r462588_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw fremovexattr /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S fremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "fremovexattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204529"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204529r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030490</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the lremovexattr syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72121</ident><ident system="http://cyber.mil/legacy">SV-86745</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4653r462592_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4653r462592_fix" /><check system="C-4653r462591_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw lremovexattr /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
--a always,exit -F arch=b64 -S lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "lremovexattr" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204530"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204530r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030500</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the creat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72123</ident><ident system="http://cyber.mil/legacy">SV-86747</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4654r462595_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "creat" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules:
0c1482
-
0c1482
--a always,exit -F arch=b32 -S creat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4654r462595_fix" /><check system="C-4654r462594_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "creat" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw creat /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S creat F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "creat" syscall, this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204531"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204531r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030510</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the open syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86749</ident><ident system="http://cyber.mil/legacy">V-72125</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4655r462598_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "open" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4655r462598_fix" /><check system="C-4655r462597_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "open" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw open /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "open" syscall, this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204532"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204532r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030520</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the openat syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72127</ident><ident system="http://cyber.mil/legacy">SV-86751</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4656r462601_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "openat" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4656r462601_fix" /><check system="C-4656r462600_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "openat" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw openat /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "openat" syscall, this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204533"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204533r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030530</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the open_by_handle_at syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86753</ident><ident system="http://cyber.mil/legacy">V-72129</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4657r462604_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4657r462604_fix" /><check system="C-4657r462603_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw open_by_handle_at /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "open_by_handle_at" syscall, this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204534"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204534r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030540</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the truncate syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86755</ident><ident system="http://cyber.mil/legacy">V-72131</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4658r462607_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "truncate" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4658r462607_fix" /><check system="C-4658r462606_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "truncate" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw truncate /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "truncate" syscall, this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
0c1482
-
0c1482
-If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204535"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204535r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030550</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the ftruncate syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72133</ident><ident system="http://cyber.mil/legacy">SV-86757</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4659r462610_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "ftruncate" syscall occur.
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4659r462610_fix" /><check system="C-4659r462609_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "ftruncate" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw ftruncate /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
-
0c1482
--a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
+If both the "b32" and "b64" audit rules for "SGID" files are not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-204517"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204517r809570_rule" weight="10.0" severity="medium"><version>RHEL-07-030370</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat, and lchown syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
+
0c1482
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
+
0c1482
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
+
0c1482
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
0c1482
+
0c1482
+Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000392-GPOS-00172, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86721</ident><ident system="http://cyber.mil/legacy">V-72097</ident><ident system="http://cyber.mil/cci">CCI-000126</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4641r809192_fix">Add or update the following rule in "/etc/audit/rules.d/audit.rules":
0c1482
 
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "ftruncate" syscall, this is a finding.
0c1482
+-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
 
0c1482
-If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
0c1482
+-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
 
0c1482
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4641r809192_fix" /><check system="C-4641r809569_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "chown", "fchown", "fchownat", and "lchown" syscalls.
0c1482
+
0c1482
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
+
0c1482
+# grep chown /etc/audit/audit.rules
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+If both the "b32" and "b64" audit rules are not defined for the "chown", "fchown", "fchownat", and "lchown" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204521"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204521r809772_rule" weight="10.0" severity="medium"><version>RHEL-07-030410</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the chmod, fchmod, and fchmodat syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
+
0c1482
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
+
0c1482
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
+
0c1482
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
0c1482
+
0c1482
+Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86729</ident><ident system="http://cyber.mil/legacy">V-72105</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4645r809771_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "chmod", "fchmod", and "fchmodat" syscalls.
0c1482
+
0c1482
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4645r809771_fix" /><check system="C-4645r809571_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "chmod", "fchmod", and "fchmodat" syscalls.
0c1482
+
0c1482
+Check the file system rules in "/etc/audit/audit.rules" with the following command:
0c1482
+
0c1482
+# grep chmod /etc/audit/audit.rules
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+If both the "b32" and "b64" audit rules are not defined for the "chmod", "fchmod", and "fchmodat" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204524"><title>SRG-OS-000458-GPOS-00203</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204524r809775_rule" weight="10.0" severity="medium"><version>RHEL-07-030440</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
+
0c1482
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
+
0c1482
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
+
0c1482
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
0c1482
+
0c1482
+Satisfies: SRG-OS-000458-GPOS-00203, SRG-OS-000392-GPOS-00172, SRG-OS-000064-GPOS-00033</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86735</ident><ident system="http://cyber.mil/legacy">V-72111</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4648r809774_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls.
0c1482
+
0c1482
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4648r809774_fix" /><check system="C-4648r809773_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls.
0c1482
+
0c1482
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
+
0c1482
+# grep xattr /etc/audit/audit.rules
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod
0c1482
+
0c1482
+If both the "b32" and "b64" audit rules are not defined for the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204531"><title>SRG-OS-000064-GPOS-00033</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204531r809815_rule" weight="10.0" severity="medium"><version>RHEL-07-030510</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
+
0c1482
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
+
0c1482
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
+
0c1482
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
0c1482
+
0c1482
+Satisfies: SRG-OS-000064-GPOS-00033, SRG-OS-000458-GPOS-00203, SRG-OS-000461-GPOS-00205, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86749</ident><ident system="http://cyber.mil/legacy">V-72125</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4655r809814_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls.
0c1482
+
0c1482
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4655r809814_fix" /><check system="C-4655r809812_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls.
0c1482
+
0c1482
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
+
0c1482
+# grep 'open\|truncate\|creat' /etc/audit/audit.rules
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access
0c1482
+
0c1482
+If both the "b32" and "b64" audit rules are not defined for the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls, this is a finding.
0c1482
+
0c1482
+If the output does not produce rules containing "-F exit=-EPERM", this is a finding.
0c1482
+
0c1482
 If the output does not produce rules containing "-F exit=-EACCES", this is a finding.</check-content></check></Rule></Group><Group id="V-204536"><title>SRG-OS-000392-GPOS-00172</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204536r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030560</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the semanage command.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
0c1482
 
0c1482
 Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
@@ -3273,51 +2868,31 @@ Check the auditing rules in "/etc/audit/audit.rules" with the following command:
0c1482
 
0c1482
 -a always,exit -F arch=b64 -S create_module -k module-change
0c1482
 
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "create_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204560"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204560r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030820</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the init_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. 
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-Satisfies: SRG-OS-000471-GPOS-00216, SRG-OS-000477-GPOS-00222</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72187</ident><ident system="http://cyber.mil/legacy">SV-86811</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4684r88873_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "init_module" syscall occur. 
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S init_module -k module-change
0c1482
-
0c1482
--a always,exit -F arch=b64 -S init_module -k module-change
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4684r88873_fix" /><check system="C-4684r88872_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "init_module" syscall occur. 
0c1482
-
0c1482
-Check the auditing rules in "/etc/audit/audit.rules" with the following command:
0c1482
-
0c1482
-# grep -iw init_module /etc/audit/audit.rules 
0c1482
-
0c1482
--a always,exit -F arch=b32 -S init_module -k module-change
0c1482
-
0c1482
--a always,exit -F arch=b64 -S init_module -k module-change
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "init_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204561"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204561r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030821</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the finit_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. 
0c1482
-
0c1482
-Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
-
0c1482
-Satisfies: SRG-OS-000471-GPOS-00216, SRG-OS-000477-GPOS-00222</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-79001</ident><ident system="http://cyber.mil/legacy">SV-93707</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4685r88876_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "finit_module" syscall occur. 
0c1482
-
0c1482
-Add or update the following rules in "/etc/audit/rules.d/audit.rules": 
0c1482
-
0c1482
--a always,exit -F arch=b32 -S finit_module -k module-change
0c1482
-
0c1482
--a always,exit -F arch=b64 -S finit_module -k module-change
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4685r88876_fix" /><check system="C-4685r88875_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "finit_module" syscall occur. 
0c1482
-
0c1482
-Check the auditing rules in "/etc/audit/audit.rules" with the following command:
0c1482
-
0c1482
-# grep -iw finit_module /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S finit_module -k module-change
0c1482
-
0c1482
--a always,exit -F arch=b64 -S finit_module -k module-change
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "finit_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204562"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204562r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030830</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the delete_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. 
0c1482
+If both the "b32" and "b64" audit rules are not defined for the "create_module" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204560"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204560r809822_rule" weight="10.0" severity="medium"><version>RHEL-07-030820</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the init_module and finit_module syscalls.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. 
0c1482
+
0c1482
+Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
+
0c1482
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
0c1482
+
0c1482
+Satisfies: SRG-OS-000471-GPOS-00216, SRG-OS-000477-GPOS-00222</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72187</ident><ident system="http://cyber.mil/legacy">SV-86811</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><fixtext fixref="F-4684r809821_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "init_module" and "finit_module" syscalls. 
0c1482
+
0c1482
+Add or update the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S init_module,finit_module -k modulechange
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S init_module,finit_module -k modulechange
0c1482
+
0c1482
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4684r809821_fix" /><check system="C-4684r809816_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "init_module" and "finit_module" syscalls. 
0c1482
+
0c1482
+Check the auditing rules in "/etc/audit/audit.rules" with the following command:
0c1482
+
0c1482
+# grep init_module /etc/audit/audit.rules 
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S init_module,finit_module -k modulechange
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S init_module,finit_module -k modulechange
0c1482
+
0c1482
+If both the "b32" and "b64" audit rules are not defined for the "init_module" and "finit_module" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204562"><title>SRG-OS-000471-GPOS-00216</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204562r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030830</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the delete_module syscall.</title><description><VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. 
0c1482
 
0c1482
 Audit records can be generated from various components within the information system (e.g., module or policy filter).
0c1482
 
0c1482
@@ -3442,117 +3017,31 @@ Check the auditing rules in "/etc/audit/audit.rules" with the following command:
0c1482
 
0c1482
 -w /etc/security/opasswd -p wa -k identity
0c1482
 
0c1482
-If the command does not return a line, or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204569"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204569r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030880</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the rename syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86823</ident><ident system="http://cyber.mil/legacy">V-72199</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4693r462676_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "rename" syscall occur.
0c1482
-
0c1482
-Add the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S rename -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S rename -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4693r462676_fix" /><check system="C-4693r462675_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "rename" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw rename /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S rename -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S rename -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "rename" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204570"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204570r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030890</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the renameat syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86825</ident><ident system="http://cyber.mil/legacy">V-72201</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4694r462679_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "renameat" syscall occur.
0c1482
-
0c1482
-Add the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S renameat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S renameat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4694r462679_fix" /><check system="C-4694r462678_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "renameat" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw renameat /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S renameat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S renameat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "renameat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204571"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204571r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030900</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the rmdir syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72203</ident><ident system="http://cyber.mil/legacy">SV-86827</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4695r462682_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "rmdir" syscall occur.
0c1482
-
0c1482
-Add the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4695r462682_fix" /><check system="C-4695r462681_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "rmdir" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw rmdir /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "rmdir" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204572"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204572r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030910</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the unlink syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72205</ident><ident system="http://cyber.mil/legacy">SV-86829</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4696r462685_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "unlink" syscall occur.
0c1482
-
0c1482
-Add the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S unlink -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S unlink -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4696r462685_fix" /><check system="C-4696r462684_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "unlink" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw unlink /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S unlink -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S unlink -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "unlink" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204573"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204573r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-030920</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the unlinkat syscall.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
0c1482
-
0c1482
-When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
-
0c1482
-Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72207</ident><ident system="http://cyber.mil/legacy">SV-86831</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4697r462688_fix">Configure the operating system to generate audit records when successful/unsuccessful attempts to use the "unlinkat" syscall occur.
0c1482
-
0c1482
-Add the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
-
0c1482
--a always,exit -F arch=b32 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4697r462688_fix" /><check system="C-4697r462687_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to use the "unlinkat" syscall occur.
0c1482
-
0c1482
-Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
-
0c1482
-# grep -iw unlinkat /etc/audit/audit.rules
0c1482
-
0c1482
--a always,exit -F arch=b32 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
--a always,exit -F arch=b64 -S unlinkat -F auid>=1000 -F auid!=unset -k delete
0c1482
-
0c1482
-If both the "b32" and "b64" audit rules are not defined for the "unlinkat" syscall, this is a finding.</check-content></check></Rule></Group><Group id="V-204574"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204574r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-031000</version><title>The Red Hat Enterprise Linux operating system must send rsyslog output to a log aggregation server.</title><description><VulnDiscussion>Sending rsyslog output to another system ensures that the logs cannot be removed or modified in the event that the system is compromised or has a hardware failure.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86833</ident><ident system="http://cyber.mil/legacy">V-72209</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4698r88915_fix">Modify the "/etc/rsyslog.conf" or an "/etc/rsyslog.d/*.conf" file to contain a configuration line to send all "rsyslog" output to a log aggregation system:
0c1482
+If the command does not return a line, or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204572"><title>SRG-OS-000466-GPOS-00210</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204572r809825_rule" weight="10.0" severity="medium"><version>RHEL-07-030910</version><title>The Red Hat Enterprise Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls.</title><description><VulnDiscussion>If the system is not configured to audit certain activities and write them to an audit log, it is more difficult to detect and track system compromises and damages incurred during a system compromise.
0c1482
+
0c1482
+When a user logs on, the auid is set to the uid of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to -1. The auid representation is an unsigned 32-bit integer, which equals 4294967295. The audit system interprets -1, 4294967295, and "unset" in the same way.
0c1482
+
0c1482
+The system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.
0c1482
+
0c1482
+Satisfies: SRG-OS-000466-GPOS-00210, SRG-OS-000467-GPOS-00211, SRG-OS-000468-GPOS-00212, SRG-OS-000392-GPOS-00172</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72205</ident><ident system="http://cyber.mil/legacy">SV-86829</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-4696r809824_fix">Configure the operating system to generate audit records upon successful/unsuccessful attempts to use the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls.
0c1482
+
0c1482
+Add the following rules in "/etc/audit/rules.d/audit.rules":
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
+
0c1482
+The audit daemon must be restarted for the changes to take effect.</fixtext><fix id="F-4696r809824_fix" /><check system="C-4696r809823_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records upon successful/unsuccessful attempts to use the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls.
0c1482
+
0c1482
+Check the file system rules in "/etc/audit/audit.rules" with the following commands:
0c1482
+
0c1482
+# grep 'unlink\|rename\|rmdir' /etc/audit/audit.rules
0c1482
+
0c1482
+-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
+
0c1482
+-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete
0c1482
+
0c1482
+If both the "b32" and "b64" audit rules are not defined for the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls, this is a finding.</check-content></check></Rule></Group><Group id="V-204574"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204574r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-031000</version><title>The Red Hat Enterprise Linux operating system must send rsyslog output to a log aggregation server.</title><description><VulnDiscussion>Sending rsyslog output to another system ensures that the logs cannot be removed or modified in the event that the system is compromised or has a hardware failure.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86833</ident><ident system="http://cyber.mil/legacy">V-72209</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-4698r88915_fix">Modify the "/etc/rsyslog.conf" or an "/etc/rsyslog.d/*.conf" file to contain a configuration line to send all "rsyslog" output to a log aggregation system:
0c1482
 *.* @@<log aggregation system name></fixtext><fix id="F-4698r88915_fix" /><check system="C-4698r88914_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify "rsyslog" is configured to send all messages to a log aggregation server.
0c1482
 
0c1482
 Check the configuration of "rsyslog" with the following command:
0c1482
@@ -4119,15 +3608,15 @@ Check that the SSH daemon performs compression after a user successfully authent
0c1482
 # grep -i compression /etc/ssh/sshd_config
0c1482
 Compression delayed
0c1482
 
0c1482
-If the "Compression" keyword is set to "yes", is missing, or the returned line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204603"><title>SRG-OS-000355-GPOS-00143</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204603r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-040500</version><title>The Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).</title><description><VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
0c1482
+If the "Compression" keyword is set to "yes", is missing, or the returned line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204603"><title>SRG-OS-000355-GPOS-00143</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204603r809230_rule" weight="10.0" severity="medium"><version>RHEL-07-040500</version><title>The Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).</title><description><VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
0c1482
 
0c1482
 Synchronizing internal information system clocks provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.
0c1482
 
0c1482
 Organizations should consider endpoints that may not have regular access to the authoritative time server (e.g., mobile, teleworking, and tactical endpoints).
0c1482
 
0c1482
-Satisfies: SRG-OS-000355-GPOS-00143, SRG-OS-000356-GPOS-00144</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72269</ident><ident system="http://cyber.mil/legacy">SV-86893</ident><ident system="http://cyber.mil/cci">CCI-001891</ident><ident system="http://cyber.mil/cci">CCI-002046</ident><fixtext fixref="F-4727r89002_fix">Edit the "/etc/ntp.conf" or "/etc/chrony.conf" file and add or update an entry to define "maxpoll" to "10" as follows:
0c1482
+Satisfies: SRG-OS-000355-GPOS-00143, SRG-OS-000356-GPOS-00144</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-72269</ident><ident system="http://cyber.mil/legacy">SV-86893</ident><ident system="http://cyber.mil/cci">CCI-001891</ident><ident system="http://cyber.mil/cci">CCI-002046</ident><fixtext fixref="F-4727r809210_fix">Edit the "/etc/ntp.conf" or "/etc/chrony.conf" file and add or update an entry to define "maxpoll" to "16" as follows:
0c1482
 
0c1482
-server 0.rhel.pool.ntp.org iburst maxpoll 10
0c1482
+server 0.rhel.pool.ntp.org iburst maxpoll 16
0c1482
 
0c1482
 If NTP was running and "maxpoll" was updated, the NTP service must be restarted:
0c1482
 
0c1482
@@ -4143,7 +3632,7 @@ If "chronyd" was running and "maxpoll" was updated, the service must be restarte
0c1482
 
0c1482
 If "chronyd" was not running, it must be started:
0c1482
 
0c1482
-# systemctl start chronyd.service</fixtext><fix id="F-4727r89002_fix" /><check system="C-4727r89001_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Check to see if NTP is running in continuous mode:
0c1482
+# systemctl start chronyd.service</fixtext><fix id="F-4727r809210_fix" /><check system="C-4727r809209_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Check to see if NTP is running in continuous mode:
0c1482
 
0c1482
 # ps -ef | grep ntp
0c1482
 
0c1482
@@ -4157,9 +3646,9 @@ If the NTP process is found, then check the "ntp.conf" file for the "maxpoll" op
0c1482
 
0c1482
 # grep maxpoll /etc/ntp.conf
0c1482
 
0c1482
-server 0.rhel.pool.ntp.org iburst maxpoll 10
0c1482
+server 0.rhel.pool.ntp.org iburst maxpoll 16
0c1482
 
0c1482
-If the option is set to "17" or is not set, this is a finding.
0c1482
+If the "maxpoll" option is set to a number greater than 16 or the line is commented out, this is a finding.
0c1482
 
0c1482
 If the file does not exist, check the "/etc/cron.daily" subdirectory for a crontab file controlling the execution of the "ntpd -q" command.
0c1482
 
0c1482
@@ -4174,7 +3663,7 @@ If the "chronyd" process is found, then check the "chrony.conf" file for the "ma
0c1482
 
0c1482
 # grep maxpoll /etc/chrony.conf
0c1482
 
0c1482
-server 0.rhel.pool.ntp.org iburst maxpoll 10
0c1482
+server 0.rhel.pool.ntp.org iburst maxpoll 16
0c1482
 
0c1482
 If the option is not set or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-204604"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-204604r603261_rule" weight="10.0" severity="medium"><version>RHEL-07-040520</version><title>The Red Hat Enterprise Linux operating system must enable an application firewall, if available.</title><description><VulnDiscussion>Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.
0c1482
 
0c1482
@@ -4919,11 +4408,11 @@ $ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*
0c1482
 
0c1482
 If the either of the following entries are returned, this is a finding:
0c1482
 ALL     ALL=(ALL) ALL
0c1482
-ALL     ALL=(ALL:ALL) ALL</check-content></check></Rule></Group><Group id="V-237634"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237634r646853_rule" weight="10.0" severity="medium"><version>RHEL-07-010342</version><title>The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using "sudo".</title><description><VulnDiscussion>The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
0c1482
+ALL     ALL=(ALL:ALL) ALL</check-content></check></Rule></Group><Group id="V-237634"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237634r809213_rule" weight="10.0" severity="medium"><version>RHEL-07-010342</version><title>The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using "sudo".</title><description><VulnDiscussion>The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
0c1482
 For more information on each of the listed configurations, reference the sudoers(5) manual page.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002227</ident><fixtext fixref="F-40816r646852_fix">Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:
0c1482
 Defaults !targetpw
0c1482
 Defaults !rootpw
0c1482
-Defaults !runaspw</fixtext><fix id="F-40816r646852_fix" /><check system="C-40853r646851_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
0c1482
+Defaults !runaspw</fixtext><fix id="F-40816r646852_fix" /><check system="C-40853r809212_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
0c1482
 
0c1482
 $ sudo egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#'
0c1482
 
0c1482
@@ -4931,10 +4420,11 @@ $ sudo egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | g
0c1482
 /etc/sudoers:Defaults !rootpw
0c1482
 /etc/sudoers:Defaults !runaspw
0c1482
 
0c1482
-If no results are returned, this is a finding
0c1482
+If no results are returned, this is a finding.
0c1482
+If results are returned from more than one file location, this is a finding.
0c1482
 If "Defaults !targetpw" is not defined, this is a finding.
0c1482
 If "Defaults !rootpw" is not defined, this is a finding.
0c1482
-If "Defaults !runaspw" is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-237635"><title>SRG-OS-000373-GPOS-00156</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237635r792836_rule" weight="10.0" severity="medium"><version>RHEL-07-010343</version><title>The Red Hat Enterprise Linux operating system must require re-authentication when using the "sudo" command.</title><description><VulnDiscussion>Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
0c1482
+If "Defaults !runaspw" is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-237635"><title>SRG-OS-000373-GPOS-00156</title><description><GroupDescription></GroupDescription></description><Rule id="SV-237635r809215_rule" weight="10.0" severity="medium"><version>RHEL-07-010343</version><title>The Red Hat Enterprise Linux operating system must require re-authentication when using the "sudo" command.</title><description><VulnDiscussion>Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
0c1482
 
0c1482
 When operating systems provide the capability to escalate a functional capability, it is critical the organization requires the user to re-authenticate when using the "sudo" command.
0c1482
 
0c1482
@@ -4944,11 +4434,13 @@ $ sudo visudo
0c1482
 
0c1482
 Add or modify the following line:
0c1482
 Defaults timestamp_timeout=[value]
0c1482
-Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-40817r646855_fix" /><check system="C-40854r792835_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
0c1482
+Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-40817r646855_fix" /><check system="C-40854r809214_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
0c1482
 
0c1482
 $ sudo grep -i 'timestamp_timeout' /etc/sudoers /etc/sudoers.d/*
0c1482
 /etc/sudoers:Defaults timestamp_timeout=0
0c1482
 
0c1482
+If results are returned from more than one file location, this is a finding.
0c1482
+
0c1482
 If "timestamp_timeout" is set to a negative number, is commented out, or no results are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-244557"><title>SRG-OS-000080-GPOS-00048</title><description><GroupDescription></GroupDescription></description><Rule id="SV-244557r792838_rule" weight="10.0" severity="medium"><version>RHEL-07-010483</version><title>Red Hat Enterprise Linux operating systems version 7.2 or newer booted with a BIOS must have a unique name for the grub superusers account when booting into single-user and maintenance modes.</title><description><VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
0c1482
 The GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-47789r744062_fix">Configure the system to have a unique name for the grub superusers account.
0c1482
 
0c1482
@@ -5029,19 +4521,80 @@ Check the SELinux ssh_sysadm_login boolean with the following command:
0c1482
 $ sudo getsebool ssh_sysadm_login
0c1482
 ssh_sysadm_login --> off
0c1482
 
0c1482
-If the "ssh_sysadm_login" boolean is not "off" and is not documented with the ISSO as an operational requirement, this is a finding.</check-content></check></Rule></Group><Group id="V-250314"><title>SRG-OS-000324-GPOS-00125</title><description><GroupDescription></GroupDescription></description><Rule id="SV-250314r792849_rule" weight="10.0" severity="medium"><version>RHEL-07-020023</version><title>The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command.</title><description><VulnDiscussion>Preventing non-privileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.
0c1482
+If the "ssh_sysadm_login" boolean is not "off" and is not documented with the ISSO as an operational requirement, this is a finding.</check-content></check></Rule></Group><Group id="V-250314"><title>SRG-OS-000324-GPOS-00125</title><description><GroupDescription></GroupDescription></description><Rule id="SV-250314r809217_rule" weight="10.0" severity="medium"><version>RHEL-07-020023</version><title>The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command.</title><description><VulnDiscussion>Preventing non-privileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.
0c1482
 
0c1482
 Privileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Non-privileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from non-privileged users.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002165</ident><ident system="http://cyber.mil/cci">CCI-002235</ident><fixtext fixref="F-53702r792848_fix">Configure the operating system to elevate the SELinux context when an administrator calls the sudo command.
0c1482
 Edit a file in the /etc/sudoers.d directory with the following command:
0c1482
 $ sudo visudo -f /etc/sudoers.d/<customfile>
0c1482
 
0c1482
 Use the following example to build the <customfile> in the /etc/sudoers.d directory to allow any administrator belonging to a designated sudoers admin group to elevate their SELinux context with the use of the sudo command:
0c1482
-%wheel ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL</fixtext><fix id="F-53702r792848_fix" /><check system="C-53748r792847_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Note: Per OPORD 16-0080, the preferred endpoint security tool is Endpoint Security for Linux (ENSL) in conjunction with SELinux.
0c1482
+%wheel ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL</fixtext><fix id="F-53702r792848_fix" /><check system="C-53748r809216_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Note: Per OPORD 16-0080, the preferred endpoint security tool is Endpoint Security for Linux (ENSL) in conjunction with SELinux.
0c1482
 
0c1482
 Verify the operating system elevates the SELinux context when an administrator calls the sudo command with the following command:
0c1482
 
0c1482
 This command must be ran as root:
0c1482
-# grep sysadm_r /etc/sudoers.d/*
0c1482
+# grep sysadm_r /etc/sudoers /etc/sudoers.d/*
0c1482
 %wheel ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL
0c1482
 
0c1482
-If a designated sudoers administrator group or account(s) is not configured to elevate the SELinux type and role to "sysadm_t" and "sysadm_r" with the use of the sudo command, this is a finding.</check-content></check></Rule></Group></Benchmark>
0c1482
\ No newline at end of file
0c1482
+If results are returned from more than one file location, this is a finding.
0c1482
+
0c1482
+If a designated sudoers administrator group or account(s) is not configured to elevate the SELinux type and role to "sysadm_t" and "sysadm_r" with the use of the sudo command, this is a finding.</check-content></check></Rule></Group><Group id="V-251702"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251702r809220_rule" weight="10.0" severity="high"><version>RHEL-07-010291</version><title>The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords.</title><description><VulnDiscussion>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-55093r809219_fix">Configure all accounts on the system to have a password or lock the account with the following commands:
0c1482
+
0c1482
+Perform a password reset:
0c1482
+$ sudo passwd [username]
0c1482
+Lock an account:
0c1482
+$ sudo passwd -l [username]</fixtext><fix id="F-55093r809219_fix" /><check system="C-55139r809218_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Check the "/etc/shadow" file for blank passwords with the following command:
0c1482
+
0c1482
+$ sudo awk -F: '!$2 {print $1}' /etc/shadow
0c1482
+
0c1482
+If the command returns any results, this is a finding.</check-content></check></Rule></Group><Group id="V-251703"><title>SRG-OS-000480-GPOS-00227</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251703r809566_rule" weight="10.0" severity="medium"><version>RHEL-07-010339</version><title>The Red Hat Enterprise Linux operating system must specify the default "include" directory for the /etc/sudoers file.</title><description><VulnDiscussion>The "sudo" command allows authorized users to run programs (including shells) as other users, system users, and root. The "/etc/sudoers" file is used to configure authorized "sudo" users as well as the programs they are allowed to run. Some configuration options in the "/etc/sudoers" file allow configured users to run programs without re-authenticating. Use of these configuration options makes it easier for one compromised account to be used to compromise other accounts.
0c1482
+
0c1482
+It is possible to include other sudoers files from within the sudoers file currently being parsed using the #include and #includedir directives. When sudo reaches this line it will suspend processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are included may themselves include other files. A hard limit of 128 nested include files is enforced to prevent include file loops.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-55094r809222_fix">Configure the /etc/sudoers file to only include the /etc/sudoers.d directory.
0c1482
+
0c1482
+Edit the /etc/sudoers file with the following command:
0c1482
+
0c1482
+$ sudo visudo
0c1482
+
0c1482
+Add or modify the following line:
0c1482
+#includedir /etc/sudoers.d</fixtext><fix id="F-55094r809222_fix" /><check system="C-55140r809221_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system specifies only the default "include" directory for the /etc/sudoers file with the following command:
0c1482
+
0c1482
+$ sudo grep include /etc/sudoers
0c1482
+
0c1482
+#includedir /etc/sudoers.d
0c1482
+
0c1482
+If the results are not "/etc/sudoers.d" or additional files or directories are specified, this is a finding.
0c1482
+
0c1482
+Verify the operating system does not have nested "include" files or directories within the /etc/sudoers.d directory with the following command:
0c1482
+
0c1482
+$ sudo grep include /etc/sudoers.d/*
0c1482
+
0c1482
+If results are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-251704"><title>SRG-OS-000373-GPOS-00156</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251704r809568_rule" weight="10.0" severity="medium"><version>RHEL-07-010344</version><title>The Red Hat Enterprise Linux operating system must not be configured to bypass password requirements for privilege escalation.</title><description><VulnDiscussion>Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
0c1482
+
0c1482
+When operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate.
0c1482
+
0c1482
+Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002038</ident><fixtext fixref="F-55095r809567_fix">Configure the operating system to require users to supply a password for privilege escalation.
0c1482
+
0c1482
+Check the configuration of the "/etc/ pam.d/sudo" file with the following command:
0c1482
+$ sudo vi /etc/pam.d/sudo
0c1482
+
0c1482
+Remove any occurrences of "pam_succeed_if" in the file.</fixtext><fix id="F-55095r809567_fix" /><check system="C-55141r809224_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the operating system is not be configured to bypass password requirements for privilege escalation.
0c1482
+
0c1482
+Check the configuration of the "/etc/pam.d/sudo" file with the following command:
0c1482
+
0c1482
+$ sudo grep pam_succeed_if /etc/pam.d/sudo
0c1482
+
0c1482
+If any occurrences of "pam_succeed_if" is returned from the command, this is a finding.</check-content></check></Rule></Group><Group id="V-251705"><title>SRG-OS-000445-GPOS-00199</title><description><GroupDescription></GroupDescription></description><Rule id="SV-251705r809229_rule" weight="10.0" severity="medium"><version>RHEL-07-020029</version><title>The Red Hat Enterprise Linux operating system must use a file integrity tool to verify correct operation of all security functions.</title><description><VulnDiscussion>Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
0c1482
+
0c1482
+This requirement applies to the Red Hat Enterprise Linux operating system performing security function verification/testing and/or systems and environments that require this functionality.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002696</ident><fixtext fixref="F-55096r809228_fix">Install the AIDE package by running the following command:
0c1482
+
0c1482
+$ sudo yum install aide</fixtext><fix id="F-55096r809228_fix" /><check system="C-55142r809227_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.
0c1482
+
0c1482
+Check that the AIDE package is installed with the following command:
0c1482
+
0c1482
+$ sudo rpm -q aide
0c1482
+
0c1482
+aide-0.16-14.el8.x86_64
0c1482
+
0c1482
+If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system. 
0c1482
+
0c1482
+If there is no application installed to perform integrity checks, this is a finding.</check-content></check></Rule></Group></Benchmark>
0c1482
\ No newline at end of file