SRG-OS-000134-GPOS-00068 Controls

STIG ID Version Title Product
ALMA-09-041930 V1R1 AlmaLinux OS 9 must use a Linux Security Module configured to enforce limits on system services.
ALMA-09-042040 V1R1 AlmaLinux OS 9 must have the policycoreutils package installed.
OL08-00-010170 V2R2 OL 8 must use a Linux Security Module configured to enforce limits on system services.
OL08-00-010171 V2R2 OL 8 must have the "policycoreutils" package installed.
OL08-00-010421 V2R2 OL 8 must clear the page allocator to prevent use-after-free attacks.
OL08-00-010422 V2R2 OL 8 must disable virtual syscalls.
OL08-00-010423 V2R2 OL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.
RHEL-08-010170 V2R1 RHEL 8 must use a Linux Security Module configured to enforce limits on system services.
RHEL-08-010171 V2R1 RHEL 8 must have policycoreutils package installed.
RHEL-08-010421 V2R1 RHEL 8 must clear the page allocator to prevent use-after-free attacks.
RHEL-08-010422 V2R1 RHEL 8 must disable virtual syscalls.
RHEL-08-010423 V2R1 RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.
UBTU-18-010037 V2R15 The Ubuntu operating system must be configured so that only users who need access to security functions are part of the sudo group.
UBTU-20-010012 V2R1 The Ubuntu operating system must ensure only users who need access to security functions are part of sudo group.
UBTU-22-432015 V2R2 Ubuntu 22.04 LTS must ensure only users who need access to security functions are part of sudo group.
WN10-CC-000037 V3R2 Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems.
WN10-CC-000200 V3R2 Administrator accounts must not be enumerated during elevation.
WN10-SO-000250 V3R2 User Account Control must, at minimum, prompt administrators for consent on the secure desktop.
WN10-SO-000260 V3R2 User Account Control must be configured to detect application installations and prompt for elevation.
WN10-SO-000265 V3R2 User Account Control must only elevate UIAccess applications that are installed in secure locations.
WN10-SO-000275 V3R2 User Account Control must virtualize file and registry write failures to per-user locations.
WN11-CC-000037 V2R2 Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems.
WN11-CC-000200 V2R2 Administrator accounts must not be enumerated during elevation.
WN11-SO-000250 V2R2 User Account Control must prompt administrators for consent on the secure desktop.
WN11-SO-000260 V2R2 User Account Control must be configured to detect application installations and prompt for elevation.
WN11-SO-000265 V2R2 User Account Control must only elevate UIAccess applications that are installed in secure locations.
WN11-SO-000275 V2R2 User Account Control must virtualize file and registry write failures to per-user locations.
WN16-CC-000280 V2R9 Administrator accounts must not be enumerated during elevation.
WN16-MS-000020 V2R9 Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems.
WN16-SO-000470 V2R9 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop.
WN16-SO-000480 V2R9 User Account Control must, at a minimum, prompt administrators for consent on the secure desktop.
WN16-SO-000500 V2R9 User Account Control must be configured to detect application installations and prompt for elevation.
WN16-SO-000510 V2R9 User Account Control must only elevate UIAccess applications that are installed in secure locations.
WN16-SO-000530 V2R9 User Account Control must virtualize file and registry write failures to per-user locations.
WN19-CC-000240 V3R2 Windows Server 2019 administrator accounts must not be enumerated during elevation.
WN19-MS-000020 V3R2 Windows Server 2019 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers.
WN19-SO-000390 V3R2 Windows Server 2019 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop.
WN19-SO-000400 V3R2 Windows Server 2019 User Account Control must, at a minimum, prompt administrators for consent on the secure desktop.
WN19-SO-000420 V3R2 Windows Server 2019 User Account Control must be configured to detect application installations and prompt for elevation.
WN19-SO-000430 V3R2 Windows Server 2019 User Account Control (UAC) must only elevate UIAccess applications that are installed in secure locations.
WN19-SO-000450 V3R2 Windows Server 2019 User Account Control (UAC) must virtualize file and registry write failures to per-user locations.
WN22-CC-000240 V2R2 Windows Server 2022 administrator accounts must not be enumerated during elevation.
WN22-MS-000020 V2R2 Windows Server 2022 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers.
WN22-SO-000390 V2R2 Windows Server 2022 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop.
WN22-SO-000400 V2R2 Windows Server 2022 User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop.
WN22-SO-000420 V2R2 Windows Server 2022 User Account Control (UAC) must be configured to detect application installations and prompt for elevation.
WN22-SO-000430 V2R2 Windows Server 2022 User Account Control (UAC) must only elevate UIAccess applications that are installed in secure locations.
WN22-SO-000450 V2R2 Windows Server 2022 User Account Control (UAC) must virtualize file and registry write failures to per-user locations.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.