SRG-OS-000477-GPOS-00222 Controls

STIG ID Version Title Product
ALMA-09-046000 V1R2 Successful/unsuccessful uses of the init command in AlmaLinux OS 9 must generate an audit record.
ALMA-09-046220 V1R2 AlmaLinux OS 9 must generate audit records for any use of the "poweroff" command.
ALMA-09-046330 V1R2 AlmaLinux OS 9 must generate audit records for any use of the "reboot" command.
ALMA-09-046440 V1R2 AlmaLinux must generate audit records for any use of the "shutdown" command.
ALMA-09-046550 V1R2 AlmaLinux OS 9 must enable Linux audit logging for the USBGuard daemon.
ALMA-09-046660 V1R2 AlmaLinux OS 9 must audit all uses of the delete_module, init_module and finit_module system calls.
ALMA-09-049080 V1R2 AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/faillock.
OL09-00-000730 V1R1 OL 9 must be configured so that successful/unsuccessful uses of the init command generate an audit record.
OL09-00-000735 V1R1 OL 9 must be configured so that successful/unsuccessful uses of the poweroff command generate an audit record.
OL09-00-000740 V1R1 OL 9 must be configured so that successful/unsuccessful uses of the reboot command generate an audit record.
OL09-00-000745 V1R1 OL 9 must be configured so that successful/unsuccessful uses of the shutdown command generate an audit record.
RHEL-09-654185 V2R4 Successful/unsuccessful uses of the init command in RHEL 9 must generate an audit record.
RHEL-09-654190 V2R4 Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record.
RHEL-09-654195 V2R4 Successful/unsuccessful uses of the reboot command in RHEL 9 must generate an audit record.
RHEL-09-654200 V2R4 Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record.
UBTU-18-010387 V2R15 The Ubuntu operating system must generate records for successful/unsuccessful uses of init_module or finit_module syscalls.
UBTU-18-010388 V2R15 The Ubuntu operating system must generate records for successful/unsuccessful uses of delete_module syscall and when unloading dynamic kernel modules.
UBTU-18-010389 V2R15 The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use modprobe command.
UBTU-18-010391 V2R15 The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the kmod command.
UBTU-18-010392 V2R15 The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the fdisk command.
UBTU-20-010296 V2R1 The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use modprobe command.
UBTU-20-010297 V2R1 The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the kmod command.
UBTU-20-010298 V2R1 The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the fdisk command.
UBTU-22-654045 V2R4 Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use the fdisk command.
UBTU-22-654055 V2R4 Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use the kmod command.
UBTU-22-654060 V2R4 Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use modprobe command.
UBTU-24-900730 V1R1 Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to use modprobe command.
UBTU-24-900740 V1R1 Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to use the kmod command.
UBTU-24-900750 V1R1 Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to use the fdisk command.
WN10-AU-000120 V3R4 The system must be configured to audit System - IPSec Driver failures.
WN11-AU-000120 V2R3 The system must be configured to audit System - IPsec Driver failures.