Updated DISA STIG Checklist for RHEL 7, CentOS Linux 7 with bug fixes.
RHEL 7 STIG Version 2, Release 6
DISA STIG Checklist for RHEL 7, site version 12
(The site version is provided for air-gap customers.)
Fixed and improved implementation for the following checks:
- The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.
- The Red Hat Enterprise Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).
- The Red Hat Enterprise Linux operating system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords.
Actions to take:
• To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.
• If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://help.hcltechsw.com/bigfix/9.5/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html.
To know more about the BigFix Compliance SCM checklists, please see the following resources:
• BigFix Forum:
• BigFix Compliance SCM Checklists:
We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team