|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/C2S.profile scap-security-guide-0.1.40/rhel7/profiles/C2S.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/C2S.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/C2S.profile 2018-11-25 15:17:23.769888627 +0000
|
|
|
e59369 |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
e59369 |
title: 'C2S for Red Hat Enterprise Linux 7'
|
|
|
e59369 |
|
|
|
e59369 |
description: |-
|
|
|
e59369 |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
e59369 |
+
|
|
|
e59369 |
This profile demonstrates compliance against the
|
|
|
e59369 |
U.S. Government Commercial Cloud Services (C2S) baseline.
|
|
|
e59369 |
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/cjis.profile scap-security-guide-0.1.40/rhel7/profiles/cjis.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/cjis.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/cjis.profile 2018-11-25 15:29:55.671294215 +0000
|
|
|
e59369 |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
e59369 |
title: 'Criminal Justice Information Services (CJIS) Security Policy'
|
|
|
e59369 |
|
|
|
e59369 |
description: |-
|
|
|
e59369 |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
e59369 |
+
|
|
|
e59369 |
This profile is derived from FBI's CJIS v5.4
|
|
|
e59369 |
Security Policy. A copy of this policy can be found at the CJIS Security
|
|
|
e59369 |
Policy Resource Center:
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/hipaa.profile scap-security-guide-0.1.40/rhel7/profiles/hipaa.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/hipaa.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/hipaa.profile 2018-11-25 15:30:15.463278958 +0000
|
|
|
e59369 |
@@ -3,6 +3,8 @@ documentation_complete: True
|
|
|
e59369 |
title: 'Health Insurance Portability and Accountability Act (HIPAA)'
|
|
|
e59369 |
|
|
|
e59369 |
description: |-
|
|
|
e59369 |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
e59369 |
+
|
|
|
e59369 |
The HIPAA Security Rule establishes U.S. national standards to protect individuals’
|
|
|
e59369 |
electronic personal health information that is created, received, used, or
|
|
|
e59369 |
maintained by a covered entity. The Security Rule requires appropriate
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/nist-800-171-cui.profile scap-security-guide-0.1.40/rhel7/profiles/nist-800-171-cui.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/nist-800-171-cui.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/nist-800-171-cui.profile 2018-11-25 15:24:33.985542271 +0000
|
|
|
e59369 |
@@ -2,7 +2,9 @@ documentation_complete: true
|
|
|
e59369 |
|
|
|
e59369 |
title: 'Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)'
|
|
|
e59369 |
|
|
|
e59369 |
-description: "From NIST 800-171, Section 2.2:\nSecurity requirements for protecting the confidentiality of CUI in nonfederal\
|
|
|
e59369 |
+description: "**Not applicable to CentOS Linux, included for reference only** \n
|
|
|
e59369 |
+ \ \n
|
|
|
e59369 |
+ \ From NIST 800-171, Section 2.2:\nSecurity requirements for protecting the confidentiality of CUI in nonfederal\
|
|
|
e59369 |
\ \ninformation systems and organizations have a well-defined structure that \nconsists of:\n\n(i) a basic security requirements\
|
|
|
e59369 |
\ section;\n(ii) a derived security requirements section.\n\nThe basic security requirements are obtained from FIPS Publication\
|
|
|
e59369 |
\ 200, which\nprovides the high-level and fundamental security requirements for federal\ninformation and information systems.\
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/ospp42.profile scap-security-guide-0.1.40/rhel7/profiles/ospp42.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/ospp42.profile 2018-11-25 12:23:46.255295645 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/ospp42.profile 2018-11-25 15:19:26.088789033 +0000
|
|
|
e59369 |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
e59369 |
title: 'OSPP - Protection Profile for General Purpose Operating Systems v. 4.2'
|
|
|
e59369 |
|
|
|
e59369 |
description: |-
|
|
|
e59369 |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
e59369 |
+
|
|
|
e59369 |
This profile reflects mandatory configuration controls identified in the
|
|
|
e59369 |
NIAP Configuration Annex to the Protection Profile for General Purpose
|
|
|
e59369 |
Operating Systems (Protection Profile Version 4.2).
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/ospp.profile scap-security-guide-0.1.40/rhel7/profiles/ospp.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/ospp.profile 2018-11-25 12:23:46.255295645 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/ospp.profile 2018-11-25 15:21:23.225693654 +0000
|
|
|
e59369 |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
e59369 |
title: 'United States Government Configuration Baseline'
|
|
|
e59369 |
|
|
|
e59369 |
description: |-
|
|
|
e59369 |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
e59369 |
+
|
|
|
e59369 |
This compliance profile reflects the core set of security
|
|
|
e59369 |
related configuration settings for deployment of Red Hat Enterprise
|
|
|
e59369 |
Linux 7.x into U.S. Defense, Intelligence, and Civilian agencies.
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/pci-dss.profile scap-security-guide-0.1.40/rhel7/profiles/pci-dss.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/pci-dss.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/pci-dss.profile 2018-11-25 15:13:32.587076868 +0000
|
|
|
e59369 |
@@ -2,8 +2,10 @@ documentation_complete: true
|
|
|
e59369 |
|
|
|
e59369 |
title: 'PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7'
|
|
|
e59369 |
|
|
|
e59369 |
-description: 'Ensures PCI-DSS v3 related security configuration settings \n
|
|
|
e59369 |
- \ are applied.'
|
|
|
e59369 |
+description: "**Not applicable to CentOS Linux, included for reference only** \n
|
|
|
e59369 |
+ \ \n
|
|
|
e59369 |
+ \ Ensures PCI-DSS v3 related security configuration settings \n
|
|
|
e59369 |
+ \ are applied."
|
|
|
e59369 |
|
|
|
e59369 |
selections:
|
|
|
e59369 |
- var_password_pam_unix_remember=4
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/rht-ccp.profile scap-security-guide-0.1.40/rhel7/profiles/rht-ccp.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/rht-ccp.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/rht-ccp.profile 2018-11-25 15:04:16.105536090 +0000
|
|
|
e59369 |
@@ -2,10 +2,12 @@ documentation_complete: true
|
|
|
e59369 |
|
|
|
e59369 |
title: 'Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)'
|
|
|
e59369 |
|
|
|
e59369 |
-description: 'This profile contains the minimum security relevant \n
|
|
|
e59369 |
+description: "**Not applicable to CentOS Linux, included for reference only** \n
|
|
|
e59369 |
+ \ \n
|
|
|
e59369 |
+ \ This profile contains the minimum security relevant \n
|
|
|
e59369 |
\ configuration settings recommended by Red Hat, Inc for \n
|
|
|
e59369 |
\ Red Hat Enterprise Linux 7 instances deployed by Red Hat Certified \n
|
|
|
e59369 |
- \ Cloud Providers.'
|
|
|
e59369 |
+ \ Cloud Providers."
|
|
|
e59369 |
|
|
|
e59369 |
selections:
|
|
|
e59369 |
- var_selinux_state=enforcing
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/standard.profile scap-security-guide-0.1.40/rhel7/profiles/standard.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/standard.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/standard.profile 2018-11-25 15:18:14.952846958 +0000
|
|
|
e59369 |
@@ -3,6 +3,8 @@ documentation_complete: true
|
|
|
e59369 |
title: 'Standard System Security Profile for Red Hat Enterprise Linux 7'
|
|
|
e59369 |
|
|
|
e59369 |
description: |-
|
|
|
e59369 |
+ **Not applicable to CentOS Linux, included for reference only**
|
|
|
e59369 |
+
|
|
|
e59369 |
This profile contains rules to ensure standard security baseline
|
|
|
e59369 |
of a Red Hat Enterprise Linux 7 system. Regardless of your system's workload
|
|
|
e59369 |
all of these checks should pass.
|
|
|
e59369 |
diff -uNrp scap-security-guide-0.1.40.orig/rhel7/profiles/stig-rhel7-disa.profile scap-security-guide-0.1.40/rhel7/profiles/stig-rhel7-disa.profile
|
|
|
e59369 |
--- scap-security-guide-0.1.40.orig/rhel7/profiles/stig-rhel7-disa.profile 2018-07-25 12:50:14.000000000 +0000
|
|
|
e59369 |
+++ scap-security-guide-0.1.40/rhel7/profiles/stig-rhel7-disa.profile 2018-11-25 15:06:41.962411218 +0000
|
|
|
e59369 |
@@ -2,7 +2,9 @@ documentation_complete: true
|
|
|
e59369 |
|
|
|
e59369 |
title: 'DISA STIG for Red Hat Enterprise Linux 7'
|
|
|
e59369 |
|
|
|
e59369 |
-description: "This profile contains configuration checks that align to the \n
|
|
|
e59369 |
+description: "**Not applicable to CentOS Linux, included for reference only** \n
|
|
|
e59369 |
+ \ \n
|
|
|
e59369 |
+ \ This profile contains configuration checks that align to the \n
|
|
|
e59369 |
\ DISA STIG for Red Hat Enterprise Linux V1R4. \n
|
|
|
e59369 |
\ \n
|
|
|
e59369 |
\ In addition to being applicable to RHEL7, DISA recognizes this \n
|