[BESAdmin-Announcements] BigFix Compliance Updated CIS Checklist for RHEL 9 with bug fixes, published 2024-07-02

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Tue Jul 2 15:14:36 PDT 2024 

*Product:*
BigFix Compliance

*Title:*
Updated CIS Red Hat Enterprise Linux 9 with bug fixes.

*Security Benchmark:*
CIS Red Hat Enterprise Linux 9 Benchmark, v1.0.0

*Published Sites:*
CIS Checklist for RHEL 9, site version
(The site version is provided for air-gap customers.)

*Details:*

·      Fixed and Improved implementation for the following check:

4.1.1.2 - Ensure auditing for processes that start prior to auditd is
enabled

4.1.1.3 - Ensure audit_backlog_limit is sufficient

3.3.7 - Ensure Reverse Path Filtering is enabled

1.1.2.1 - Ensure /tmp is a separate partition

4.1.3.6 - Ensure use of privileged commands are collected

4.2.2.1.3 - Ensure systemd - journal - remote is enabled

4.2.2.5 - Ensure journald is not configured to send logs to rsyslog

5.2.7 - Ensure SSH root login is disabled

4.1.3.9 - Ensure discretionary access control permission modification
events are collected

6.1.9 - Ensure no world writable files exist

6.1.10 - Ensure no unowned files or directories exist

6.1.11 - Ensure no ungrouped files or directories exist

6.1.12 - Ensure sticky bit is set on all world - writable directories


*Actions to take:*

·       To subscribe to the above site, you can use the License Overview
Dashboard to enable and gather the site. Note that you must be entitled to
the BigFix Compliance product, and you must be using BigFix version 9.2 and
later.

·       If you use custom sites, update your custom sites accordingly to
use the latest content. You can synchronize your content by using the
Synchronize Custom Checks wizard. For more information, see Using the
Synchronize Custom Checks wizard
<https://help.hcltechsw.com/bigfix/10.0/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html>

*More information:*
To know more about the BigFix Compliance SCM checklists, please see the
following resources:

·       BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance

·       BigFix Compliance SCM Checklists:
Welcome to Wikis
<https://bigfix-wiki.hcltechsw.com/wikis/home?lang=en-us#!/wiki/BigFix%20Wiki/page/SCM%20Checklists>

We hope you find this latest release of SCM content useful and effective.
Thank you!

*– The BigFix Compliance team*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20240702/635f0630/attachment.html>

More information about the Besadmin-announcements mailing list