From 64a40a241f20722fe8ad7eeae78229eff5101784 Mon Sep 17 00:00:00 2001 From: ComplianceAsCode development team Date: Wed, 7 Feb 2024 19:48:40 -0500 Subject: [PATCH] Updated tasks/main.yml --- tasks/main.yml | 284 +++++++++++++++---------------------------------- 1 file changed, 83 insertions(+), 201 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 4e9e503..5f25f13 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -152,7 +152,7 @@ tags: - CCE-82214-8 - NIST-800-53-CM-6(a) - - PCI-DSSv4-10.2.1.5 + - PCI-DSSv4-2.2.6 - enable_strategy - low_complexity - low_disruption @@ -300,7 +300,7 @@ tags: - CCE-83798-9 - PCI-DSS-Req-10.2.5 - - PCI-DSSv4-10.2.1.5 + - PCI-DSSv4-2.2.6 - low_complexity - low_disruption - medium_severity @@ -332,7 +332,7 @@ tags: - CCE-83798-9 - PCI-DSS-Req-10.2.5 - - PCI-DSSv4-10.2.1.5 + - PCI-DSSv4-2.2.6 - low_complexity - low_disruption - medium_severity @@ -341,7 +341,7 @@ - sudo_add_use_pty - name: Find /etc/sudoers.d/ files - find: + ansible.builtin.find: paths: - /etc/sudoers.d/ register: sudoers @@ -366,7 +366,7 @@ - sudo_remove_no_authenticate | bool - name: Remove lines containing !authenticate from sudoers files - replace: + ansible.builtin.replace: regexp: (^(?!#).*[\s]+\!authenticate.*$) replace: '# \g<1>' path: '{{ item.path }}' @@ -395,7 +395,7 @@ - sudo_remove_no_authenticate | bool - name: Find /etc/sudoers.d/ files - find: + ansible.builtin.find: paths: - /etc/sudoers.d/ register: sudoers @@ -420,7 +420,7 @@ - sudo_remove_nopasswd | bool - name: Remove lines containing NOPASSWD from sudoers files - replace: + ansible.builtin.replace: regexp: (^(?!#).*[\s]+NOPASSWD[\s]*\:.*$) replace: '# \g<1>' path: '{{ item.path }}' @@ -760,6 +760,7 @@ - NIST-800-53-SC-12(3) - NIST-800-53-SI-7 - PCI-DSS-Req-6.2 + - PCI-DSSv4-6.3.3 - ensure_redhat_gpgkey_installed - high_severity - medium_complexity @@ -791,6 +792,7 @@ - NIST-800-53-SC-12(3) - NIST-800-53-SI-7 - PCI-DSS-Req-6.2 + - PCI-DSSv4-6.3.3 - ensure_redhat_gpgkey_installed - high_severity - medium_complexity @@ -822,6 +824,7 @@ - NIST-800-53-SC-12(3) - NIST-800-53-SI-7 - PCI-DSS-Req-6.2 + - PCI-DSSv4-6.3.3 - ensure_redhat_gpgkey_installed - high_severity - medium_complexity @@ -851,6 +854,7 @@ - NIST-800-53-SC-12(3) - NIST-800-53-SI-7 - PCI-DSS-Req-6.2 + - PCI-DSSv4-6.3.3 - ensure_redhat_gpgkey_installed - high_severity - medium_complexity @@ -893,6 +897,7 @@ - NIST-800-53-SC-12(3) - NIST-800-53-SI-7 - PCI-DSS-Req-6.2 + - PCI-DSSv4-6.3.3 - ensure_redhat_gpgkey_installed - high_severity - medium_complexity @@ -4346,7 +4351,6 @@ - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_dcredit - low_complexity - low_disruption @@ -4386,7 +4390,6 @@ - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_dcredit - low_complexity - low_disruption @@ -4406,7 +4409,6 @@ - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_lcredit - low_complexity - low_disruption @@ -4446,7 +4448,6 @@ - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_lcredit - low_complexity - low_disruption @@ -4467,7 +4468,6 @@ - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_minlen - low_complexity - low_disruption @@ -4508,7 +4508,6 @@ - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_minlen - low_complexity - low_disruption @@ -4581,8 +4580,6 @@ - NIST-800-53-IA-5(4) - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_ucredit - low_complexity - low_disruption @@ -4621,8 +4618,6 @@ - NIST-800-53-IA-5(4) - NIST-800-53-IA-5(c) - PCI-DSS-Req-8.2.3 - - PCI-DSSv4-8.3.6 - - PCI-DSSv4-8.3.9 - accounts_password_pam_ucredit - low_complexity - low_disruption @@ -4908,7 +4903,7 @@ - NIST-800-53-IA-5(1)(d) - NIST-800-53-IA-5(f) - PCI-DSS-Req-8.2.4 - - PCI-DSSv4-8.3.10.1 + - PCI-DSSv4-8.3.9 - accounts_maximum_age_login_defs - low_complexity - low_disruption @@ -4948,7 +4943,7 @@ - NIST-800-53-IA-5(1)(d) - NIST-800-53-IA-5(f) - PCI-DSS-Req-8.2.4 - - PCI-DSSv4-8.3.10.1 + - PCI-DSSv4-8.3.9 - accounts_maximum_age_login_defs - low_complexity - low_disruption @@ -5722,7 +5717,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_bashrc - low_complexity - low_disruption @@ -5760,7 +5754,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_bashrc - low_complexity - low_disruption @@ -5788,7 +5781,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_bashrc - low_complexity - low_disruption @@ -5816,7 +5808,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_bashrc - low_complexity - low_disruption @@ -5832,7 +5823,6 @@ - DISA-STIG-RHEL-08-020351 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_login_defs - low_complexity - low_disruption @@ -5870,7 +5860,6 @@ - DISA-STIG-RHEL-08-020351 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_login_defs - low_complexity - low_disruption @@ -5898,7 +5887,6 @@ - DISA-STIG-RHEL-08-020351 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_login_defs - low_complexity - low_disruption @@ -5926,7 +5914,6 @@ - DISA-STIG-RHEL-08-020351 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_login_defs - low_complexity - low_disruption @@ -5948,7 +5935,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_profile - low_complexity - low_disruption @@ -5985,7 +5971,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_profile - low_complexity - low_disruption @@ -6014,7 +5999,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_profile - low_complexity - low_disruption @@ -6034,7 +6018,6 @@ - DISA-STIG-RHEL-08-020353 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - - PCI-DSSv4-8.6.1 - accounts_umask_etc_profile - low_complexity - low_disruption @@ -8756,7 +8739,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -8798,7 +8780,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -8835,7 +8816,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -8870,7 +8850,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -8906,7 +8885,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -8941,7 +8919,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -8976,7 +8953,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9012,7 +8988,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9047,7 +9022,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9084,7 +9058,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9119,7 +9092,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9155,7 +9127,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9190,7 +9161,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9225,7 +9195,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -9261,7 +9230,6 @@ - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 - audit_rules_sysadmin_actions - low_complexity - low_disruption @@ -10671,8 +10639,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -10706,8 +10673,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -10735,8 +10701,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -10763,8 +10728,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -10791,8 +10755,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -10820,8 +10783,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -10848,8 +10810,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -10878,8 +10839,7 @@ - CCE-86432-2 - PCI-DSS-Req-10.2.2 - PCI-DSS-Req-10.2.5.b - - PCI-DSSv4-10.2.1.5 - - PCI-DSSv4-10.2.2 + - PCI-DSSv4-10.2.1.4 - audit_sudo_log_events - low_complexity - low_disruption @@ -17960,8 +17920,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_creat - low_complexity - low_disruption @@ -18002,8 +17960,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_creat - low_complexity - low_disruption @@ -18134,8 +18090,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_creat - low_complexity - low_disruption @@ -18267,8 +18221,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_creat - low_complexity - low_disruption @@ -18399,8 +18351,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_creat - low_complexity - low_disruption @@ -18532,8 +18482,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_creat - low_complexity - low_disruption @@ -18553,8 +18501,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_ftruncate - low_complexity - low_disruption @@ -18594,8 +18540,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_ftruncate - low_complexity - low_disruption @@ -18725,8 +18669,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_ftruncate - low_complexity - low_disruption @@ -18857,8 +18799,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_ftruncate - low_complexity - low_disruption @@ -18988,8 +18928,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_ftruncate - low_complexity - low_disruption @@ -19120,8 +19058,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_ftruncate - low_complexity - low_disruption @@ -19141,8 +19077,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_open - low_complexity - low_disruption @@ -19183,8 +19117,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_open - low_complexity - low_disruption @@ -19315,8 +19247,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_open - low_complexity - low_disruption @@ -19448,8 +19378,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_open - low_complexity - low_disruption @@ -19580,8 +19508,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_open - low_complexity - low_disruption @@ -19713,8 +19639,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_open - low_complexity - low_disruption @@ -19734,8 +19658,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_openat - low_complexity - low_disruption @@ -19775,8 +19697,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_openat - low_complexity - low_disruption @@ -19906,8 +19826,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_openat - low_complexity - low_disruption @@ -20038,8 +19956,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_openat - low_complexity - low_disruption @@ -20169,8 +20085,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_openat - low_complexity - low_disruption @@ -20301,8 +20215,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_openat - low_complexity - low_disruption @@ -20322,8 +20234,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_truncate - low_complexity - low_disruption @@ -20363,8 +20273,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_truncate - low_complexity - low_disruption @@ -20494,8 +20402,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_truncate - low_complexity - low_disruption @@ -20626,8 +20532,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_truncate - low_complexity - low_disruption @@ -20757,8 +20661,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_truncate - low_complexity - low_disruption @@ -20889,8 +20791,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.1 - PCI-DSS-Req-10.2.4 - - PCI-DSSv4-10.2.1.1 - - PCI-DSSv4-10.2.1.4 - audit_rules_unsuccessful_file_modification_truncate - low_complexity - low_disruption @@ -20910,7 +20810,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_delete - configure_strategy - low_complexity @@ -20950,7 +20849,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_delete - configure_strategy - low_complexity @@ -21066,7 +20964,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_delete - configure_strategy - low_complexity @@ -21183,7 +21080,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_delete - configure_strategy - low_complexity @@ -21203,7 +21099,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_finit - configure_strategy - low_complexity @@ -21243,7 +21138,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_finit - configure_strategy - low_complexity @@ -21363,7 +21257,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_finit - configure_strategy - low_complexity @@ -21484,7 +21377,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_finit - configure_strategy - low_complexity @@ -21504,7 +21396,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_init - configure_strategy - low_complexity @@ -21544,7 +21435,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_init - configure_strategy - low_complexity @@ -21664,7 +21554,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_init - configure_strategy - low_complexity @@ -21785,7 +21674,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.7 - - PCI-DSSv4-10.2.1.7 - audit_rules_kernel_module_loading_init - configure_strategy - low_complexity @@ -22332,7 +22220,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.2 - - PCI-DSSv4-10.2.1.2 - audit_rules_privileged_commands - configure_strategy - low_complexity @@ -22371,7 +22258,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.2 - - PCI-DSSv4-10.2.1.2 - audit_rules_privileged_commands - configure_strategy - low_complexity @@ -22406,7 +22292,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.2 - - PCI-DSSv4-10.2.1.2 - audit_rules_privileged_commands - configure_strategy - low_complexity @@ -22418,7 +22303,7 @@ Mount Points ansible.builtin.set_fact: privileged_commands: '{{( result_privileged_commands_search.results | map(attribute=''stdout_lines'') | select() | list - )[-1] }}' + ) | sum(start=[]) }}' when: - audit_rules_privileged_commands | bool - configure_strategy | bool @@ -22438,7 +22323,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.2 - - PCI-DSSv4-10.2.1.2 - audit_rules_privileged_commands - configure_strategy - low_complexity @@ -22506,7 +22390,6 @@ - NIST-800-53-AU-2(d) - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.2.2 - - PCI-DSSv4-10.2.1.2 - audit_rules_privileged_commands - configure_strategy - low_complexity @@ -24233,7 +24116,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24264,7 +24146,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24296,7 +24177,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24322,7 +24202,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24355,7 +24234,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24391,7 +24269,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24429,7 +24306,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24456,7 +24332,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24468,7 +24343,7 @@ - name: Ensure Log Files Are Owned By Appropriate Group -Setup log files attribute ansible.builtin.file: path: '{{ item }}' - group: '0' + group: root state: file loop: '{{ log_files | list | flatten | unique }}' failed_when: false @@ -24486,7 +24361,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24512,7 +24386,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24543,7 +24416,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24575,7 +24447,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24601,7 +24472,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24634,7 +24504,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24670,7 +24539,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24708,7 +24576,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24735,7 +24602,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24747,7 +24613,7 @@ - name: Ensure Log Files Are Owned By Appropriate User -Setup log files attribute ansible.builtin.file: path: '{{ item }}' - owner: '0' + owner: root state: file loop: '{{ log_files | list | flatten | unique }}' failed_when: false @@ -24765,7 +24631,6 @@ - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - - PCI-DSSv4-10.3.1 - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity @@ -24792,7 +24657,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -24823,7 +24687,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -24855,7 +24718,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -24881,7 +24743,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -24914,7 +24775,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -24950,7 +24810,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -24988,7 +24847,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -25015,7 +24873,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -25045,7 +24902,6 @@ - PCI-DSS-Req-10.5.1 - PCI-DSS-Req-10.5.2 - PCI-DSSv4-10.3.1 - - PCI-DSSv4-10.3.2 - configure_strategy - low_complexity - medium_disruption @@ -25069,6 +24925,7 @@ - CCE-86154-2 - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.7 + - PCI-DSSv4-10.5.1 - enable_strategy - low_complexity - low_disruption @@ -25083,7 +24940,6 @@ - CCE-80794-1 - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.7 - - PCI-DSSv4-10.5.1 - configure_strategy - ensure_logrotate_activated - low_complexity @@ -25117,7 +24973,6 @@ - CCE-80794-1 - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.7 - - PCI-DSSv4-10.5.1 - configure_strategy - ensure_logrotate_activated - low_complexity @@ -25144,7 +24999,6 @@ - CCE-80794-1 - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.7 - - PCI-DSSv4-10.5.1 - configure_strategy - ensure_logrotate_activated - low_complexity @@ -25178,7 +25032,6 @@ - CCE-80794-1 - NIST-800-53-CM-6(a) - PCI-DSS-Req-10.7 - - PCI-DSSv4-10.5.1 - configure_strategy - ensure_logrotate_activated - low_complexity @@ -26439,6 +26292,7 @@ - NIST-800-53-CM-7(a) - NIST-800-53-CM-7(b) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.2 - disable_strategy - low_complexity - medium_disruption @@ -26471,6 +26325,7 @@ - NIST-800-53-CM-7(a) - NIST-800-53-CM-7(b) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.2 - disable_strategy - low_complexity - medium_disruption @@ -26504,6 +26359,7 @@ - NIST-800-53-CM-7(a) - NIST-800-53-CM-7(b) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.2 - disable_strategy - low_complexity - medium_disruption @@ -27327,6 +27183,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27358,6 +27215,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27390,6 +27248,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27423,6 +27282,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27452,6 +27312,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27482,6 +27343,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27592,6 +27454,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27624,6 +27487,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -27657,6 +27521,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -28039,6 +27904,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.2 - disable_strategy - low_complexity - medium_disruption @@ -28067,6 +27933,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.2 - disable_strategy - low_complexity - medium_disruption @@ -28096,6 +27963,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - PCI-DSS-Req-1.4.3 + - PCI-DSSv4-1.4.2 - disable_strategy - low_complexity - medium_disruption @@ -28280,6 +28148,7 @@ - NIST-800-53-SC-5(2) - NIST-800-53-SC-5(3)(a) - PCI-DSS-Req-1.4.1 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -28312,6 +28181,7 @@ - NIST-800-53-SC-5(2) - NIST-800-53-SC-5(3)(a) - PCI-DSS-Req-1.4.1 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -28345,6 +28215,7 @@ - NIST-800-53-SC-5(2) - NIST-800-53-SC-5(3)(a) - PCI-DSS-Req-1.4.1 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -28381,7 +28252,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - NIST-800-53-SC-7(a) - - PCI-DSSv4-1.4.2 + - PCI-DSSv4-1.4.5 - disable_strategy - low_complexity - medium_disruption @@ -28414,7 +28285,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - NIST-800-53-SC-7(a) - - PCI-DSSv4-1.4.2 + - PCI-DSSv4-1.4.5 - disable_strategy - low_complexity - medium_disruption @@ -28448,7 +28319,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - NIST-800-53-SC-7(a) - - PCI-DSSv4-1.4.2 + - PCI-DSSv4-1.4.5 - disable_strategy - low_complexity - medium_disruption @@ -28485,6 +28356,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - NIST-800-53-SC-7(a) + - PCI-DSSv4-1.4.5 - disable_strategy - low_complexity - medium_disruption @@ -28517,6 +28389,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - NIST-800-53-SC-7(a) + - PCI-DSSv4-1.4.5 - disable_strategy - low_complexity - medium_disruption @@ -28550,6 +28423,7 @@ - NIST-800-53-CM-7(b) - NIST-800-53-SC-5 - NIST-800-53-SC-7(a) + - PCI-DSSv4-1.4.5 - disable_strategy - low_complexity - medium_disruption @@ -28585,7 +28459,7 @@ - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.3.1 - PCI-DSS-Req-1.3.2 - - PCI-DSSv4-1.4.2 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -28617,7 +28491,7 @@ - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.3.1 - PCI-DSS-Req-1.3.2 - - PCI-DSSv4-1.4.2 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -28650,7 +28524,7 @@ - NIST-800-53-SC-7(a) - PCI-DSS-Req-1.3.1 - PCI-DSS-Req-1.3.2 - - PCI-DSSv4-1.4.2 + - PCI-DSSv4-1.4.3 - disable_strategy - low_complexity - medium_disruption @@ -28927,6 +28801,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -28956,6 +28831,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -28981,6 +28857,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -29016,6 +28893,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -29042,6 +28920,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -29057,6 +28936,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -29083,6 +28963,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -29108,6 +28989,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -29134,6 +29016,7 @@ - DISA-STIG-RHEL-08-010190 - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) + - PCI-DSSv4-2.2.6 - dir_perms_world_writable_sticky_bits - low_complexity - low_disruption @@ -29376,7 +29259,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_owner_etc_shadow - low_complexity @@ -29409,7 +29292,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_owner_etc_shadow - low_complexity @@ -29427,7 +29310,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_permissions_etc_group - low_complexity @@ -29460,7 +29343,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_permissions_etc_group - low_complexity @@ -29523,7 +29406,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_permissions_etc_passwd - low_complexity @@ -29556,7 +29439,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_permissions_etc_passwd - low_complexity @@ -29574,7 +29457,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_permissions_etc_shadow - low_complexity @@ -29607,7 +29490,7 @@ - NIST-800-53-AC-6(1) - NIST-800-53-CM-6(a) - PCI-DSS-Req-8.7.c - - PCI-DSSv4-7.2.6 + - PCI-DSSv4-2.2.6 - configure_strategy - file_permissions_etc_shadow - low_complexity @@ -32684,9 +32567,7 @@ - CCE-80912-9 - NIST-800-53-SI-11(a) - NIST-800-53-SI-11(b) - - PCI-DSSv4-3.3.1.1 - - PCI-DSSv4-3.3.1.2 - - PCI-DSSv4-3.3.1.3 + - PCI-DSSv4-3.3.1 - disable_strategy - low_complexity - medium_disruption @@ -32712,9 +32593,7 @@ - CCE-80912-9 - NIST-800-53-SI-11(a) - NIST-800-53-SI-11(b) - - PCI-DSSv4-3.3.1.1 - - PCI-DSSv4-3.3.1.2 - - PCI-DSSv4-3.3.1.3 + - PCI-DSSv4-3.3.1 - disable_strategy - low_complexity - medium_disruption @@ -32741,9 +32620,7 @@ - CCE-80912-9 - NIST-800-53-SI-11(a) - NIST-800-53-SI-11(b) - - PCI-DSSv4-3.3.1.1 - - PCI-DSSv4-3.3.1.2 - - PCI-DSSv4-3.3.1.3 + - PCI-DSSv4-3.3.1 - disable_strategy - low_complexity - medium_disruption @@ -32870,7 +32747,7 @@ - NIST-800-53-SC-30 - NIST-800-53-SC-30(2) - PCI-DSS-Req-2.2.1 - - PCI-DSSv4-2.2.3 + - PCI-DSSv4-3.3.1 - disable_strategy - low_complexity - medium_disruption @@ -32901,7 +32778,7 @@ - NIST-800-53-SC-30 - NIST-800-53-SC-30(2) - PCI-DSS-Req-2.2.1 - - PCI-DSSv4-2.2.3 + - PCI-DSSv4-3.3.1 - disable_strategy - low_complexity - medium_disruption @@ -32933,7 +32810,7 @@ - NIST-800-53-SC-30 - NIST-800-53-SC-30(2) - PCI-DSS-Req-2.2.1 - - PCI-DSSv4-2.2.3 + - PCI-DSSv4-3.3.1 - disable_strategy - low_complexity - medium_disruption @@ -33074,6 +32951,7 @@ - NIST-800-53-AC-3(3)(a) - NIST-800-53-AU-9 - NIST-800-53-SC-7(21) + - PCI-DSSv4-1.2.6 - low_complexity - low_disruption - medium_severity @@ -33312,7 +33190,7 @@ - NIST-800-53-CM-6(a) - NIST-800-53-CM-7(a) - NIST-800-53-CM-7(b) - - PCI-DSSv4-2.2.4 + - PCI-DSSv4-1.4.2 - low_complexity - low_disruption - medium_severity @@ -33343,7 +33221,7 @@ - NIST-800-53-CM-6(a) - NIST-800-53-CM-7(a) - NIST-800-53-CM-7(b) - - PCI-DSSv4-2.2.4 + - PCI-DSSv4-1.4.2 - low_complexity - low_disruption - medium_severity @@ -33649,6 +33527,7 @@ - NIST-800-53-CM-7(a) - NIST-800-53-CM-7(b) - NIST-800-53-IA-5(1)(c) + - PCI-DSSv4-2.2.4 - disable_strategy - high_severity - low_complexity @@ -33692,6 +33571,7 @@ state: absent tags: - CCE-82180-1 + - PCI-DSSv4-2.2.4 - disable_strategy - low_complexity - low_disruption @@ -33786,6 +33666,7 @@ - NIST-800-53-CM-6(a) - NIST-800-53-CM-7(a) - NIST-800-53-CM-7(b) + - PCI-DSSv4-2.2.4 - disable_strategy - high_severity - low_complexity @@ -33807,6 +33688,7 @@ state: absent tags: - CCE-83590-0 + - PCI-DSSv4-2.2.4 - disable_strategy - low_complexity - low_disruption