General Purpose Operating System SRG

General Purpose Operating System Security Requirements Guide

ID Vuln ID Title Cat Status
SRG-OS-000095-GPOS-00049 V-203637 The operating system must be configured to disable non-essential capabilities. Cat II
SRG-OS-000132-GPOS-00067 V-203655 The operating system must separate user functionality (including user interface services) from operating system management functionality. Cat II
SRG-OS-000259-GPOS-00100 V-203675 The operating system must limit privileges to change software resident within software libraries. Cat II
SRG-OS-000467-GPOS-00211 V-203765 The operating system must generate audit records when successful/unsuccessful attempts to delete security levels occur. Cat II
SRG-OS-000404-GPOS-00183 V-203745 The operating system must implement cryptographic mechanisms to prevent unauthorized modification of all information at rest on all operating system components. Cat II
SRG-OS-000104-GPOS-00051 V-203639 The operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users). Cat II
SRG-OS-000278-GPOS-00108 V-203682 The operating system must use cryptographic mechanisms to protect the integrity of audit tools. Cat II
SRG-OS-000275-GPOS-00105 V-203679 The operating system must notify system administrators and ISSOs when accounts are modified. Cat II
SRG-OS-000466-GPOS-00210 V-203764 The operating system must generate audit records when successful/unsuccessful attempts to delete privileges occur. Cat II
SRG-OS-000033-GPOS-00014 V-203603 The operating system must implement DoD-approved encryption to protect the confidentiality of remote access sessions. Cat II
SRG-OS-000324-GPOS-00125 V-203695 The operating system must prevent non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. Cat II
SRG-OS-000479-GPOS-00224 V-203777 The operating system must, at a minimum, off-load audit data from interconnected systems in real time and off-load audit data from standalone systems weekly. Cat II
SRG-OS-000480-GPOS-00225 V-203778 The operating system must prevent the use of dictionary words for passwords. Cat II
SRG-OS-000002-GPOS-00002 V-203592 The operating system must automatically remove or disable temporary user accounts after 72 hours. Cat II
SRG-OS-000255-GPOS-00096 V-203671 The operating system must produce audit records containing information to establish the identity of any individual or process associated with the event. Cat II


Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.