An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Open sidebar
Navigate
Top
Search
Checks (
236
)
Print
Changes
Pages (
5/16
)
RHEL 7 STIG
Red Hat Enterprise Linux 7 Security Technical Implementation Guide
v3 r15 (Released July 24, 2024)
v3 r14 (Released Jan. 24, 2024)
v3 r13 (Released Oct. 25, 2023)
v3 r12 (Released July 26, 2023)
v3 r11 (Released April 27, 2023)
v3 r10 (Released Jan. 26, 2023)
v3 r9 (Released Oct. 26, 2022)
v3 r8 (Released July 27, 2022)
v3 r7 (Released April 27, 2022)
v3 r6 (Released Jan. 27, 2022)
v3 r5 (Released Oct. 27, 2021)
v3 r4 (Released July 23, 2021)
v3 r3 (Released April 23, 2021)
v3 r2 (Released Jan. 22, 2021)
v3 r1 (Released Oct. 23, 2020)
v2 r8 (Released July 24, 2020)
v2 r7 (Released April 24, 2020)
v3 r0.3 (Released March 31, 2020)
v2 r6 (Released Jan. 24, 2020)
v2 r5 (Released Oct. 25, 2019)
v2 r4 (Released July 26, 2019)
v2 r3 (Released April 26, 2019)
v2 r2 (Released Jan. 25, 2019)
v2 r1 (Released July 27, 2018)
v1 r4 (Released Jan. 26, 2018)
v1 r3 (Released Oct. 27, 2017)
v1 r2 (Released July 28, 2017)
v1 r1 (Released Feb. 27, 2017)
ID
Vuln ID
Title
Cat
Status
RHEL-07-020020
V-204444
The Red Hat Enterprise Linux operating system must prevent non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
Cat II
RHEL-07-020021
V-250312
The Red Hat Enterprise Linux operating system must confine SELinux users to roles that conform to least privilege.
Cat II
RHEL-07-020022
V-250313
The Red Hat Enterprise Linux operating system must not allow privileged accounts to utilize SSH.
Cat II
RHEL-07-020023
V-250314
The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command.
Cat II
RHEL-07-020029
V-251705
The Red Hat Enterprise Linux operating system must use a file integrity tool to verify correct operation of all security functions.
Cat II
RHEL-07-020030
V-204445
The Red Hat Enterprise Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly.
Cat II
RHEL-07-020040
V-204446
The Red Hat Enterprise Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner.
Cat II
RHEL-07-020050
V-204447
The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
Cat I
RHEL-07-020060
V-204448
The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
Cat I
RHEL-07-020100
V-204449
The Red Hat Enterprise Linux operating system must be configured to disable USB mass storage.
Cat II
RHEL-07-020101
V-204450
The Red Hat Enterprise Linux operating system must be configured so that the Datagram Congestion Control Protocol (DCCP) kernel module is disabled unless required.
Cat II
RHEL-07-020110
V-204451
The Red Hat Enterprise Linux operating system must disable the file system automounter unless required.
Cat II
RHEL-07-020111
V-219059
The Red Hat Enterprise Linux operating system must disable the graphical user interface automounter unless required.
Cat II
RHEL-07-020200
V-204452
The Red Hat Enterprise Linux operating system must remove all software components after updated versions have been installed.
Cat III
RHEL-07-020210
V-204453
The Red Hat Enterprise Linux operating system must enable SELinux.
Cat II
Prev
1
2
3
4
5
6
7
8
9
...16
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.