Common Scan Findings

There is frequently more than one way to achieve a given hardening-recommendation. As such, generic security scanners may produce alerts/findings that are at odds with the actual system state implemented by Watchmaker. The following are frequently-cited findings and explanations for why a scanner may alert on the Watchmaker-managed configuration-state.

Common Scan Findings for EL7

• Findings Summary-Table
• Use Only FIPS 140-2 Validated Ciphers
• Use Only FIPS 140-2 Validated MACs
• Modify the System Login Banner
• Enable Smart Card Login
• Configure the Firewalld Ports
• Set Default firewalld Zone for Incoming Packets
• Disable Kernel Parameter for IP Forwarding
• The Installed Operating System Is Vendor Supported
• Install McAfee Virus Scanning Software
• Enable FIPS Mode in GRUB2
• Configure AIDE to Use FIPS 140-2 for Validating Hashes
• Verify and Correct Ownership with RPM
• Verify and Correct File Permissions with RPM
• Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD
• Operating system must display the date and time of the last successful account logon upon logon