DISA: Red Hat Enterprise Linux 7

This document provides information about the hotfix containing Red Hat Linux 7 Benchmark Version 3 Release 6 published on January 27, 2022. This template contains implementation for 273 rules that can be installed on TrueSight Server Automation 20.x and later.

Before you begin

Before you import this template, ensure that the following requirements are met:

  • Ensure that the default values for the template's local and global properties meet the organization standards.
  • Back up the sensors folder located in the <AppServerInstallDir>/share directory on all the Application Servers in a multiple Application Server environment. This folder contains the extended object scripts.

Step 1: Downloading the files

  1. Access the following EPD link and click TSSA 21.3.00 DISA STIG Updates for RHEL 7 to download the DISA - CIS Red Hat Enterprise Linux 7 package:
    You must log in or register to view this page
  2. Expand to view the checksum-related information

    Verify the downloaded content by using checksums:

    S.No

    File Name

    MD5SUM

    1

    DISA - RedHat 7.zip

    97879b2f98327b4c5175463c415f69f5

    2

    ExtendedObjects.zip

    3b7bc78c60588ae5acb4f7060aaaaf2a

  3. Extract the contents of extendedobjects.zip to a temporary directory and copy the extracted files to the existing <APPRSERVER_INSTALL_DIR>/share/sensors directory on all the Application Servers.
  4. Move DISA - RedHat 7.zip to the server where the TrueSight Server Automation console is installed.

Step 2: Import the Compliance Content

  1. Log on to the Console.
  2. Right-click on Component Templates and click Import
    1.jpg
  3. Select the Import (Version-neutral) option.
    vn.jpg
  4. Select the DISA - RedHat 7.zip package and click Next.
    41B0BD1.PNG
  5. Select DISA - Red Hat Enterprise Linux 7.
  6. Ensure that the Update objects according to the imported package and Preserve template group path options are selected, and click Next.
  7. Navigate to the last screen of the wizard and click Finish.
    image-2023-5-21_12-39-55-1.png
  8. The template is imported successfully. Click OK.
    The imported template is shown under DISA Compliance Content  >  DISA STIG Revised.
    image-2023-5-21_12-40-31-1.png

Special issues for rules within the template

The following are the details of the 273 rules provided in the zip package. It contains the following types of rules:

  • Rules that check for compliance and provide remediation - 183
  • Rules that check for compliance but do not provide remediation - 76
  • Rules that do not check for compliance and do not provide remediation - 14

The following are the details of the rules that are divided into parts:

  • Rules not divided into parts - 207
  • Rules Divided into two parts - (22 Rules divided into 2 parts) so (22 * 2) = 44
  • Rules Divided into three parts - (2 Rules divided into 3 parts) so (2 * 3) = 6
  • Rules Divided into four parts - (2 Rule is divided into 4 parts) so (2 * 4) = 8
  • Rules Divided into eight parts - (1 Rule is divided into 8 parts) so (1 * 8)=8

So, the current rule count as per DISA - Red Hat Enterprise Linux 7 template after running the compliance job is 273 (207+ 44 + 8 + 8)


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*