CCI-001263 requires providing a near real-time alert when any of the org-defined list of potential compromise indicators occur. AIDE can be used for this purpose.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/software/integrity.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/software/integrity.xml b/rhel6/src/input/system/software/integrity.xml index e882032..12d70fa 100644 --- a/rhel6/src/input/system/software/integrity.xml +++ b/rhel6/src/input/system/software/integrity.xml @@ -93,7 +93,7 @@ AIDE can be executed periodically through other means; this is merely one exampl By default, AIDE does not install itself for periodic execution. Periodically running AIDE may reveal unexpected changes in installed files. </rationale> -<ref nist="CM-6, SC-28, SI-7" disa="416,1166"/> +<ref nist="CM-6, SC-28, SI-7" disa="416,1166,1263"/> </Rule> <Rule id="aide_verify_integrity_manually"> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
