On 7/5/12 4:52 PM, Willy Santos wrote:
CCI-001328 requires supporting the activation of an org-defined alarm and/or
automatically shutdown the system if a system component failure is detected.
This mapping is a request for input/discussion.
Signed-off-by: Willy Santos <[email protected]>
---
rhel6/src/input/auxiliary/srg_support.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/auxiliary/srg_support.xml
b/rhel6/src/input/auxiliary/srg_support.xml
index 1d881c6..4fa76d6 100644
--- a/rhel6/src/input/auxiliary/srg_support.xml
+++ b/rhel6/src/input/auxiliary/srg_support.xml
@@ -38,7 +38,7 @@ The requirement is impractical or out of scope.
<description>
It is unclear how to satisfy this requirement.
</description>
-<ref disa="20,31,218,219,224,1097,1158,1239,1291,1294,1295,1310,1311" />
+<ref disa="20,31,218,219,224,1097,1158,1239,1291,1294,1295,1310,1311,1328" />
</Group> <!-- end requirement_unclear -->
<Group id="new_rule_needed">
SRG-OS-000207 CCI-001328 The operating system _*must support the
requirement*_ that organizations, if an information system component
failure is detected must activate an organization-defined alarm and/or
automatically shuts down the operating system. Predictable failure
prevention requires organizational planning to address system failure
issues. If a subsystem of the operating system, hardware, or the
operating system itself, is key to maintaining systems and security
fails to function, the system could continue operating in an insecure
state. The organization must be prepared for and the operating system
must support capability that alarms for such conditions and/or
automatically shuts down the operating system or the subsystem of the
operating system.
met_inherently
There is nothing in this stating that the OS must "be aware" of the
failure, we only have to "support the requirement" by providing
functionality to bring down the box should a component failure be
detected by someone/something. This is met by allowing an 'init 0' or
'shutdown -h now' to be performed at any time.
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
