| Identifier | Severity | Rationale | Scan Results | True Finding | Errata |
|---|---|---|---|---|---|
| CCE-83561-1 | low | Having a non-default grub superuser username makes password-guessing attacks less effective. | failed | failed | This is a setting that is defined by the end-user. |
| CCE-80828-7 | high | Password protection on the boot loader configuration ensures users with physical access cannot trivially alter important bootloader settings. These include which kernel to use, and whether to enter single-user mode. | failed | failed | This is a setting that is defined by the end-user. |
| CCE-84300-3 | medium | In order to prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable or restrict unused or unnecessary physical and logical ports/protocols on information systems. | failed | failed | This is a setting that is defined by the end-user. |
| CCE-84049-6 | low | To provide availability for name resolution services, multiple redundant name servers are mandated. A failure in name resolution could lead to the failure of security functions requiring name resolution, which may include time synchronization, centralized authentication, and remote system logging. | failed | failed | This is a setting that is defined by the end-user. |
| CCE-81033-3 | medium | The presence of SUID and SGID executables should be tightly controlled. Users should not be able to execute SUID or SGID binaries from boot partitions. | failed | failed | There is no separate /boot partition. |
| CCE-80838-6 | low | Allowing users to execute binaries from world-writable directories such as /dev/shm can expose the system to potential compromise. | failed | false-positive | There is no separate /dev/shm partition. |
| CCE-80863-4 | medium | A log server (loghost) receives syslog messages from one or more systems. This data can be used as an additional log source in the event a system is compromised and its local logs are suspect. Forwarding log messages to a remote loghost also provides system administrators with a centralized place to view the status of multiple hosts within the enterprise. | failed | failed | This is a setting that is defined by the end-user. |
| CCE-84059-5 | medium | Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate. | failed | failed | This is a setting that is defined by the end-user. |