| Server IP : 184.154.167.98 / Your IP : 18.191.189.164 Web Server : Apache System : Linux pink.dnsnetservice.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 User : puertode ( 1767) PHP Version : 8.2.27 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/scap-security-guide/tailoring/ |
Upload File : |
<xccdf-1.2:Tailoring xmlns:xccdf-1.2="http://checklists.nist.gov/xccdf/1.2" id="xccdf_content-disa-delta_tailoring_default"><xccdf-1.2:version time="2024-12-26T07:27:55.529575">1</xccdf-1.2:version><xccdf-1.2:Profile extends="xccdf_org.ssgproject.content_profile_stig" id="xccdf_org.ssgproject.content_profile_stig_delta_tailoring"><xccdf-1.2:title override="true">DISA STIG for Red Hat Enterprise Linux 8</xccdf-1.2:title>
<xccdf-1.2:description override="true">This profile contains configuration checks that align to the
DISA STIG for Red Hat Enterprise Linux 8 V2R1.
In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
configuration baseline as applicable to the operating system tier of
Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux Workstation and Desktop
- Red Hat Enterprise Linux for HPC
- Red Hat Storage
- Red Hat Containers with a Red Hat Enterprise Linux 8 image</xccdf-1.2:description>
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_account_disable_post_pw_expiration" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_account_password_pam_faillock_password_auth" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_account_password_pam_faillock_system_auth" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_account_password_selinux_faillock_dir" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_account_temp_expire_date" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_account_unique_id" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_authorized_local_users" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_have_homedir_login_defs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_logon_fail_delay" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_max_concurrent_login_sessions" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_maximum_age_login_defs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_minimum_age_login_defs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_no_uid_except_zero" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_all_shadowed_sha512" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_minlen_login_defs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_dcredit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_dictcheck" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_difok" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_lcredit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_maxclassrepeat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_maxrepeat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_minclass" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_minlen" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_ocredit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_pwhistory_remember_password_auth" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_pwhistory_remember_system_auth" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_password_auth" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_system_auth" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_retry" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_ucredit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_set_max_life_existing" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_password_set_min_life_existing" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_audit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_deny" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_deny_root" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_dir" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_interval" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_silent" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_unlock_time" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_bashrc" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_csh_cshrc" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_login_defs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_profile" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_user_dot_no_world_writable_programs" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_user_home_paths_only" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_user_interactive_home_directory_defined" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_user_interactive_home_directory_exists" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_users_home_files_groupownership" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_accounts_users_home_files_permissions" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_aide_build_database" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_aide_check_audit_tools" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_aide_scan_notification" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_aide_verify_acls" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_aide_verify_ext_attributes" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chown" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmod" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmodat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchown" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchownat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fremovexattr" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fsetxattr" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lchown" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lremovexattr" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lsetxattr" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_removexattr" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_setxattr" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_chacl" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_chcon" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_semanage" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_setfacl" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rename" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_renameat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rmdir" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlink" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlinkat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_immutable" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_immutable_login_uids" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_delete" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_finit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_init" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_login_events_faillock" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_login_events_lastlog" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_media_export" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chage" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chsh" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_crontab" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_gpasswd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_kmod" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_mount" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_newgrp" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_pam_timestamp_check" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_passwd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_postdrop" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_postqueue" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_ssh_agent" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_ssh_keysign" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_su" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_sudo" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_umount" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_unix_chkpwd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_unix_update" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_userhelper" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_usermod" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_sudoers" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_sudoers_d" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_suid_privilege_function" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_creat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_ftruncate" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_truncate" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_group" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_gshadow" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_opasswd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_passwd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_shadow" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_audispd_configure_sufficiently_large_partition" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_data_disk_error_action" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_data_disk_full_action" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_action_mail_acct" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_space_left_action" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_space_left_percentage" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_local_events" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_log_format" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_name_format" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_auditd_overflow_action" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_banner_etc_issue" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_bios_enable_execution_restrictions" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_chronyd_client_only" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_chronyd_no_chronyc_network" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_set_maxpoll" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_chronyd_server_directive" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_chronyd_specify_remote_server" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_clean_components_post_updating" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_bind_crypto_policy" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_crypto_policy" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_firewalld_ports" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_gnutls_tls_crypto_policy" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_kerberos_crypto_policy" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_libreswan_crypto_policy" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_openssl_crypto_policy" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_openssl_tls_crypto_policy" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configure_usbguard_auditbackend" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_configured_firewalld_default_deny" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_coredump_disable_backtraces" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_coredump_disable_storage" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_banner_enabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_ctrlaltdel_reboot" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_user_list" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_lock_screen_on_smartcard_removal" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_login_banner_text" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_idle_delay" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_delay" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_enabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_locked" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_user_locks" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_session_idle_user_locks" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dir_group_ownership_library_dirs" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dir_ownership_library_dirs" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dir_permissions_library_dirs" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dir_perms_world_writable_root_owned" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dir_perms_world_writable_sticky_bits" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_dir_perms_world_writable_system_owned_group" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_directory_group_ownership_var_log_audit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_directory_ownership_var_log_audit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_directory_permissions_var_log_audit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_disable_ctrlaltdel_burstaction" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_disable_ctrlaltdel_reboot" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_disable_users_coredumps" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_disallow_bypass_password_sudo" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_display_login_attempts" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_enable_authselect" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_enable_dracut_fips_module" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_enable_fips_mode" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_encrypt_partitions" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_ensure_almalinux_gpgkey_installed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_fapolicy_default_deny" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_audit_tools_group_ownership" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_audit_tools_ownership" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_audit_tools_permissions" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_group_ownership_var_log_audit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_var_log" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_var_log_messages" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_groupownership_home_directories" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_groupownership_system_commands_dirs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_owner_var_log" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_owner_var_log_messages" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_ownership_binary_dirs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_ownership_library_dirs" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_ownership_var_log_audit_stig" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permission_user_init_files_root" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_binary_dirs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_audit_auditd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_audit_rulesd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_home_directories" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_library_dirs" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_sshd_private_key" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_sshd_pub_key" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_ungroupowned" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_var_log" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_var_log_audit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_file_permissions_var_log_messages" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_firewalld-backend" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_gnome_gdm_disable_automatic_login" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_admin_username" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_audit_argument" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_audit_backlog_limit_argument" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_page_poison_argument" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_password" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_pti_argument" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_slub_debug_argument" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_uefi_admin_username" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_uefi_password" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_grub2_vsyscall_argument" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_openssh_conf_crypto_policy" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_opensshserver_conf_crypto_policy" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_macs_openssh_conf_crypto_policy" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_macs_opensshserver_conf_crypto_policy" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_install_smartcard_packages" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_installed_OS_is_vendor_supported" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kerberos_disable_no_keytab" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_atm_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_bluetooth_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_can_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_cramfs_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_firewire-core_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_sctp_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_tipc_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_usb-storage_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_kernel_module_uvcvideo_disabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_logind_session_timeout" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_boot_efi_nosuid" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_boot_nosuid" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_dev_shm_nodev" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_dev_shm_noexec" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_dev_shm_nosuid" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_home_noexec" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_home_nosuid" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_nodev_nonroot_local_partitions" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_nodev_remote_filesystems" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_nodev_removable_partitions" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_noexec_remote_filesystems" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_noexec_removable_partitions" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_nosuid_remote_filesystems" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_nosuid_removable_partitions" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_tmp_nodev" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_tmp_noexec" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_tmp_nosuid" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_audit_nodev" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_audit_noexec" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_audit_nosuid" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_nodev" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_noexec" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_nosuid" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_tmp_nodev" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_tmp_noexec" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_tmp_nosuid" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_network_configure_name_resolution" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_network_sniffer_disabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_no_empty_passwords" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_no_empty_passwords_etc_shadow" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_no_files_unowned_by_user" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_no_host_based_files" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_no_user_host_based_files" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_abrt-addon-ccpp_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_abrt-addon-kerneloops_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_abrt-cli_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_abrt-plugin-sosreport_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_abrt_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_aide_installed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_audit_installed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_fapolicyd_installed" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_firewalld_installed" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_gssproxy_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_iprutils_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_krb5-server_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_krb5-workstation_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_libreport-plugin-logger_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_libreport-plugin-rhtsupport_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_mailx_installed" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_opensc_installed" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_openssh-server_installed" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_policycoreutils_installed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_postfix_installed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_python3-abrt-addon_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_rng-tools_installed" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_rsh-server_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_rsyslog-gnutls_installed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_rsyslog_installed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_sendmail_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_telnet-server_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_tftp-server_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_tuned_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_usbguard_installed" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_package_vsftpd_removed" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_partition_for_home" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_partition_for_tmp" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_partition_for_var" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_partition_for_var_log" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_partition_for_var_log_audit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_partition_for_var_tmp" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_postfix_client_configure_mail_alias_postmaster" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_require_emergency_target_auth" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_require_singleuser_auth" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_root_permissions_syslibrary_files" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_rsyslog_cron_logging" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_rsyslog_encrypt_offload_actionsendstreamdriverauthmode" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_rsyslog_encrypt_offload_actionsendstreamdrivermode" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_rsyslog_encrypt_offload_defaultnetstreamdriver" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_access_monitoring" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_loghost" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_security_patches_up_to_date" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_selinux_policytype" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_selinux_state" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_selinux_user_login_roles" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_auditd_enabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_autofs_disabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_debug-shell_disabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_fapolicyd_enabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_firewalld_enabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_kdump_disabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_rngd_enabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_rsyslog_enabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_sshd_enabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_systemd-coredump_disabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_service_usbguard_enabled" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_set_firewalld_default_zone" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_logindefs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_passwordauth" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_systemauth" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_min_rounds_logindefs" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_ssh_keys_passphrase_protected" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_gssapi_auth" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_kerb_auth" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_root_login" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_user_known_hosts" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_x11_forwarding" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_enable_strictmodes" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_print_last_log" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_rekey_limit" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_set_idle_timeout" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_set_keepalive" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_use_approved_kex_ordered_stig" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_use_strong_rng" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sshd_x11_use_localhost" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sssd_certificate_verification" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sssd_enable_certmap" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sssd_enable_smartcards" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sssd_has_trust_anchor" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sssd_offline_cred_expiration" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sudo_remove_nopasswd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sudo_require_reauthentication" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sudo_restrict_privilege_elevation_to_authorized" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sudoers_default_includedir" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sudoers_validate_passwd" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_crypto_fips_enabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_fs_protected_hardlinks" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_fs_protected_symlinks" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_core_pattern" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_dmesg_restrict" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_kexec_load_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_kptr_restrict" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_perf_event_paranoid" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_randomize_va_space" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_unprivileged_bpf_disabled" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_yama_ptrace_scope" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_core_bpf_jit_harden" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_accept_redirects" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_accept_source_route" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_forwarding" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_rp_filter" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_send_redirects" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_accept_redirects" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_accept_source_route" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_send_redirects" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_icmp_echo_ignore_broadcasts" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_ra" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_redirects" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_source_route" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_forwarding" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_ra" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_redirects" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_source_route" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_sysctl_user_max_user_namespaces" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_tftpd_uses_secure_mode" selected="false" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_usbguard_generate_policy" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_wireless_disable_interfaces" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_xwindows_remove_packages" selected="true" />
<xccdf-1.2:select idref="xccdf_org.ssgproject.content_rule_xwindows_runlevel_target" selected="true" />
</xccdf-1.2:Profile></xccdf-1.2:Tailoring>