[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 194770 Download | Alert*

Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse, and identify the risk from insider threats and the a ...

The permissions of bash 'init' files must be 444 or as appropriate. /etc/profile it is used to set system wide environmental variables on users shells. /etc/bashrc file is meant for setting command aliases and functions used by bash shell users.

The owner of 'csh init' files must be root or as appropriate. Use the command chown root /etc/csh.cshrc /etc/csh.login /etc/csh.logout to change the owner as appropriate.

Configuration settings must be verified by a centrally managed system such as an MDM to ensure that they have not been changed. Configuration settings are the configurable security-related parameters of information technology products that are part of the information system. Security-related parameters are those parameters impacting the security state of the system including parameters related to ...

Specifies the maximum time the login window can be inactive before the screen saver starts. This is distinct from a user session's idle time. Setting to 900 seconds (15 minutes) instead of the OEM value of unlimited. In loginwindow.plist, set the loginWindowIdleTime key = 900. If the key does not exist, idle time is unlimited.

The owner of the audit logs must be root or as appropriate.

The group of the audit logs must be wheel. The audit files are under /var/audit; set the group for each via chgrp.

The permissions of the audit logs must be 0640 or as appropriate. The audit files are under /var/audit; set the permission for each via chmod.

The login window must be configured to prompt all users for both a username and a password. By default, the system displays a list of known users at the login screen. This gives an advantage to an attacker with physical access to the system, as the attacker would only have to guess the password for one of the listed accounts.

Controls whether the login window shows a list of non-local (other) users from which to choose when logging in, or shows fields in which a user and a password can be entered. In loginwindow.plist, set the SHOWOTHERUSERS_MANAGED key = false. If the key does not exist, a list of users is displayed.


Pages:      Start    11970    11971    11972    11973    11974    11975    11976    11977    11978    11979    11980    11981    11982    11983    ..   19476

© SecPod Technologies