{"system-security-plan":{"control-implementation":{"description":"Control implementation for DORA baseline using Ubuntu Linux 24.04 LTS","implemented-requirements":[{"control-id":"ac-3","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_root_gid_zero"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_bashrc"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_profile"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_pam_wheel_group_empty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_root_access_controlled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_groupowner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_owner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_private_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_pub_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"groups_no_zero_gid_except_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_invalid_shell_accounts_unlocked"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_shelllogin_for_systemaccounts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_limit_user_access"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"use_pam_wheel_group_for_su"}],"uuid":"fd71a9ed-4a62-46eb-a800-f9fbf9a47507"},{"control-id":"ac-5","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_root_gid_zero"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_bashrc"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_profile"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_pam_wheel_group_empty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_root_access_controlled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_groupowner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_owner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_private_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_pub_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"groups_no_zero_gid_except_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_invalid_shell_accounts_unlocked"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_shelllogin_for_systemaccounts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_limit_user_access"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"use_pam_wheel_group_for_su"}],"uuid":"6459f237-d99a-4ff9-9bdd-b873c43120e9"},{"control-id":"ac-6","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_root_gid_zero"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_bashrc"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_profile"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_pam_wheel_group_empty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_root_access_controlled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_groupowner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_owner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_private_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_pub_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"groups_no_zero_gid_except_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_invalid_shell_accounts_unlocked"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_shelllogin_for_systemaccounts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_limit_user_access"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"use_pam_wheel_group_for_su"}],"uuid":"f357cd2b-68ff-4c78-aedc-d0bcdcaf45ef"},{"control-id":"mp-2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_root_gid_zero"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_bashrc"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_etc_profile"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_umask_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_pam_wheel_group_empty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"ensure_root_access_controlled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_groupowner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_owner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_private_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"file_permissions_sshd_pub_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"groups_no_zero_gid_except_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_invalid_shell_accounts_unlocked"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_shelllogin_for_systemaccounts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_limit_user_access"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"use_pam_wheel_group_for_su"}],"uuid":"fab4754a-bc99-458d-a150-f0d12dd92fee"},{"control-id":"ac-17.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_ciphers"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_kex"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_macs"}],"uuid":"ddae48ba-3c4b-4c81-8c1d-f7d4bfcdcf52"},{"control-id":"ia-5","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_ciphers"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_kex"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_macs"}],"uuid":"458c8de5-6528-4b32-9fb2-d5dc2d78a235"},{"control-id":"ia-5.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_ciphers"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_kex"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_macs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_pwhistory_use_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"set_password_hashing_algorithm_logindefs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"set_password_hashing_algorithm_systemauth"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"account_disable_post_pw_expiration"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_maximum_age_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_minimum_age_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_last_change_is_in_past"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_dcredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_dictcheck"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_difok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_enforce_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_enforcing"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_lcredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_maxrepeat"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_maxsequence"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_minclass"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_minlen"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_ocredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_pwhistory_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_pwhistory_enforce_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_pwhistory_remember"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_pwquality_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_ucredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_no_remember"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_set_max_life_existing"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_set_min_life_existing"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"no_empty_passwords_unix"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_disable_empty_passwords"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_disable_gssapi_auth"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_disable_rhosts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_enable_pam"}],"uuid":"7bbede7a-4f98-4aa3-bad3-d268c1299801"},{"control-id":"sc-8","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_ciphers"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_kex"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_macs"}],"uuid":"d641bc32-2f75-4477-a9c2-1f7ab07ae53e"},{"control-id":"sc-8.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_ciphers"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_kex"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_use_strong_macs"}],"uuid":"6a34f940-7a17-42a3-9b30-bd1174a8c3d3"},{"control-id":"sc-28","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_pwhistory_use_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"set_password_hashing_algorithm_logindefs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"set_password_hashing_algorithm_systemauth"}],"uuid":"a7e35611-6f8d-469c-b759-ff98f340326a"},{"control-id":"sc-28.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_pwhistory_use_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_pam_unix_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"set_password_hashing_algorithm_logindefs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"set_password_hashing_algorithm_systemauth"}],"uuid":"04a8ab87-487c-4e04-a580-8f1e6d3637cc"},{"control-id":"cm-1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"}],"uuid":"125c2b01-cb01-4de1-97a0-8f1c7dd90500"},{"control-id":"cm-2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"}],"uuid":"7a9597a1-8378-44c8-8c4b-b8e4b04c3682"},{"control-id":"cm-6","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_disable_forwarding"}],"uuid":"2eda992e-b99a-4fc6-aea7-65c03da023bb"},{"control-id":"cm-7","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_disable_forwarding"}],"uuid":"1e2eed55-69ad-43e1-bcb2-a345a62b2d8d"},{"control-id":"cm-7.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"}],"uuid":"b8dc4f87-60e5-460e-9966-a96885dd5b70"},{"control-id":"cm-9","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"}],"uuid":"28e01fe3-ef45-4c22-9eaa-a945b87cfa1d"},{"control-id":"sa-3","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"}],"uuid":"ba292227-becb-4223-af60-27a5f6a68cc8"},{"control-id":"sa-8","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"}],"uuid":"820d1ea6-85cd-41ca-bcb5-78ba3dec5d26"},{"control-id":"sa-10","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_password_warn_age_login_defs"}],"uuid":"8989a59d-e02c-4cc4-862c-67068c219f9b"},{"control-id":"ac-2.5","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_tmout"}],"uuid":"02af946c-5bdc-4359-b052-76ef3b93059e"},{"control-id":"ac-11","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_tmout"}],"uuid":"4d01ce8c-cf61-4d4c-9e3a-6199cc97d075"},{"control-id":"ac-11.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_tmout"}],"uuid":"50705567-a579-4973-b4e3-80c2e1055e4b"},{"control-id":"ac-12","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_tmout"}],"uuid":"39ef0069-8e48-41d5-8a3f-c9dd8bf9cc72"},{"control-id":"ac-6.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"package_sudo_installed"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_disable_root_login"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_add_use_pty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_remove_no_authenticate"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_require_authentication"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_require_reauthentication"}],"uuid":"cea9fc99-7bdc-4085-98a1-02ff3b10565e"},{"control-id":"ac-6.5","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"package_sudo_installed"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_disable_root_login"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_add_use_pty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_remove_no_authenticate"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_require_authentication"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_require_reauthentication"}],"uuid":"ff535050-f5b8-4ec4-81cf-7985f8ae019d"},{"control-id":"ac-1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_deny"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_root_unlock_time"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_unlock_time"}],"uuid":"c9d3ee1f-a99e-473f-a6f2-c839808f0661"},{"control-id":"ac-2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_deny"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_root_unlock_time"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_unlock_time"}],"uuid":"1f0943c6-2aea-415e-b347-0c6d7d9ca52c"},{"control-id":"ac-2.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_deny"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_root_unlock_time"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"accounts_passwords_pam_faillock_unlock_time"}],"uuid":"9caf1c8d-892a-4b35-a2ba-173be24e1008"},{"control-id":"au-2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_set_loglevel_info"}],"uuid":"a1dc98f5-b03e-4847-9fb1-52e93f2bea4c"},{"control-id":"au-7","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_set_loglevel_info"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_set_max_auth_tries"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_custom_logfile"}],"uuid":"cb929cb4-c40f-499f-a5b0-038c20fe06f0"},{"control-id":"au-12","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_set_loglevel_info"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_set_max_auth_tries"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_custom_logfile"}],"uuid":"5c23ab4f-b170-48c9-8dcc-6e1d3345f129"},{"control-id":"au-3","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_set_max_auth_tries"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_custom_logfile"}],"uuid":"ebfefaae-b05c-4bd0-aee4-9b2855a461b8"},{"control-id":"au-3.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_set_max_auth_tries"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_custom_logfile"}],"uuid":"8817ad13-f184-4f3e-976c-440f73437793"},{"control-id":"ac-10","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"concurrent_session_limit_configured"}],"uuid":"ebae4dd5-c567-4923-8ec0-f7dad7f16dc9"},{"control-id":"ac-17.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sshd_logging_enabled"}],"uuid":"75b4a674-5a79-4d41-a414-02efc4af6ee3"},{"control-id":"ac-2.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"account_temporary_expiration_configured"}],"uuid":"905e4272-edc4-495e-ab52-9557ecffaa9c"},{"control-id":"ac-2.3","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"account_disable_inactive_accounts"}],"uuid":"f70fcb2a-f430-4a24-8952-cb2b824556c1"},{"control-id":"ac-4.4","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"encrypted_traffic_inspection_configured"}],"uuid":"f84277f7-4ac3-42be-9ab6-8bc63ae9243d"},{"control-id":"ac-6.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"sudo_security_function_authorization"}],"uuid":"75ca83aa-6bbe-4699-8608-8d1467648c54"},{"control-id":"ac-6.3","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"privileged_command_network_restriction"}],"uuid":"c8e30c69-c391-41a5-9e00-54758749fd7b"},{"control-id":"au-10","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"critical_action_signing_enabled"}],"uuid":"f62e9e67-922c-4c68-bca7-ea7b275bd321"},{"control-id":"au-12.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"time_synchronization_configured"}],"uuid":"82019c4a-1c9b-42a5-b1bb-5aa16b142460"},{"control-id":"au-5.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"auditd_storage_threshold_alert"}],"uuid":"7e6a4043-7da0-4900-9d56-4530771e2518"},{"control-id":"au-5.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"auditd_realtime_alerts_enabled"}],"uuid":"79fc0565-740f-40e2-b531-cb60673eadaf"},{"control-id":"au-6.1","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"log_analysis_tool_configured"}],"uuid":"c4388d0b-6d40-472a-ad6a-5ec9a7f9c3f4"},{"control-id":"au-6.4","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"centralized_logging_configured"}],"uuid":"bb84aca5-4c28-4802-a695-27161f6687f0"},{"control-id":"au-9.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"audit_logs_remote_storage"}],"uuid":"74aa4e09-69c4-4172-9291-385cfdaa3c2e"},{"control-id":"au-9.3","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"audit_logs_encrypted"}],"uuid":"26d73d4f-0b01-4d75-876d-a3b3ecc9537a"},{"control-id":"cm-3.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"change_control_documentation_required"}],"uuid":"27a28ed1-5abf-4109-a768-343cc10ce714"},{"control-id":"si-2.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"package_update_automation_configured"}],"uuid":"1132ef46-6481-408c-8f8f-eed735b6fc2a"},{"control-id":"si-4.2","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","value":"intrusion_detection_tool_installed"}],"uuid":"33e0306e-9044-4c71-bd36-ccfa95f770b7"}]},"import-profile":{"href":"trestle://catalogs/EU-Dora/catalog.json"},"metadata":{"last-modified":"2026-05-09T08:08:27.212504","oscal-version":"1.2.1","title":"Ubuntu System Security Plan - DORA","version":"1.0"},"system-characteristics":{"authorization-boundary":{"description":"Ubuntu Linux 24.04 LTS 6-server fleet operating within a single authorization boundary, implementing DORA security controls"},"description":"System Security Plan for Ubuntu Linux 24.04 LTS 6-server fleet with OSCAP compliance validation - DORA baseline","security-sensitivity-level":"moderate","status":{"state":"operational"},"system-ids":[{"id":"ubuntu-system-001"}],"system-information":{"information-types":[{"description":"Information related to system configuration, security settings, compliance validation, and network infrastructure","title":"System and Network Configuration"}]},"system-name":"Ubuntu 24.04 LTS Fleet"},"system-implementation":{"components":[{"description":"Ubuntu Linux 24.04 LTS","props":[{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_00","value":"accounts_password_pam_unix_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_00","value":"accounts_password_pam_unix_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_01","value":"accounts_root_gid_zero"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_01","value":"accounts_root_gid_zero"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_02","value":"accounts_umask_etc_bashrc"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_02","value":"accounts_umask_etc_bashrc"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_03","value":"accounts_umask_etc_login_defs"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_03","value":"accounts_umask_etc_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_04","value":"accounts_umask_etc_profile"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_04","value":"accounts_umask_etc_profile"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_05","value":"accounts_umask_root"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_05","value":"accounts_umask_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_06","value":"ensure_pam_wheel_group_empty"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_06","value":"ensure_pam_wheel_group_empty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_07","value":"ensure_root_access_controlled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_07","value":"ensure_root_access_controlled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_08","value":"file_groupowner_sshd_config"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_08","value":"file_groupowner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_09","value":"file_owner_sshd_config"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_09","value":"file_owner_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_10","value":"file_permissions_sshd_config"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_10","value":"file_permissions_sshd_config"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_11","value":"file_permissions_sshd_private_key"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_11","value":"file_permissions_sshd_private_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_12","value":"file_permissions_sshd_pub_key"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_12","value":"file_permissions_sshd_pub_key"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_13","value":"groups_no_zero_gid_except_root"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_13","value":"groups_no_zero_gid_except_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_14","value":"no_invalid_shell_accounts_unlocked"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_14","value":"no_invalid_shell_accounts_unlocked"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_15","value":"no_shelllogin_for_systemaccounts"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_15","value":"no_shelllogin_for_systemaccounts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_16","value":"sshd_limit_user_access"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_16","value":"sshd_limit_user_access"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_17","value":"use_pam_wheel_group_for_su"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_17","value":"use_pam_wheel_group_for_su"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_18","value":"sshd_use_strong_ciphers"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_18","value":"sshd_use_strong_ciphers"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_19","value":"sshd_use_strong_kex"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_19","value":"sshd_use_strong_kex"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_20","value":"sshd_use_strong_macs"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_20","value":"sshd_use_strong_macs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_21","value":"accounts_password_pam_pwhistory_use_authtok"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_21","value":"accounts_password_pam_pwhistory_use_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_22","value":"accounts_password_pam_unix_authtok"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_22","value":"accounts_password_pam_unix_authtok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_23","value":"set_password_hashing_algorithm_logindefs"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_23","value":"set_password_hashing_algorithm_logindefs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_24","value":"set_password_hashing_algorithm_systemauth"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_24","value":"set_password_hashing_algorithm_systemauth"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_25","value":"account_disable_post_pw_expiration"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_25","value":"account_disable_post_pw_expiration"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_26","value":"accounts_maximum_age_login_defs"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_26","value":"accounts_maximum_age_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_27","value":"accounts_minimum_age_login_defs"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_27","value":"accounts_minimum_age_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_28","value":"accounts_password_last_change_is_in_past"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_28","value":"accounts_password_last_change_is_in_past"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_29","value":"accounts_password_pam_dcredit"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_29","value":"accounts_password_pam_dcredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_30","value":"accounts_password_pam_dictcheck"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_30","value":"accounts_password_pam_dictcheck"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_31","value":"accounts_password_pam_difok"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_31","value":"accounts_password_pam_difok"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_32","value":"accounts_password_pam_enforce_root"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_32","value":"accounts_password_pam_enforce_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_33","value":"accounts_password_pam_enforcing"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_33","value":"accounts_password_pam_enforcing"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_34","value":"accounts_password_pam_lcredit"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_34","value":"accounts_password_pam_lcredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_35","value":"accounts_password_pam_maxrepeat"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_35","value":"accounts_password_pam_maxrepeat"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_36","value":"accounts_password_pam_maxsequence"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_36","value":"accounts_password_pam_maxsequence"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_37","value":"accounts_password_pam_minclass"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_37","value":"accounts_password_pam_minclass"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_38","value":"accounts_password_pam_minlen"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_38","value":"accounts_password_pam_minlen"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_39","value":"accounts_password_pam_ocredit"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_39","value":"accounts_password_pam_ocredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_40","value":"accounts_password_pam_pwhistory_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_40","value":"accounts_password_pam_pwhistory_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_41","value":"accounts_password_pam_pwhistory_enforce_root"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_41","value":"accounts_password_pam_pwhistory_enforce_root"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_42","value":"accounts_password_pam_pwhistory_remember"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_42","value":"accounts_password_pam_pwhistory_remember"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_43","value":"accounts_password_pam_pwquality_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_43","value":"accounts_password_pam_pwquality_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_44","value":"accounts_password_pam_ucredit"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_44","value":"accounts_password_pam_ucredit"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_45","value":"accounts_password_pam_unix_no_remember"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_45","value":"accounts_password_pam_unix_no_remember"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_46","value":"accounts_password_set_max_life_existing"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_46","value":"accounts_password_set_max_life_existing"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_47","value":"accounts_password_set_min_life_existing"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_47","value":"accounts_password_set_min_life_existing"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_48","value":"no_empty_passwords_unix"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_48","value":"no_empty_passwords_unix"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_49","value":"sshd_disable_empty_passwords"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_49","value":"sshd_disable_empty_passwords"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_50","value":"sshd_disable_gssapi_auth"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_50","value":"sshd_disable_gssapi_auth"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_51","value":"sshd_disable_rhosts"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_51","value":"sshd_disable_rhosts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_52","value":"sshd_enable_pam"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_52","value":"sshd_enable_pam"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_53","value":"accounts_password_warn_age_login_defs"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_53","value":"accounts_password_warn_age_login_defs"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_54","value":"sshd_disable_forwarding"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_54","value":"sshd_disable_forwarding"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_55","value":"accounts_tmout"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_55","value":"accounts_tmout"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_56","value":"package_sudo_installed"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_56","value":"package_sudo_installed"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_57","value":"sshd_disable_root_login"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_57","value":"sshd_disable_root_login"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_58","value":"sudo_add_use_pty"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_58","value":"sudo_add_use_pty"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_59","value":"sudo_remove_no_authenticate"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_59","value":"sudo_remove_no_authenticate"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_60","value":"sudo_require_authentication"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_60","value":"sudo_require_authentication"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_61","value":"sudo_require_reauthentication"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_61","value":"sudo_require_reauthentication"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_62","value":"accounts_passwords_pam_faillock_deny"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_62","value":"accounts_passwords_pam_faillock_deny"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_63","value":"accounts_passwords_pam_faillock_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_63","value":"accounts_passwords_pam_faillock_enabled"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_64","value":"accounts_passwords_pam_faillock_root_unlock_time"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_64","value":"accounts_passwords_pam_faillock_root_unlock_time"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_65","value":"accounts_passwords_pam_faillock_unlock_time"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_65","value":"accounts_passwords_pam_faillock_unlock_time"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_66","value":"sshd_set_loglevel_info"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_66","value":"sshd_set_loglevel_info"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_67","value":"sshd_set_max_auth_tries"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_67","value":"sshd_set_max_auth_tries"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_68","value":"sudo_custom_logfile"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_68","value":"sudo_custom_logfile"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_69","value":"account_automated_provisioning_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_69","value":"Verify automated account management is configured"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_70","value":"account_temporary_expiration_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_70","value":"Verify temporary account expiration is automated"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_71","value":"account_disable_inactive_accounts"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_71","value":"Verify inactive account disabling mechanism"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_72","value":"sudo_security_function_authorization"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_72","value":"Verify sudo configuration restricts security functions"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_73","value":"service_nonprivileged_user_execution"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_73","value":"Verify services run as non-root users"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_74","value":"screen_lock_timeout_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_74","value":"Verify screen lock timeout is configured"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_75","value":"screen_lock_pattern_hiding_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_75","value":"Verify screen blanking on lock"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_76","value":"sshd_logging_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_76","value":"Verify SSH logging is enabled and comprehensive"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_77","value":"auditd_extended_information_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_77","value":"Verify extended audit information is captured"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_78","value":"log_analysis_tool_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_78","value":"Verify automated log analysis tool is configured"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_79","value":"change_control_documentation_required"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_79","value":"Verify change control process documentation"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_80","value":"service_periodic_review_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_80","value":"Verify periodic service review process"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_81","value":"package_update_automation_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_81","value":"Verify automated patch management"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_82","value":"intrusion_detection_tool_installed"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_82","value":"Verify IDS/IPS tool is installed and running"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_83","value":"encrypted_traffic_inspection_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_83","value":"Verify encrypted traffic inspection capability"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_84","value":"privileged_command_network_restriction"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_84","value":"Verify network-based restrictions on privileged commands"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_85","value":"concurrent_session_limit_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_85","value":"Verify concurrent session limits"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_86","value":"auditd_storage_threshold_alert"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_86","value":"Verify audit storage threshold alerting"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_87","value":"auditd_realtime_alerts_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_87","value":"Verify real-time audit failure alerts"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_88","value":"centralized_logging_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_88","value":"Verify centralized logging is configured"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_89","value":"audit_logs_remote_storage"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_89","value":"Verify audit logs are sent to remote system"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_90","value":"audit_logs_encrypted"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_90","value":"Verify audit log encryption/signing"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_91","value":"critical_action_signing_enabled"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_91","value":"Verify digital signatures for critical actions"},{"name":"Rule_Id","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_92","value":"time_synchronization_configured"},{"name":"Rule_Description","ns":"https://oscal-compass/compliance-trestle/schemas/oscal/cd","remarks":"rule_set_92","value":"Verify NTP/chrony is configured and running"}],"status":{"state":"operational"},"title":"Ubuntu_Linux_24.04_LTS","type":"software","uuid":"b2e11579-d4d6-48f8-a43c-ec7157543648"}],"inventory-items":[{"description":"Application server running Ubuntu 24.04 LTS","implemented-components":[{"component-uuid":"b2e11579-d4d6-48f8-a43c-ec7157543648"}],"props":[{"name":"asset-id","value":"ubuntu-app-01.example.com"},{"name":"asset-type","value":"server"},{"name":"ipv4-address","value":"192.168.1.104"},{"name":"role","value":"application-server"},{"name":"operating-system","value":"Ubuntu 24.04 LTS"}],"uuid":"64372a9e-9bbd-4b83-adab-873993d0ddf3"},{"description":"Database server running Ubuntu 24.04 LTS","implemented-components":[{"component-uuid":"b2e11579-d4d6-48f8-a43c-ec7157543648"}],"props":[{"name":"asset-id","value":"ubuntu-db-01.example.com"},{"name":"asset-type","value":"server"},{"name":"ipv4-address","value":"192.168.1.103"},{"name":"role","value":"database-server"},{"name":"operating-system","value":"Ubuntu 24.04 LTS"}],"uuid":"882853ea-ccef-497b-a548-cd24df9e21ea"},{"description":"Management and monitoring server running Ubuntu 24.04 LTS","implemented-components":[{"component-uuid":"b2e11579-d4d6-48f8-a43c-ec7157543648"}],"props":[{"name":"asset-id","value":"ubuntu-mgmt-01.example.com"},{"name":"asset-type","value":"server"},{"name":"ipv4-address","value":"192.168.1.105"},{"name":"role","value":"management-server"},{"name":"operating-system","value":"Ubuntu 24.04 LTS"}],"uuid":"34a7aaef-8ada-404b-a067-fb5131853f2b"},{"description":"Primary web server running Ubuntu 24.04 LTS","implemented-components":[{"component-uuid":"b2e11579-d4d6-48f8-a43c-ec7157543648"}],"props":[{"name":"asset-id","value":"ubuntu-web-01.example.com"},{"name":"asset-type","value":"server"},{"name":"ipv4-address","value":"192.168.1.101"},{"name":"role","value":"web-server"},{"name":"operating-system","value":"Ubuntu 24.04 LTS"}],"uuid":"69dd0bb5-ef44-4d78-9830-e2e337458d56"},{"description":"Secondary web server running Ubuntu 24.04 LTS","implemented-components":[{"component-uuid":"b2e11579-d4d6-48f8-a43c-ec7157543648"}],"props":[{"name":"asset-id","value":"ubuntu-web-02.example.com"},{"name":"asset-type","value":"server"},{"name":"ipv4-address","value":"192.168.1.102"},{"name":"role","value":"web-server"},{"name":"operating-system","value":"Ubuntu 24.04 LTS"}],"uuid":"c89a8516-832e-47b1-bc15-9f05a6eca17f"},{"description":"Tertiary web server running Ubuntu 24.04 LTS","implemented-components":[{"component-uuid":"b2e11579-d4d6-48f8-a43c-ec7157543648"}],"props":[{"name":"asset-id","value":"ubuntu-web-03.example.com"},{"name":"asset-type","value":"server"},{"name":"ipv4-address","value":"192.168.1.106"},{"name":"role","value":"web-server"},{"name":"operating-system","value":"Ubuntu 24.04 LTS"}],"uuid":"3cf4a686-4866-4875-a703-0bfd2757c854"}],"users":[{"role-ids":["admin"],"title":"System Administrator","uuid":"753ac88f-06ab-45e9-8a97-a37af99e12e8"}]},"uuid":"6018ab96-5e10-4e97-8fae-b08f4bbc8e6b"}}