Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Controls with multiple NIST Tags needs to be collapsed #16

Closed
rx294 opened this issue Oct 23, 2019 · 1 comment · Fixed by #5
Closed

Controls with multiple NIST Tags needs to be collapsed #16

rx294 opened this issue Oct 23, 2019 · 1 comment · Fixed by #5
Assignees
@kkola

Comments

@rx294
Copy link
Collaborator

rx294 commented Oct 23, 2019
edited
Loading

Controls with multiple NIST Tags needs to be collapsed, otherwise only the last nist tag definition will be parsed.

tag "nist": ['IA-2', 'Rev_4']
tag "nist": ['IA-5 e', 'Rev_4']

should be modified to

tag "nist": ['IA-2','IA-5 e','Rev_4']

Non compliant entries

Searching 275 files for "\s*tag "nist": .*$
\s*tag "nist": .*$
" (regex)

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73259.rb:
   13    tag "stig_id": 'WN16-00-000210'
   14    tag "fix_id": 'F-79703r1_fix'
   15:   tag "cci": ['CCI-000764', 'CCI-000795']
   16:   tag "nist": ['IA-2', 'Rev_4']
   17:   tag "nist": ['IA-5 e', 'Rev_4']
   18:   tag "documentable": false
   19    tag "check": "Open Windows PowerShell.
   20  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73273.rb:
   24    tag "stig_id": 'WN16-00-000280'
   25    tag "fix_id": 'F-79717r1_fix'
   26:   tag "cci": ['CCI-001199', 'CCI-002475', 'CCI-002476']
   27:   tag "nist": ['SC-28', 'Rev_4']
   28:   tag "nist": ['SC-28 (1)', 'Rev_4']
   29:   tag "documentable": false
   30    tag "check": "Verify systems that require additional protections due to
   31    factors such as inadequate physical protection or sensitivity of the data

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73279.rb:
    9    tag "stig_id": 'WN16-00-000310'
   10    tag "fix_id": 'F-79723r1_fix'
   11:   tag "cci": ['CCI-000366', 'CCI-002080']
   12:   tag "nist": ['CM-6 b', 'Rev_4']
   13:   tag "nist": ['CA-3 (5)', 'Rev_4']
   14:   tag "documentable": false
   15    tag "check": "Determine if a host-based firewall is installed and enabled on
   16    the system.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73359.rb:
   14    tag "stig_id": 'WN16-DC-000020'
   15    tag "fix_id": 'F-79801r1_fix'
   16:   tag "cci": ['CCI-001941', 'CCI-001942']
   17:   tag "nist": ['IA-2 (8)', 'Rev_4']
   18:   tag "nist": ['IA-2 (9)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "This applies to domain controllers. It is NA for other systems.
   21  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73361.rb:
   15    tag "stig_id": 'WN16-DC-000030'
   16    tag "fix_id": 'F-79803r1_fix'
   17:   tag "cci": ['CCI-001941', 'CCI-001942']
   18:   tag "nist": ['IA-2 (8)', 'Rev_4']
   19:   tag "nist": ['IA-2 (9)', 'Rev_4']
   20:   tag "documentable": false
   21    tag "check": "This applies to domain controllers. It is NA for other systems.
   22  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73363.rb:
   19    tag "stig_id": 'WN16-DC-000040'
   20    tag "fix_id": 'F-79805r1_fix'
   21:   tag "cci": ['CCI-001941', 'CCI-001942']
   22:   tag "nist": ['IA-2 (8)', 'Rev_4']
   23:   tag "nist": ['IA-2 (9)', 'Rev_4']
   24:   tag "documentable": false
   25    tag "check": "This applies to domain controllers. It is NA for other systems.
   26  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73365.rb:
   13    tag "stig_id": 'WN16-DC-000050'
   14    tag "fix_id": 'F-79807r1_fix'
   15:   tag "cci": ['CCI-001941', 'CCI-001942']
   16:   tag "nist": ['IA-2 (8)', 'Rev_4']
   17:   tag "nist": ['IA-2 (9)', 'Rev_4']
   18:   tag "documentable": false
   19    tag "check": "This applies to domain controllers. It is NA for other systems.
   20  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73367.rb:
   16    tag "stig_id": 'WN16-DC-000060'
   17    tag "fix_id": 'F-79809r1_fix'
   18:   tag "cci": ['CCI-001941', 'CCI-001942']
   19:   tag "nist": ['IA-2 (8)', 'Rev_4']
   20:   tag "nist": ['IA-2 (9)', 'Rev_4']
   21:   tag "documentable": false
   22    tag "check": "This applies to domain controllers. It is NA for other systems.
   23  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73389.rb:
   27    tag "stig_id": 'WN16-DC-000170'
   28    tag "fix_id": 'F-86715r2_fix'
   29:   tag "cci": ['CCI-000172', 'CCI-002234']
   30:   tag "nist": ['AU-12 c', 'Rev_4']
   31:   tag "nist": ['AC-6 (9)', 'Rev_4']
   32:   tag "documentable": false
   33    tag "check": "This applies to domain controllers. It is NA for other systems.
   34  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73391.rb:
   27    tag "stig_id": 'WN16-DC-000180'
   28    tag "fix_id": 'F-79833r1_fix'
   29:   tag "cci": ['CCI-000172', 'CCI-002234']
   30:   tag "nist": ['AU-12 c', 'Rev_4']
   31:   tag "nist": ['AC-6 (9)', 'Rev_4']
   32:   tag "documentable": false
   33    tag "check": "This applies to domain controllers. It is NA for other systems.
   34  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73393.rb:
   27    tag "stig_id": 'WN16-DC-000190'
   28    tag "fix_id": 'F-79835r1_fix'
   29:   tag "cci": ['CCI-000172', 'CCI-002234']
   30:   tag "nist": ['AU-12 c', 'Rev_4']
   31:   tag "nist": ['AC-6 (9)', 'Rev_4']
   32:   tag "documentable": false
   33    tag "check": "This applies to domain controllers. It is NA for other systems.
   34  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73395.rb:
   28    tag "stig_id": 'WN16-DC-000200'
   29    tag "fix_id": 'F-79837r1_fix'
   30:   tag "cci": ['CCI-000172', 'CCI-002234']
   31:   tag "nist": ['AU-12 c', 'Rev_4']
   32:   tag "nist": ['AC-6 (9)', 'Rev_4']
   33:   tag "documentable": false
   34    tag "check": "This applies to domain controllers. It is NA for other systems.
   35  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73397.rb:
   27    tag "stig_id": 'WN16-DC-000210'
   28    tag "fix_id": 'F-79839r1_fix'
   29:   tag "cci": ['CCI-000172', 'CCI-002234'] 
   30:   tag "nist": ['AU-12 c', 'Rev_4']
   31:   tag "nist": ['AC-6 (9)', 'Rev_4']
   32:   tag "documentable": false
   33    tag "check": "This applies to domain controllers. It is NA for other systems.
   34  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73399.rb:
   27    tag "stig_id": 'WN16-DC-000220'
   28    tag "fix_id": 'F-79841r1_fix'
   29:   tag "cci": ['CCI-000172', 'CCI-002234']
   30:   tag "nist": ['AU-12 c', 'Rev_4']
   31:   tag "nist": ['AC-6 (9)', 'Rev_4']
   32:   tag "documentable": false
   33    tag "check": "This applies to domain controllers. It is NA for other systems.
   34  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73417.rb:
   22    tag "fix_id": 'F-79859r1_fix'
   23    tag "cci": ['CCI-000018', 'CCI-000172', 'CCI-001403', 'CCI-001404',
   24:               'CCI-001405', 'CCI-002130']
   25:   tag "nist": ['AC-2 (4)', 'Rev_4']
   26:   tag "nist": ['AU-12 c', 'Rev_4']
   27:   tag "documentable": false
   28    tag "check": "This applies to domain controllers. It is NA for other systems.
   29  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73419.rb:
   20    tag "stig_id": 'WN16-AU-000100'
   21    tag "fix_id": 'F-79861r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73423.rb:
   22    tag "fix_id": 'F-79865r1_fix'
   23    tag "cci": ['CCI-000018', 'CCI-000172', 'CCI-001403', 'CCI-001404',
   24:               'CCI-001405', 'CCI-002130']
   25:   tag "nist": ['AC-2 (4)', 'Rev_4']
   26:   tag "nist": ['AU-12 c', 'Rev_4']
   27:   tag "documentable": false
   28    tag "check": "Security Option Audit: Force audit policy subcategory
   29    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73427.rb:
   22    tag "fix_id": 'F-79869r1_fix'
   23    tag "cci": ['CCI-000018', 'CCI-000172', 'CCI-001403', 'CCI-001404',
   24:               'CCI-001405', 'CCI-002130']
   25:   tag "nist": ['AC-2 (4)', 'Rev_4']
   26:   tag "nist": ['AU-12 c', 'Rev_4']
   27:   tag "documentable": false
   28    tag "check": "Security Option Audit: Force audit policy subcategory
   29    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73429.rb:
   22    tag "fix_id": 'F-79871r1_fix'
   23    tag "cci": ['CCI-000018', 'CCI-000172', 'CCI-001403', 'CCI-001404',
   24:               'CCI-001405', 'CCI-002130']
   25:   tag "nist": ['AC-2 (4)', 'Rev_4']
   26:   tag "nist": ['AU-12 c', 'Rev_4']
   27:   tag "documentable": false
   28    tag "check": "Security Option Audit: Force audit policy subcategory
   29    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73433.rb:
   19    tag "stig_id": 'WN16-AU-000170'
   20    tag "fix_id": 'F-79875r1_fix'
   21:   tag "cci": ['CCI-000172', 'CCI-002234']
   22:   tag "nist": ['AU-12 c', 'Rev_4']
   23:   tag "nist": ['AC-6 (9)', 'Rev_4']
   24:   tag "documentable": false
   25    tag "check": "Security Option Audit: Force audit policy subcategory
   26    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73437.rb:
   21    tag "stig_id": 'WN16-DC-000250'
   22    tag "fix_id": 'F-79879r1_fix'
   23:   tag "cci": ['CCI-000172', 'CCI-002234']
   24:   tag "nist": ['AU-12 c', 'Rev_4']
   25:   tag "nist": ['AC-6 (9)', 'Rev_4']
   26:   tag "documentable": false
   27    tag "check": "This applies to domain controllers. It is NA for other systems.
   28  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73439.rb:
   20    tag "stig_id": 'WN16-DC-000260'
   21    tag "fix_id": 'F-79881r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "This applies to domain controllers. It is NA for other systems.
   27  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73441.rb:
   20    tag "stig_id": 'WN16-DC-000270'
   21    tag "fix_id": 'F-79883r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "This applies to domain controllers. It is NA for other systems.
   27  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73443.rb:
   19    tag "stig_id": 'WN16-AU-000220'
   20    tag "fix_id": 'F-79885r1_fix'
   21:   tag "cci": ['CCI-000172', 'CCI-001404']
   22:   tag "nist": ['AU-12 c', 'Rev_4']
   23:   tag "nist": ['AC-2 (4)', 'Rev_4']
   24:   tag "documentable": false
   25    tag "check": "Security Option Audit: Force audit policy subcategory
   26    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73445.rb:
   19    tag "stig_id": 'WN16-AU-000230'
   20    tag "fix_id": 'F-79887r1_fix'
   21:   tag "cci": ['CCI-000172', 'CCI-001404']
   22:   tag "nist": ['AU-12 c', 'Rev_4']
   23:   tag "nist": ['AC-2 (4)', 'Rev_4']
   24:   tag "documentable": false
   25    tag "check": "Security Option Audit: Force audit policy subcategory
   26    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73449.rb:
   22    tag "stig_id": 'WN16-AU-000250'
   23    tag "fix_id": 'F-79891r1_fix'
   24:   tag "cci": ['CCI-000067', 'CCI-000172']
   25:   tag "nist": ['AC-17 (1)', 'Rev_4']
   26:   tag "nist": ['AU-12 c', 'Rev_4']
   27:   tag "documentable": false
   28    tag "check": "Security Option Audit: Force audit policy subcategory
   29    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73451.rb:
   22    tag "stig_id": 'WN16-AU-000260'
   23    tag "fix_id": 'F-79893r1_fix'
   24:   tag "cci": ['CCI-000067', 'CCI-000172']
   25:   tag "nist": ['AC-17 (1)', 'Rev_4']
   26:   tag "nist": ['AU-12 c', 'Rev_4']
   27:   tag "documentable": false
   28    tag "check": "Security Option Audit: Force audit policy subcategory
   29    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73453.rb:
   22    tag "stig_id": 'WN16-AU-000270'
   23    tag "fix_id": 'F-79895r1_fix'
   24:   tag "cci": ['CCI-000067', 'CCI-000172']
   25:   tag "nist": ['AC-17 (1)', 'Rev_4']
   26:   tag "nist": ['AU-12 c', 'Rev_4']
   27:   tag "documentable": false
   28    tag "check": "Security Option Audit: Force audit policy subcategory
   29    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73461.rb:
   19    tag "stig_id": 'WN16-AU-000310'
   20    tag "fix_id": 'F-79903r1_fix'
   21:   tag "cci": ['CCI-000172', 'CCI-002234']
   22:   tag "nist": ['AU-12 c', 'Rev_4']
   23:   tag "nist": ['AC-6 (9)', 'Rev_4']
   24:   tag "documentable": false
   25    tag "check": "Security Option Audit: Force audit policy subcategory
   26    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73463.rb:
   19    tag "stig_id": 'WN16-AU-000320'
   20    tag "fix_id": 'F-79905r1_fix'
   21:   tag "cci": ['CCI-000172', 'CCI-002234']
   22:   tag "nist": ['AU-12 c', 'Rev_4']
   23:   tag "nist": ['AC-6 (9)', 'Rev_4']
   24:   tag "documentable": false
   25    tag "check": "Security Option Audit: Force audit policy subcategory
   26    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73465.rb:
   20    tag "stig_id": 'WN16-AU-000330'
   21    tag "fix_id": 'F-79907r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73467.rb:
   20    tag "stig_id": 'WN16-AU-000340'
   21    tag "fix_id": 'F-79909r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73469.rb:
   21    tag "stig_id": 'WN16-AU-000350'
   22    tag "fix_id": 'F-79911r1_fix'
   23:   tag "cci": ['CCI-000172', 'CCI-002234']
   24:   tag "nist": ['AU-12 c', 'Rev_4']
   25:   tag "nist": ['AC-6 (9)', 'Rev_4']
   26:   tag "documentable": false
   27    tag "check": "Security Option Audit: Force audit policy subcategory
   28    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73471.rb:
   21    tag "stig_id": 'WN16-AU-000360'
   22    tag "fix_id": 'F-79913r1_fix'
   23:   tag "cci": ['CCI-000172', 'CCI-002234']
   24:   tag "nist": ['AU-12 c', 'Rev_4']
   25:   tag "nist": ['AC-6 (9)', 'Rev_4']
   26:   tag "documentable": false
   27    tag "check": "Security Option Audit: Force audit policy subcategory
   28    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73473.rb:
   20    tag "stig_id": 'WN16-AU-000370'
   21    tag "fix_id": 'F-79915r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73475.rb:
   20    tag "stig_id": 'WN16-AU-000380'
   21    tag "fix_id": 'F-79917r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73477.rb:
   20    tag "stig_id": 'WN16-AU-000390'
   21    tag "fix_id": 'F-79919r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73479.rb:
   20    tag "stig_id": 'WN16-AU-000400'
   21    tag "fix_id": 'F-79921r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73481.rb:
   20    tag "stig_id": 'WN16-AU-000410'
   21    tag "fix_id": 'F-79923r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73483.rb:
   20    tag "stig_id": 'WN16-AU-000420'
   21    tag "fix_id": 'F-79925r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73489.rb:
   20    tag "stig_id": 'WN16-AU-000440'
   21    tag "fix_id": 'F-79931r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73491.rb:
   20    tag "stig_id": 'WN16-AU-000450'
   21    tag "fix_id": 'F-79933r1_fix'
   22:   tag "cci": ['CCI-000172', 'CCI-002234']
   23:   tag "nist": ['AU-12 c', 'Rev_4']
   24:   tag "nist": ['AC-6 (9)', 'Rev_4']
   25:   tag "documentable": false
   26    tag "check": "Security Option Audit: Force audit policy subcategory
   27    settings (Windows Vista or later) to override audit policy category settings

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73605.rb:
   14    tag "stig_id": 'WN16-PK-000010'
   15    tag "fix_id": 'F-87311r1_fix'
   16:   tag "cci": ['CCI-000185', 'CCI-002470']
   17:   tag "nist": ['IA-5 (2) (a)', 'Rev_4']
   18:   tag "nist": ['SC-23 (5)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "The certificates and thumbprints referenced below apply to
   21    unclassified systems; see PKE documentation for other networks.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73607.rb:
   14    tag "stig_id": 'WN16-PK-000020'
   15    tag "fix_id": 'F-87313r2_fix'
   16:   tag "cci": ['CCI-000185', 'CCI-002470']
   17:   tag "nist": ['IA-5 (2) (a)', 'Rev_4']
   18:   tag "nist": ['SC-23 (5)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "This is applicable to unclassified systems. It is NA for others.
   21  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73609.rb:
   15    tag "stig_id": 'WN16-PK-000030'
   16    tag "fix_id": 'F-87315r1_fix'
   17:   tag "cci": ['CCI-000185', 'CCI-002470']
   18:   tag "nist": ['IA-5 (2) (a)', 'Rev_4']
   19:   tag "nist": ['SC-23 (5)', 'Rev_4']
   20:   tag "documentable": false
   21    tag "check": "This is applicable to unclassified systems. It is NA for others.
   22  

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73617.rb:
   18    tag "fix_id": 'F-80067r1_fix'
   19    tag "cci": ['CCI-000765', 'CCI-000766', 'CCI-000767', 'CCI-000768',
   20:               'CCI-001948']
   21:   tag "nist": ['IA-2 (1)', 'Rev_4']
   22:   tag "nist": ['IA-2 (2)', 'Rev_4']
   23:   tag "nist": ['IA-2 (3)', 'Rev_4']
   24:   tag "nist": ['IA-2 (4)', 'Rev_4']
   25:   tag "nist": ['IA-2 (11)', 'Rev_4']
   26    tag "documentable": false
   27    tag "check": "This applies to domain controllers. It is NA for other systems.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73633.rb:
   14    tag "stig_id": 'WN16-SO-000080'
   15    tag "fix_id": 'F-80083r1_fix'
   16:   tag "cci": ['CCI-002418', 'CCI-002421']
   17:   tag "nist": ['SC-8', 'Rev_4']
   18:   tag "nist": ['SC-8 (1)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73635.rb:
   14    tag "stig_id": 'WN16-SO-000090'
   15    tag "fix_id": 'F-80085r1_fix'
   16:   tag "cci": ['CCI-002418', 'CCI-002421']
   17:   tag "nist": ['SC-8', 'Rev_4']
   18:   tag "nist": ['SC-8 (1)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73637.rb:
   14    tag "stig_id": 'WN16-SO-000100'
   15    tag "fix_id": 'F-80087r1_fix'
   16:   tag "cci": ['CCI-002418', 'CCI-002421']
   17:   tag "nist": ['SC-8', 'Rev_4']
   18:   tag "nist": ['SC-8 (1)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73643.rb:
   15    tag "stig_id": 'WN16-SO-000130'
   16    tag "fix_id": 'F-80093r1_fix'
   17:   tag "cci": ['CCI-002418', 'CCI-002421']
   18:   tag "nist": ['SC-8', 'Rev_4']
   19:   tag "nist": ['SC-8 (1)', 'Rev_4']
   20:   tag "documentable": false
   21    tag "check": "If the following registry value does not exist or is not
   22    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73647.rb:
   15    tag "fix_id": 'F-80097r2_fix'
   16    tag "cci": ['CCI-000048', 'CCI-000050', 'CCI-001384', 'CCI-001385',
   17:               'CCI-001386', 'CCI-001387', 'CCI-001388']
   18:   tag "nist": ['AC-8 a', 'Rev_4']
   19:   tag "nist": ['AC-8 b', 'Rev_4']
   20:   tag "nist": ['AC-8 c 1', 'Rev_4']
   21:   tag "nist": ['AC-8 c 2', 'Rev_4']
   22:   tag "nist": ['AC-8 c 3', 'Rev_4']
   23    tag "documentable": false
   24    tag "check": "If the following registry value does not exist or is not

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73649.rb:
   13    tag "fix_id": 'F-80099r1_fix'
   14    tag "cci": ['CCI-000048', 'CCI-001384', 'CCI-001385', 'CCI-001386',
   15:               'CCI-001387', 'CCI-001388']
   16:   tag "nist": ['AC-8 a', 'Rev_4']
   17:   tag "nist": ['AC-8 b', 'Rev_4']
   18:   tag "nist": ['AC-8 c 1', 'Rev_4']
   19:   tag "nist": ['AC-8 c 2', 'Rev_4']
   20:   tag "nist": ['AC-8 c 3', 'Rev_4']
   21    tag "documentable": false
   22    tag "check": "If the following registry value does not exist or is not

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73653.rb:
   14    tag "stig_id": 'WN16-SO-000190'
   15    tag "fix_id": 'F-80103r1_fix'
   16:   tag "cci": ['CCI-002418', 'CCI-002421']
   17:   tag "nist": ['SC-8', 'Rev_4']
   18:   tag "nist": ['SC-8 (1)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73655.rb:
   14    tag "stig_id": 'WN16-SO-000200'
   15    tag "fix_id": 'F-80105r1_fix'
   16:   tag "cci": ['CCI-002418', 'CCI-002421']
   17:   tag "nist": ['SC-8', 'Rev_4']
   18:   tag "nist": ['SC-8 (1)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73659.rb:
   15    tag "stig_id": 'WN16-SO-000220'
   16    tag "fix_id": 'F-80109r1_fix'
   17:   tag "cci": ['CCI-001133', 'CCI-002361']
   18:   tag "nist": ['SC-10', 'Rev_4']
   19:   tag "nist": ['AC-12', 'Rev_4']
   20:   tag "documentable": false
   21    tag "check": "If the following registry value does not exist or is not
   22    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73661.rb:
   14    tag "stig_id": 'WN16-SO-000230'
   15    tag "fix_id": 'F-80111r1_fix'
   16:   tag "cci": ['CCI-002418', 'CCI-002421']
   17:   tag "nist": ['SC-8', 'Rev_4']
   18:   tag "nist": ['SC-8 (1)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73663.rb:
   14    tag "stig_id": 'WN16-SO-000240'
   15    tag "fix_id": 'F-80113r1_fix'
   16:   tag "cci": ['CCI-002418', 'CCI-002421']
   17:   tag "nist": ['SC-8', 'Rev_4']
   18:   tag "nist": ['SC-8 (1)', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73701.rb:
   14    tag "stig_id": 'WN16-SO-000430'
   15    tag "fix_id": 'F-80151r1_fix'
   16:   tag "cci": ['CCI-000068', 'CCI-002450']
   17:   tag "nist": ['AC-17 (2)', 'Rev_4']
   18:   tag "nist": ['SC-13', 'Rev_4']
   19:   tag "documentable": false
   20    tag "check": "If the following registry value does not exist or is not
   21    configured as specified, this is a finding.

stig-microsoft-windows-server-2016-v1r4-baseline/controls/V-73793.rb:
   19    tag "fix_id": 'F-80243r1_fix'
   20    tag "cci": ['CCI-000162', 'CCI-000163', 'CCI-000164', 'CCI-000171',
   21:               'CCI-001914']
   22:   tag "nist": ['AU-9', 'Rev_4']
   23:   tag "nist": ['AU-9 (1)', 'Rev_4']
   24:   tag "nist": ['AU-12 b', 'Rev_4']
   25:   tag "nist": ['AU-12 (3)', 'Rev_4']
   26:   tag "documentable": false
   27    tag "check": "Verify the effective setting in Local Group Policy Editor.
   28  

63 matches across 59 files
kkola added a commit that referenced this issue Oct 24, 2019
@kkola
fix issue #16: NIST tag duplication
f087286
@kkola kkola mentioned this issue Oct 24, 2019
Merged
@kkola
Copy link
Collaborator

kkola commented Oct 24, 2019

draft PR #20 addresses this issue. Please review.

aaronlippold pushed a commit that referenced this issue Oct 25, 2019
@kkola @aaronlippold
fix issue #16: NIST tag duplication (#20)
455a8d3
@kkola kkola mentioned this issue Feb 10, 2020
Merged
aaronlippold added a commit that referenced this issue Feb 10, 2020
@kkola @rx294 @aaronlippold
control fixes for existing controls (#5)
7724823 
* first simple pass for the profile

* update 73615 to use Windows 2016 PS commands

* change attributes to inputs

* move attributes to inside the control code

* updates related to legal notice text and caption

* update 73221 to correct domain roles and AD check

* update 73259 to check for DC role

* update 73261 to account for DC role

* update 73387 with inputs for MaxConnIdleTime

* update LegalNoticeCaption input for 73649

* update 73607 check for DoD interoperabilty certs

* update 78127 language

* control updates to 73785 and 73803

* update 73783

* update 73775 to NOT a domain controller check

* check for AD only system in 73771

* check for 73775 for AD only flag

* read AD only flag for 73775

* check for AD in 73759

* update 73749 to use 'be_in'

* update 73733 to use 'be_in'

* update 73731 to use 'be_in'

* minor edits to 73379

* check for SMBv1 in 78123 and 78125

* add check for no accounts or groups to 73783

* Update Review.md

* Update Review.md

* Update Review.md

* address incorrect if statement issue #6

* fix incorrect NIST tag issue #7

* fix temporary account check. issue #8

* fixes issue #9

* Update Review.md

* Update Review.md

* Update Review.md

* fix for issue #11

* Update Review.md

* fix issue #12

* fix issue #13

* fix issue #13

* fix issue #17

* fix issue #18

* fix for issue #19

* fix issue #16: NIST tag duplication (#20)

* v-73607: minor edit; v-73223: account all systems

* update V-73231

* update V-73247

* update V-73391

* minor edit to v-73391

* update V-73391 to be more readable

* update V-73249

* update v-73249 and v-73251

* update V-73249 and V-73251

* remove commented lines from V-73251

* update V-73253

* remove comments

* update V-73255

* remove comments

* update V-73369

* update V-73381

* update V-73375

* fixes issue #22

* update V-73255 for readability

* control fixes so inspec v4.18 can run execute (#21)

* control fixes so inspec v4.18 can run execute

* update inspec.yml

* fixes for issue #14

* fixes for issue #15

* fix for issue #14

Co-authored-by: Rony Xavier <rx294@nyu.edu>
Co-authored-by: Aaron Lippold <lippold@gmail.com>
aaronlippold added a commit that referenced this issue Feb 10, 2020
@aaronlippold @kkola @rx294
Merge from Dev into master (#25)
18967b1 
* first simple pass for the profile

* update 73615 to use Windows 2016 PS commands

* change attributes to inputs

* move attributes to inside the control code

* updates related to legal notice text and caption

* update 73221 to correct domain roles and AD check

* update 73259 to check for DC role

* update 73261 to account for DC role

* update 73387 with inputs for MaxConnIdleTime

* update LegalNoticeCaption input for 73649

* update 73607 check for DoD interoperabilty certs

* update 78127 language

* control updates to 73785 and 73803

* update 73783

* update 73775 to NOT a domain controller check

* check for AD only system in 73771

* check for 73775 for AD only flag

* read AD only flag for 73775

* check for AD in 73759

* update 73749 to use 'be_in'

* update 73733 to use 'be_in'

* update 73731 to use 'be_in'

* minor edits to 73379

* check for SMBv1 in 78123 and 78125

* add check for no accounts or groups to 73783

* Update Review.md

* Update Review.md

* Update Review.md

* address incorrect if statement issue #6

* fix incorrect NIST tag issue #7

* fix temporary account check. issue #8

* fixes issue #9

* Update Review.md

* Update Review.md

* Update Review.md

* fix for issue #11

* Update Review.md

* fix issue #12

* fix issue #13

* fix issue #13

* fix issue #17

* fix issue #18

* fix for issue #19

* fix issue #16: NIST tag duplication (#20)

* v-73607: minor edit; v-73223: account all systems

* update V-73231

* update V-73247

* update V-73391

* minor edit to v-73391

* update V-73391 to be more readable

* update V-73249

* update v-73249 and v-73251

* update V-73249 and V-73251

* remove commented lines from V-73251

* update V-73253

* remove comments

* update V-73255

* remove comments

* update V-73369

* update V-73381

* update V-73375

* fixes issue #22

* update V-73255 for readability

* control fixes so inspec v4.18 can run execute (#21)

* control fixes so inspec v4.18 can run execute

* update inspec.yml

* fixes for issue #14

* fixes for issue #15

* fix for issue #14

* update check, fix tags to use new  desc format (#23)

Co-authored-by: Krishna Kola <kkola@digitalinfuzion.com>
Co-authored-by: Rony Xavier <rx294@nyu.edu>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kkola kkola

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

control fixes for existing controls mitre/microsoft-windows-server-2016-stig-baseline
2 participants
@kkola @rx294