• Welcome to the SIMP documentation!
  • 1. For the Impatient
  • 2. Changelog
  • 3. Getting Started
  • 4. User Guide
  • 5. Contributing to SIMP
  • 6. Security Concept of Operations
  • 7. Security Control Mapping
    • 7.1. SIMP Components
      • 7.1.1. SIMP
        • 7.1.1.1. Access Enforcement
        • 7.1.1.2. Account Management
        • 7.1.1.3. Audit Events
        • 7.1.1.4. Audit Storage Capacity
        • 7.1.1.5. Authenticator Management
        • 7.1.1.6. Authorize Access to Security Functions
        • 7.1.1.7. Authorized Software
        • 7.1.1.8. Baseline Configuration
        • 7.1.1.9. Boundary Protection
        • 7.1.1.10. Centralized Management of Planned Audit Record Content
        • 7.1.1.11. Concurrent Session Controls
        • 7.1.1.12. Configuration Management Policy and Procedures
        • 7.1.1.13. Cryptographic Protection
        • 7.1.1.14. Denial of Service Protection
        • 7.1.1.15. Disable Inactive Accounts
        • 7.1.1.16. Discretionary Access Control
        • 7.1.1.17. Error Handling
        • 7.1.1.18. Flaw Remediation
        • 7.1.1.19. Identification and Authentication
        • 7.1.1.20. Identification and Authentication
        • 7.1.1.21. Least Functionality
        • 7.1.1.22. Least Privilege
        • 7.1.1.23. Malicious Code Protection
        • 7.1.1.24. Predictable Failure Prevention
        • 7.1.1.25. Previous Login Notification
        • 7.1.1.26. Privileged Accounts
        • 7.1.1.27. Role Based Access Control
        • 7.1.1.28. Secure Name / Address Resolution Service
        • 7.1.1.29. Session Lock
        • 7.1.1.30. Session Termination
        • 7.1.1.31. System Use Notification
      • 7.1.2. AIDE
      • 7.1.3. Apache
      • 7.1.4. Auditd
      • 7.1.5. ClamAV
      • 7.1.6. Compliance
      • 7.1.7. IPTables
      • 7.1.8. Named/Bind
      • 7.1.9. OpenLDAP
      • 7.1.10. PAM
      • 7.1.11. Pupmod
      • 7.1.12. Rsync
      • 7.1.13. SSH
      • 7.1.14. Stunnel
      • 7.1.15. Sudo
      • 7.1.16. Sudosh
      • 7.1.17. TCP Wrappers
    • 7.2. Security Control Sources
    • 7.3. Indices and tables
  • 8. Vulnerability Supplement
  • 9. Help
  • 10. License
  • 11. Contact
  • 12. Glossary of Terms
 
SIMP
  • Docs »
  • 7. SIMP Security Control Mapping »
  • 7.1. SIMP Components »
  • 7.1.1. SIMP
  • View page source

7.1.1. SIMPΒΆ

Module Name: pupmod-simp-simp

This puppet module provides a set of default classes that will be useful to most users and which form the foundation of the core SIMP installation.

  • 7.1.1.1. Access Enforcement
    • 7.1.1.1.1. System Access
    • 7.1.1.1.2. Mountpoint Control
  • 7.1.1.2. Account Management
  • 7.1.1.3. Audit Events
  • 7.1.1.4. Audit Storage Capacity
  • 7.1.1.5. Authenticator Management
  • 7.1.1.6. Authorize Access to Security Functions
  • 7.1.1.7. Authorized Software
  • 7.1.1.8. Baseline Configuration
  • 7.1.1.9. Boundary Protection
  • 7.1.1.10. Centralized Management of Planned Audit Record Content
  • 7.1.1.11. Concurrent Session Controls
  • 7.1.1.12. Configuration Management Policy and Procedures
  • 7.1.1.13. Cryptographic Protection
  • 7.1.1.14. Denial of Service Protection
  • 7.1.1.15. Disable Inactive Accounts
  • 7.1.1.16. Discretionary Access Control
  • 7.1.1.17. Error Handling
  • 7.1.1.18. Flaw Remediation
    • 7.1.1.18.1. Continuous Remediation
    • 7.1.1.18.2. System Updates
  • 7.1.1.19. Identification and Authentication
  • 7.1.1.20. Identification and Authentication
  • 7.1.1.21. Least Functionality
  • 7.1.1.22. Least Privilege
  • 7.1.1.23. Malicious Code Protection
  • 7.1.1.24. Predictable Failure Prevention
  • 7.1.1.25. Previous Login Notification
  • 7.1.1.26. Privileged Accounts
  • 7.1.1.27. Role Based Access Control
  • 7.1.1.28. Secure Name / Address Resolution Service
  • 7.1.1.29. Session Lock
  • 7.1.1.30. Session Termination
  • 7.1.1.31. System Use Notification
Next Previous

© Copyright 2017, THE SIMP TEAM.

Built with Sphinx using a theme provided by Read the Docs.