The operating system at organization-defined information system components must load and execute the operating environment from hardware-enforced, read-only media.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-OS-000187-NA	SRG-OS-000187-NA	SRG-OS-000187-NA_rule		Medium

Description
Organizations may require the information system to load the operating environment from hardware enforced read-only media. The term operating environment is defined as the code upon which applications are hosted, for example, a monitor, executive, operating system, or application running directly on the hardware platform. Hardware-enforced, read-only media includes CD-R/DVD-R disk drives. Use of non-modifiable storage ensures the integrity of the software program from the point of creation of the read-only image. For this requirement, the operating environment is the operating system.

Description

Organizations may require the information system to load the operating environment from hardware enforced read-only media. The term operating environment is defined as the code upon which applications are hosted, for example, a monitor, executive, operating system, or application running directly on the hardware platform. Hardware-enforced, read-only media includes CD-R/DVD-R disk drives. Use of non-modifiable storage ensures the integrity of the software program from the point of creation of the read-only image. For this requirement, the operating environment is the operating system.

STIG	Date
Red Hat Enterprise Linux 6 Security Technical Implementation Guide	2013-02-05

Details

Check Text ( C-SRG-OS-000187-NA_chk )
RHEL6 cannot support this requirement without assistance from an external application, policy, or service. This requirement is NA.

Fix Text (F-SRG-OS-000187-NA_fix)
This requirement is NA. No fix is required.