From 367c4f7ae5e0f8b0a65abb7154e779a401ea8b9b Mon Sep 17 00:00:00 2001
From: Christian Hagenest <christian.hagenest@suse.com>
Date: Wed, 15 Nov 2023 16:23:59 +0100
Subject: [PATCH 1/3] Update DISA STIG for SLES 12 to V2 R12

---
 ...=> disa-stig-sle12-v2r12-xccdf-manual.xml} | 496 +++++++++---------
 1 file changed, 238 insertions(+), 258 deletions(-)
 rename shared/references/{disa-stig-sle12-v2r10-xccdf-manual.xml => disa-stig-sle12-v2r12-xccdf-manual.xml} (83%)

diff --git a/shared/references/disa-stig-sle12-v2r10-xccdf-manual.xml b/shared/references/disa-stig-sle12-v2r12-xccdf-manual.xml
similarity index 83%
rename from shared/references/disa-stig-sle12-v2r10-xccdf-manual.xml
rename to shared/references/disa-stig-sle12-v2r12-xccdf-manual.xml
index f2132ff39c2..49bfb25e24f 100644
--- a/shared/references/disa-stig-sle12-v2r10-xccdf-manual.xml
+++ b/shared/references/disa-stig-sle12-v2r12-xccdf-manual.xml
@@ -1,6 +1,6 @@
-<?xml version="1.0" encoding="utf-8"?><?xml-stylesheet type='text/xsl' href='STIG_unclass.xsl'?><Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="SLES_12_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2023-03-06">accepted</status><title>SLES 12 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 10 Benchmark Date: 27 Apr 2023</plain-text><plain-text id="generator">3.4.0.34222</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>2</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217137" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Group id="V-217101"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217101r603262_rule" weight="10.0" severity="high"><version>SLES-12-010000</version><title>The SUSE operating system must be a vendor-supported release.</title><description>&lt;VulnDiscussion&gt;A SUSE operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77045</ident><ident system="http://cyber.mil/legacy">SV-91741</ident><ident system="http://cyber.mil/cci">CCI-001230</ident><fixtext fixref="F-18327r369460_fix">Upgrade the SUSE operating system to a version supported by the vendor. If the system is not registered with the SUSE Customer Center, register the system against the correct subscription.
+<?xml version="1.0" encoding="utf-8"?><?xml-stylesheet type='text/xsl' href='STIG_unclass.xsl'?><Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="SLES_12_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2023-09-08">accepted</status><title>SLES 12 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 12 Benchmark Date: 25 Oct 2023</plain-text><plain-text id="generator">3.4.1.22916</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>2</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-217101" selected="true" /><select idref="V-217102" selected="true" /><select idref="V-217103" selected="true" /><select idref="V-217104" selected="true" /><select idref="V-217105" selected="true" /><select idref="V-217106" selected="true" /><select idref="V-217107" selected="true" /><select idref="V-217108" selected="true" /><select idref="V-217109" selected="true" /><select idref="V-217110" selected="true" /><select idref="V-217111" selected="true" /><select idref="V-217112" selected="true" /><select idref="V-217113" selected="true" /><select idref="V-217114" selected="true" /><select idref="V-217116" selected="true" /><select idref="V-217117" selected="true" /><select idref="V-217118" selected="true" /><select idref="V-217119" selected="true" /><select idref="V-217120" selected="true" /><select idref="V-217121" selected="true" /><select idref="V-217122" selected="true" /><select idref="V-217123" selected="true" /><select idref="V-217124" selected="true" /><select idref="V-217125" selected="true" /><select idref="V-217126" selected="true" /><select idref="V-217127" selected="true" /><select idref="V-217128" selected="true" /><select idref="V-217129" selected="true" /><select idref="V-217130" selected="true" /><select idref="V-217131" selected="true" /><select idref="V-217132" selected="true" /><select idref="V-217133" selected="true" /><select idref="V-217134" selected="true" /><select idref="V-217135" selected="true" /><select idref="V-217136" selected="true" /><select idref="V-217138" selected="true" /><select idref="V-217139" selected="true" /><select idref="V-217140" selected="true" /><select idref="V-217141" selected="true" /><select idref="V-217142" selected="true" /><select idref="V-217143" selected="true" /><select idref="V-217144" selected="true" /><select idref="V-217145" selected="true" /><select idref="V-217146" selected="true" /><select idref="V-217147" selected="true" /><select idref="V-217148" selected="true" /><select idref="V-217149" selected="true" /><select idref="V-217150" selected="true" /><select idref="V-217151" selected="true" /><select idref="V-217152" selected="true" /><select idref="V-217153" selected="true" /><select idref="V-217154" selected="true" /><select idref="V-217155" selected="true" /><select idref="V-217156" selected="true" /><select idref="V-217158" selected="true" /><select idref="V-217159" selected="true" /><select idref="V-217160" selected="true" /><select idref="V-217161" selected="true" /><select idref="V-217162" selected="true" /><select idref="V-217163" selected="true" /><select idref="V-217164" selected="true" /><select idref="V-217166" selected="true" /><select idref="V-217167" selected="true" /><select idref="V-217168" selected="true" /><select idref="V-217169" selected="true" /><select idref="V-217170" selected="true" /><select idref="V-217171" selected="true" /><select idref="V-217172" selected="true" /><select idref="V-217173" selected="true" /><select idref="V-217174" selected="true" /><select idref="V-217175" selected="true" /><select idref="V-217176" selected="true" /><select idref="V-217177" selected="true" /><select idref="V-217178" selected="true" /><select idref="V-217179" selected="true" /><select idref="V-217180" selected="true" /><select idref="V-217181" selected="true" /><select idref="V-217182" selected="true" /><select idref="V-217183" selected="true" /><select idref="V-217184" selected="true" /><select idref="V-217185" selected="true" /><select idref="V-217186" selected="true" /><select idref="V-217188" selected="true" /><select idref="V-217189" selected="true" /><select idref="V-217190" selected="true" /><select idref="V-217191" selected="true" /><select idref="V-217192" selected="true" /><select idref="V-217193" selected="true" /><select idref="V-217194" selected="true" /><select idref="V-217195" selected="true" /><select idref="V-217196" selected="true" /><select idref="V-217197" selected="true" /><select idref="V-217198" selected="true" /><select idref="V-217199" selected="true" /><select idref="V-217200" selected="true" /><select idref="V-217201" selected="true" /><select idref="V-217202" selected="true" /><select idref="V-217203" selected="true" /><select idref="V-217204" selected="true" /><select idref="V-217205" selected="true" /><select idref="V-217206" selected="true" /><select idref="V-217207" selected="true" /><select idref="V-217208" selected="true" /><select idref="V-217209" selected="true" /><select idref="V-217210" selected="true" /><select idref="V-217211" selected="true" /><select idref="V-217212" selected="true" /><select idref="V-217213" selected="true" /><select idref="V-217214" selected="true" /><select idref="V-217215" selected="true" /><select idref="V-217216" selected="true" /><select idref="V-217217" selected="true" /><select idref="V-217218" selected="true" /><select idref="V-217223" selected="true" /><select idref="V-217227" selected="true" /><select idref="V-217230" selected="true" /><select idref="V-217236" selected="true" /><select idref="V-217237" selected="true" /><select idref="V-217238" selected="true" /><select idref="V-217239" selected="true" /><select idref="V-217240" selected="true" /><select idref="V-217241" selected="true" /><select idref="V-217242" selected="true" /><select idref="V-217243" selected="true" /><select idref="V-217244" selected="true" /><select idref="V-217245" selected="true" /><select idref="V-217246" selected="true" /><select idref="V-217247" selected="true" /><select idref="V-217248" selected="true" /><select idref="V-217249" selected="true" /><select idref="V-217250" selected="true" /><select idref="V-217251" selected="true" /><select idref="V-217252" selected="true" /><select idref="V-217253" selected="true" /><select idref="V-217254" selected="true" /><select idref="V-217255" selected="true" /><select idref="V-217257" selected="true" /><select idref="V-217258" selected="true" /><select idref="V-217260" selected="true" /><select idref="V-217261" selected="true" /><select idref="V-217262" selected="true" /><select idref="V-217263" selected="true" /><select idref="V-217264" selected="true" /><select idref="V-217265" selected="true" /><select idref="V-217266" selected="true" /><select idref="V-217267" selected="true" /><select idref="V-217268" selected="true" /><select idref="V-217269" selected="true" /><select idref="V-217270" selected="true" /><select idref="V-217271" selected="true" /><select idref="V-217272" selected="true" /><select idref="V-217273" selected="true" /><select idref="V-217274" selected="true" /><select idref="V-217275" selected="true" /><select idref="V-217276" selected="true" /><select idref="V-217277" selected="true" /><select idref="V-217278" selected="true" /><select idref="V-217279" selected="true" /><select idref="V-217280" selected="true" /><select idref="V-217281" selected="true" /><select idref="V-217282" selected="true" /><select idref="V-217283" selected="true" /><select idref="V-217284" selected="true" /><select idref="V-217285" selected="true" /><select idref="V-217286" selected="true" /><select idref="V-217287" selected="true" /><select idref="V-217288" selected="true" /><select idref="V-217289" selected="true" /><select idref="V-217290" selected="true" /><select idref="V-217291" selected="true" /><select idref="V-217292" selected="true" /><select idref="V-217293" selected="true" /><select idref="V-217294" selected="true" /><select idref="V-217295" selected="true" /><select idref="V-217296" selected="true" /><select idref="V-217297" selected="true" /><select idref="V-217298" selected="true" /><select idref="V-217299" selected="true" /><select idref="V-217300" selected="true" /><select idref="V-217301" selected="true" /><select idref="V-217302" selected="true" /><select idref="V-222385" selected="true" /><select idref="V-222386" selected="true" /><select idref="V-233308" selected="true" /><select idref="V-237603" selected="true" /><select idref="V-237604" selected="true" /><select idref="V-237605" selected="true" /><select idref="V-237606" selected="true" /><select idref="V-237607" selected="true" /><select idref="V-237608" selected="true" /><select idref="V-237609" selected="true" /><select idref="V-237610" selected="true" /><select idref="V-237611" selected="true" /><select idref="V-237612" selected="true" /><select idref="V-237613" selected="true" /><select idref="V-237614" selected="true" /><select idref="V-237615" selected="true" /><select idref="V-237616" selected="true" /><select idref="V-237617" selected="true" /><select idref="V-237618" selected="true" /><select idref="V-237619" selected="true" /><select idref="V-237620" selected="true" /><select idref="V-237621" selected="true" /><select idref="V-237622" selected="true" /><select idref="V-237623" selected="true" /><select idref="V-251719" selected="true" /><select idref="V-251720" selected="true" /><select idref="V-251721" selected="true" /><select idref="V-251722" selected="true" /><select idref="V-255914" selected="true" /><select idref="V-255915" selected="true" /><select idref="V-255916" selected="true" /><select idref="V-256980" selected="true" /><select idref="V-256981" selected="true" /></Profile><Group id="V-217101"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217101r603262_rule" weight="10.0" severity="high"><version>SLES-12-010000</version><title>The SUSE operating system must be a vendor-supported release.</title><description>&lt;VulnDiscussion&gt;A SUSE operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77045</ident><ident system="http://cyber.mil/legacy">SV-91741</ident><ident system="http://cyber.mil/cci">CCI-001230</ident><fixtext fixref="F-18327r369460_fix">Upgrade the SUSE operating system to a version supported by the vendor. If the system is not registered with the SUSE Customer Center, register the system against the correct subscription.
 
-If the system requires Long-Term Service Pack Support (LTSS), obtain the correct LTSS subscription for the system.</fixtext><fix id="F-18327r369460_fix" /><check system="C-18329r369459_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is a vendor-supported release.
+If the system requires Long-Term Service Pack Support (LTSS), obtain the correct LTSS subscription for the system.</fixtext><fix id="F-18327r369460_fix" /><check system="C-18329r369459_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is a vendor-supported release.
 
 Use the following command to verify the SUSE operating system is a vendor-supported release:
 
@@ -15,7 +15,7 @@ Current End of Life for SLES 12 General Support is 31 Oct 2024 and Long-term Sup
 If the release is not supported by the vendor, this is a finding.
 </check-content></check></Rule></Group><Group id="V-217102"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217102r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010010</version><title>Vendor-packaged SUSE operating system security patches and updates must be installed and up to date.</title><description>&lt;VulnDiscussion&gt;Timely patching is critical for maintaining the operational availability, confidentiality, and integrity of information technology (IT) systems. However, failure to keep SUSE operating system and application software patched is a common mistake made by IT professionals. New patches are released frequently, and it is often difficult for even experienced System Administrators (SAs) to keep abreast of all the new patches. When new weaknesses in a SUSE operating system exist, patches are usually made available by the vendor to resolve the problems. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77047</ident><ident system="http://cyber.mil/legacy">SV-91743</ident><ident system="http://cyber.mil/cci">CCI-001227</ident><fixtext fixref="F-18328r369463_fix">Install the applicable SUSE operating system patches available from SUSE by running the following command:
 
-# sudo zypper patch</fixtext><fix id="F-18328r369463_fix" /><check system="C-18330r369462_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system security patches and updates are installed and up to date.
+# sudo zypper patch</fixtext><fix id="F-18328r369463_fix" /><check system="C-18330r369462_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system security patches and updates are installed and up to date.
 
 Note: Updates are required to be applied with a frequency determined by the site or Program Management Office (PMO).
 
@@ -68,7 +68,7 @@ sleep 1;
 exit 1;
 fi
 
-Save the file "/etc/gdm/Xsession".</fixtext><fix id="F-18329r369466_fix" /><check system="C-18331r369465_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on via the local graphical user interface. 
+Save the file "/etc/gdm/Xsession".</fixtext><fix id="F-18329r369466_fix" /><check system="C-18331r369465_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on via the local graphical user interface. 
 
 Note: If a graphical user interface is not installed, this requirement is Not Applicable.
 
@@ -123,7 +123,7 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-18330r369469_fix" /><check system="C-18332r369468_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via local console.
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-18330r369469_fix" /><check system="C-18332r369468_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via local console.
 
 Check the "/etc/issue" file to verify that it contains the DoD required banner text:
 
@@ -182,7 +182,7 @@ Update the system databases:
 
 &gt; sudo dconf update
 
-Users must log out and back in again before the system-wide settings take effect.</fixtext><fix id="F-36319r646677_fix" /><check system="C-36356r646676_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
+Users must log out and back in again before the system-wide settings take effect.</fixtext><fix id="F-36319r646677_fix" /><check system="C-36356r646676_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system to display a banner before local or remote access to the system via a graphical user logon.
 
@@ -233,7 +233,7 @@ Note: The "\n" characters are for formatting only. They will not be displayed on
 
 Run the following command to update the database:
 
-&gt; sudo dconf update</fixtext><fix id="F-18332r646680_fix" /><check system="C-18334r646679_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system displays the approved Standard Mandatory DoD Notice before granting local or remote access to the system via a graphical user logon.
+&gt; sudo dconf update</fixtext><fix id="F-18332r646680_fix" /><check system="C-18334r646679_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system displays the approved Standard Mandatory DoD Notice before granting local or remote access to the system via a graphical user logon.
 Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
 Check that the SUSE operating system displays the exact approved Standard Mandatory DoD Notice and Consent Banner text by performing the following command:
@@ -256,7 +256,7 @@ Configure the SUSE operating system to allow the user to lock the graphical user
 
 Run the following command to configure the SUSE operating system to allow the user to lock the graphical user interface:
 
-# gsettings set org.gnome.desktop.lockdown disable-lock-screen false</fixtext><fix id="F-18333r369478_fix" /><check system="C-18335r369477_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system allows the user to lock the GUI. 
+# gsettings set org.gnome.desktop.lockdown disable-lock-screen false</fixtext><fix id="F-18333r369478_fix" /><check system="C-18335r369477_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system allows the user to lock the GUI. 
 
 Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable. This command must be run from an X11 session, otherwise the command will not work correctly.
 
@@ -272,7 +272,7 @@ Regardless of where the session lock is determined and implemented, once invoked
 
 Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011, SRG-OS-000031-GPOS-00012&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77059</ident><ident system="http://cyber.mil/legacy">SV-91755</ident><ident system="http://cyber.mil/cci">CCI-000060</ident><ident system="http://cyber.mil/cci">CCI-000056</ident><ident system="http://cyber.mil/cci">CCI-000058</ident><fixtext fixref="F-36320r602673_fix">Allow users to lock the console by installing the "kbd" package using zypper:
 
-# sudo zypper install kbd</fixtext><fix id="F-36320r602673_fix" /><check system="C-36357r602672_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Check that the SUSE operating system has the "vlock" package installed by running the following command: 
+# sudo zypper install kbd</fixtext><fix id="F-36320r602673_fix" /><check system="C-36357r602672_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Check that the SUSE operating system has the "vlock" package installed by running the following command: 
 
 # zypper se -i --provides vlock 
 
@@ -284,7 +284,7 @@ The session lock is implemented at the point where session activity can be deter
 
 Note: This command must be run from an X11 session, otherwise the command will not work correctly.
 
-&gt; sudo gsettings set org.gnome.desktop.session idle-delay 900</fixtext><fix id="F-18335r646683_fix" /><check system="C-18337r646682_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system initiates a session lock after a 15-minute period of inactivity via the graphical user interface by running the following command:
+&gt; sudo gsettings set org.gnome.desktop.session idle-delay 900</fixtext><fix id="F-18335r646683_fix" /><check system="C-18337r646682_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system initiates a session lock after a 15-minute period of inactivity via the graphical user interface by running the following command:
 
 Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
@@ -304,7 +304,7 @@ export TMOUT
 
 Set the proper permissions for the "/etc/profile.d/autologout.sh" file with the following command:
 
-# sudo chmod +x /etc/profile.d/autologout.sh</fixtext><fix id="F-18336r369487_fix" /><check system="C-18338r369486_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types. 
+# sudo chmod +x /etc/profile.d/autologout.sh</fixtext><fix id="F-18336r369487_fix" /><check system="C-18338r369486_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types. 
 
 Check the proper script exists to kill an idle session after a 15-minute period of inactivity with the following command:
 
@@ -313,21 +313,21 @@ TMOUT=900
 readonly TMOUT
 export TMOUT
 
-If the file "/etc/profile.d/autologout.sh" does not exist or the output from the function call is not the same, this is a finding.</check-content></check></Rule></Group><Group id="V-217111"><title>SRG-OS-000031-GPOS-00012</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217111r603262_rule" weight="10.0" severity="low"><version>SLES-12-010100</version><title>The SUSE operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image in the graphical user interface.</title><description>&lt;VulnDiscussion&gt;A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence.
+If the file "/etc/profile.d/autologout.sh" does not exist or the output from the function call is not the same, this is a finding.</check-content></check></Rule></Group><Group id="V-217111"><title>SRG-OS-000031-GPOS-00012</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217111r918489_rule" weight="10.0" severity="low"><version>SLES-12-010100</version><title>The SUSE operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image in the graphical user interface.</title><description>&lt;VulnDiscussion&gt;A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence.
 
 The session lock is implemented at the point where session activity can be determined. The SUSE operating system session lock event must include an obfuscation of the display screen to prevent other users from reading what was previously displayed.
 
-Publicly viewable images can include static or dynamic images, such as patterns used with screen savers, photographic images, solid colors, a clock, a battery life indicator, or a blank screen, with the additional caveat that none of the images conveys sensitive information.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91761</ident><ident system="http://cyber.mil/legacy">V-77065</ident><ident system="http://cyber.mil/cci">CCI-000060</ident><fixtext fixref="F-18337r369490_fix">Note: If the system does not have X Windows installed, this requirement is Not Applicable.
-
-Configure the SUSE operating system to use a publically viewable image by finding the Settings menu and then navigate to the Background selection section: 
-
-- Click "Applications" on the bottom left.
-- Hover over "System Tools" with the mouse.
-- Click the "Settings" icon under System Tools.
-- Click "Background" and then "Lock Screen".
-- Set the Lock Screen image to the user's choice.
-- Click "Select".
-- Exit Settings Dialog.</fixtext><fix id="F-18337r369490_fix" /><check system="C-18339r369489_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system conceals via the session lock information previously visible on the display with a publicly viewable image in the graphical user interface.
+Publicly viewable images can include static or dynamic images, such as patterns used with screen savers, photographic images, solid colors, a clock, a battery life indicator, or a blank screen, with the additional caveat that none of the images conveys sensitive information.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91761</ident><ident system="http://cyber.mil/legacy">V-77065</ident><ident system="http://cyber.mil/cci">CCI-000060</ident><fixtext fixref="F-18337r918489_fix">Note: If the system does not have X Windows installed, this requirement is Not Applicable.
+
+Configure the SUSE operating system to use a publicly viewable image by finding the Settings menu and then navigate to the Background selection section: 
+
+- Click "Applications" on the bottom left.
+- Hover over "System Tools" with the mouse.
+- Click the "Settings" icon under System Tools.
+- Click "Background" and then "Lock Screen".
+- Set the Lock Screen image to the user's choice.
+- Click "Select".
+- Exit Settings Dialog.</fixtext><fix id="F-18337r918489_fix" /><check system="C-18339r369489_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system conceals via the session lock information previously visible on the display with a publicly viewable image in the graphical user interface.
 
 Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
@@ -340,7 +340,7 @@ If nothing is returned or "org.gnome.desktop.screensaver" is not set, this is a
 
 When SUSE operating system provide the capability to change user authenticators, change security roles, or escalate a functional capability, it is critical the user reauthenticate.
 
-Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91763</ident><ident system="http://cyber.mil/legacy">V-77067</ident><ident system="http://cyber.mil/cci">CCI-002038</ident><fixtext fixref="F-18338r369493_fix">Configure the SUSE operating system to remove any occurrence of "NOPASSWD" or "!authenticate" found in the "/etc/sudoers" file. If the system does not use passwords for authentication, the "NOPASSWD" tag may exist in the file.</fixtext><fix id="F-18338r369493_fix" /><check system="C-18340r646685_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system requires reauthentication when changing authenticators, roles, or escalating privileges.
+Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91763</ident><ident system="http://cyber.mil/legacy">V-77067</ident><ident system="http://cyber.mil/cci">CCI-002038</ident><fixtext fixref="F-18338r369493_fix">Configure the SUSE operating system to remove any occurrence of "NOPASSWD" or "!authenticate" found in the "/etc/sudoers" file. If the system does not use passwords for authentication, the "NOPASSWD" tag may exist in the file.</fixtext><fix id="F-18338r369493_fix" /><check system="C-18340r646685_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system requires reauthentication when changing authenticators, roles, or escalating privileges.
 
 Check that "/etc/sudoers" has no occurrences of "NOPASSWD" or "!authenticate" with the following command:
 
@@ -352,7 +352,7 @@ This requirement addresses concurrent sessions for information system accounts a
 
 Add the following line to "/etc/security/limits.conf" or /etc/security/limits.d/*.conf file:
 
-* hard maxlogins 10</fixtext><fix id="F-18339r902833_fix" /><check system="C-18341r902832_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system limits the number of concurrent sessions to 10 for all accounts and/or account types by running the following command:
+* hard maxlogins 10</fixtext><fix id="F-18339r902833_fix" /><check system="C-18341r902832_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system limits the number of concurrent sessions to 10 for all accounts and/or account types by running the following command:
 
 # grep "maxlogins" /etc/security/limits.conf /etc/security/limits.d/*.conf
 
@@ -371,7 +371,7 @@ auth required pam_tally2.so onerr=fail silent audit deny=3
 Add or modify the following line in the /etc/pam.d/common-account file:
 account required pam_tally2.so 
 
-Note: Manual changes to the listed files may be overwritten by the "pam-config" program. The "pam-config" program should not be used to update the configurations listed in this requirement.</fixtext><fix id="F-36321r602676_fix" /><check system="C-36358r602675_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system locks a user account after three consecutive failed access attempts until the locked account is released by an administrator. 
+Note: Manual changes to the listed files may be overwritten by the "pam-config" program. The "pam-config" program should not be used to update the configurations listed in this requirement.</fixtext><fix id="F-36321r602676_fix" /><check system="C-36358r602675_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system locks a user account after three consecutive failed access attempts until the locked account is released by an administrator. 
 
 Check that the system locks a user account after three consecutive failed login attempts using the following command: 
 
@@ -393,7 +393,7 @@ If the account option is missing, or commented out, this is a finding.</check-co
 
 Add or update the following variable in "/etc/login.defs" to match the line below ("FAIL_DELAY" must have a value of "4" or higher):
 
-FAIL_DELAY 4</fixtext><fix id="F-18342r369505_fix" /><check system="C-18344r369504_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four (4) seconds between logon prompts following a failed logon attempt.
+FAIL_DELAY 4</fixtext><fix id="F-18342r369505_fix" /><check system="C-18344r369504_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four (4) seconds between logon prompts following a failed logon attempt.
 
 Check that the SUSE operating system enforces a delay of at least four (4) seconds between logon prompts following a failed logon attempt with the following command:
 
@@ -404,7 +404,7 @@ If the value of "FAIL_DELAY" is not set to "4", "FAIL_DELAY" is commented out, o
 
 Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77075</ident><ident system="http://cyber.mil/legacy">SV-91771</ident><ident system="http://cyber.mil/cci">CCI-000192</ident><fixtext fixref="F-18343r369508_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one upper-case character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ucredit=-1" after the third column.</fixtext><fix id="F-18343r369508_fix" /><check system="C-18345r369507_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one upper-case character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ucredit=-1" after the third column.</fixtext><fix id="F-18343r369508_fix" /><check system="C-18345r369507_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one upper-case character.
 
 Check that the operating system enforces password complexity by requiring that at least one upper-case character be used by using the following command:
 
@@ -415,7 +415,7 @@ If the command does not return anything, the returned line is commented out, or
 
 Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91773</ident><ident system="http://cyber.mil/legacy">V-77077</ident><ident system="http://cyber.mil/cci">CCI-000193</ident><fixtext fixref="F-18344r369511_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one lower-case character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "lcredit=-1" after the third column.</fixtext><fix id="F-18344r369511_fix" /><check system="C-18346r369510_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one lower-case character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "lcredit=-1" after the third column.</fixtext><fix id="F-18344r369511_fix" /><check system="C-18346r369510_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one lower-case character.
 
 Check that the operating system enforces password complexity by requiring that at least one lower-case character be used by using the following command:
 
@@ -426,7 +426,7 @@ If the command does not return anything, the returned line is commented out, or
 
 Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91775</ident><ident system="http://cyber.mil/legacy">V-77079</ident><ident system="http://cyber.mil/cci">CCI-000194</ident><fixtext fixref="F-18345r369514_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one numeric character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "dcredit=-1" after the third column.</fixtext><fix id="F-18345r369514_fix" /><check system="C-18347r369513_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one numeric character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "dcredit=-1" after the third column.</fixtext><fix id="F-18345r369514_fix" /><check system="C-18347r369513_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one numeric character.
 
 Check that the operating system enforces password complexity by requiring that at least one numeric character be used by using the following command:
 
@@ -439,7 +439,7 @@ Password complexity is one factor in determining how long it takes to crack a pa
 
 Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91777</ident><ident system="http://cyber.mil/legacy">V-77081</ident><ident system="http://cyber.mil/cci">CCI-001619</ident><fixtext fixref="F-18346r369517_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one special character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ocredit=-1" after the third column.</fixtext><fix id="F-18346r369517_fix" /><check system="C-18348r369516_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one special character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ocredit=-1" after the third column.</fixtext><fix id="F-18346r369517_fix" /><check system="C-18348r369516_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one special character.
 
 Check that the operating system enforces password complexity by requiring that at least one special character be used by using the following command:
 
@@ -450,7 +450,7 @@ If the command does not return anything, the returned line is commented out, or
 
 The number of changed characters refers to the number of changes required with respect to the total number of positions in the current password. In other words, characters may be the same within the two passwords; however, the positions of the like characters must be different.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91783</ident><ident system="http://cyber.mil/legacy">V-77087</ident><ident system="http://cyber.mil/cci">CCI-000195</ident><fixtext fixref="F-18347r369520_fix">Configure the SUSE operating system to require at least eight characters be changed between the old and new passwords during a password change with the following command:
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "difok=8" after the third column.</fixtext><fix id="F-18347r369520_fix" /><check system="C-18349r369519_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system requires at least eight (8) characters be changed between the old and new passwords during a password change.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "difok=8" after the third column.</fixtext><fix id="F-18347r369520_fix" /><check system="C-18349r369519_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system requires at least eight (8) characters be changed between the old and new passwords during a password change.
 
 Check that the operating system requires at least eight (8) characters be changed between the old and new passwords during a password change by running the following command:
 
@@ -465,7 +465,7 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
 
 Edit the "/etc/login.defs" file with the following line:
 
-ENCRYPT_METHOD SHA512</fixtext><fix id="F-18348r646688_fix" /><check system="C-18350r646687_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system requires that the "ENCRYPT_METHOD" value in "/etc/login.defs" is set to "SHA512".
+ENCRYPT_METHOD SHA512</fixtext><fix id="F-18348r646688_fix" /><check system="C-18350r646687_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system requires that the "ENCRYPT_METHOD" value in "/etc/login.defs" is set to "SHA512".
 
 Check the value of "ENCRYPT_METHOD" value in "/etc/login.defs" with the following command:
 
@@ -483,7 +483,7 @@ Edit/modify the following line in the "/etc/login.defs" file and set "ENCRYPT_ME
 
 ENCRYPT_METHOD SHA512
 
-Lock all interactive user accounts not using SHA512 hashing until the passwords can be regenerated.</fixtext><fix id="F-18349r646691_fix" /><check system="C-18351r646690_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system requires the shadow password suite configuration be set to encrypt interactive user passwords using a strong cryptographic hash.
+Lock all interactive user accounts not using SHA512 hashing until the passwords can be regenerated.</fixtext><fix id="F-18349r646691_fix" /><check system="C-18351r646690_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system requires the shadow password suite configuration be set to encrypt interactive user passwords using a strong cryptographic hash.
 
 Check that the interactive user account passwords are using a strong password hash with the following command:
 
@@ -497,7 +497,7 @@ If any interactive user password hash does not begin with "$6", this is a findin
 
 Satisfies: SRG-OS-000120-GPOS-00061&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77105</ident><ident system="http://cyber.mil/legacy">SV-91801</ident><ident system="http://cyber.mil/cci">CCI-000196</ident><ident system="http://cyber.mil/cci">CCI-000803</ident><fixtext fixref="F-18350r369529_fix">Configure the SUSE operating system Linux PAM to only store encrypted representations of passwords. All account passwords must be hashed with SHA512 encryption strength.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_unix.so" to contain the SHA512 keyword after third column. Remove the "nullok" option.</fixtext><fix id="F-18350r369529_fix" /><check system="C-18352r369528_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system configures the Linux PAM to only store encrypted representations of passwords. All account passwords must be hashed with SHA512 encryption strength.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_unix.so" to contain the SHA512 keyword after third column. Remove the "nullok" option.</fixtext><fix id="F-18350r369529_fix" /><check system="C-18352r369528_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system configures the Linux PAM to only store encrypted representations of passwords. All account passwords must be hashed with SHA512 encryption strength.
 
 Check that PAM is configured to create SHA512 hashed passwords by running the following command:
 
@@ -506,7 +506,7 @@ password required pam_unix.so sha512
 
 If the command does not return anything or the returned line is commented out, has a second column value different from "required", or does not contain "sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-217125"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217125r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010231</version><title>The SUSE operating system must not be configured to allow blank or null passwords.</title><description>&lt;VulnDiscussion&gt; Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-81785</ident><ident system="http://cyber.mil/legacy">SV-96499</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18351r369532_fix">Configure the SUSE operating system to not allow blank or null passwords.
 
-Remove any instances of the "nullok" option in "/etc/pam.d/common-auth" and "/etc/pam.d/common-password" to prevent logons with empty passwords.</fixtext><fix id="F-18351r369532_fix" /><check system="C-18353r369531_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating is not configured to allow blank or null passwords.
+Remove any instances of the "nullok" option in "/etc/pam.d/common-auth" and "/etc/pam.d/common-password" to prevent logons with empty passwords.</fixtext><fix id="F-18351r369532_fix" /><check system="C-18353r369531_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating is not configured to allow blank or null passwords.
 
 Check that blank or null passwords cannot be used by running the following command:
 
@@ -521,7 +521,7 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061&lt;/VulnDiscussion
 
 Edit/modify the following line in the "/etc/login.defs" file and set "SHA_CRYPT_MIN_ROUNDS" to a value no lower than "5000":
 
-SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-18352r369535_fix" /><check system="C-18354r369534_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system configures the shadow password suite configuration to encrypt passwords using a strong cryptographic hash.
+SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-18352r369535_fix" /><check system="C-18354r369534_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system configures the shadow password suite configuration to encrypt passwords using a strong cryptographic hash.
 
 Check that a minimum number of hash rounds is configured by running the following command:
 
@@ -535,7 +535,7 @@ Password complexity, or strength, is a measure of the effectiveness of a passwor
 
 Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "minlen=15" after the third column.
 
-The DoD standard requires a minimum 15-character password length.</fixtext><fix id="F-18353r369538_fix" /><check system="C-18355r369537_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum 15-character password length.
+The DoD standard requires a minimum 15-character password length.</fixtext><fix id="F-18353r369538_fix" /><check system="C-18355r369537_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum 15-character password length.
 
 Check that the operating system enforces a minimum 15-character password length with the following command:
 
@@ -548,7 +548,7 @@ Edit the file "/etc/login.defs" and add or correct the following line. Replace [
 
 PASS_MIN_DAYS [DAYS]
 
-The DoD requirement is "1" but a greater value is acceptable.</fixtext><fix id="F-18354r646694_fix" /><check system="C-18356r646693_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system to create or update passwords with minimum password age of one day or greater.
+The DoD requirement is "1" but a greater value is acceptable.</fixtext><fix id="F-18354r646694_fix" /><check system="C-18356r646693_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system to create or update passwords with minimum password age of one day or greater.
 
 Check that the SUSE operating system enforces 24 hours/one day as the minimum password age, run the following command:
 
@@ -560,7 +560,7 @@ If no output is produced, or if "PASS_MIN_DAYS" does not have a value of "1" or
 
 Change the minimum time period between password changes for each [USER] account to "1" day with the command, replacing [USER] with the user account that must be changed:
 
-&gt; sudo passwd -n 1 [USER]</fixtext><fix id="F-18355r646697_fix" /><check system="C-18357r646696_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum time period between password changes for each user account of one day or greater.
+&gt; sudo passwd -n 1 [USER]</fixtext><fix id="F-18355r646697_fix" /><check system="C-18357r646696_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum time period between password changes for each user account of one day or greater.
 
 Check the minimum time period between password changes for each user account with the following command:
 
@@ -574,7 +574,7 @@ Edit the file "/etc/login.defs" and add or correct the following line. Replace [
 
 PASS_MAX_DAYS [DAYS]
 
-The DoD requirement is 60 days or less (greater than zero, as zero days will lock the account immediately).</fixtext><fix id="F-18356r646700_fix" /><check system="C-18358r646699_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system is configured to create or update passwords with a maximum password age of 60 days or less.
+The DoD requirement is 60 days or less (greater than zero, as zero days will lock the account immediately).</fixtext><fix id="F-18356r646700_fix" /><check system="C-18358r646699_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system is configured to create or update passwords with a maximum password age of 60 days or less.
 
 Check that the SUSE operating system enforces 60 days or less as the maximum password age with the following command:
 
@@ -586,7 +586,7 @@ If no output is produced, or if PASS_MAX_DAYS is not set to "60" days or less, t
 
 &gt; sudo passwd -x 60 [USER]
 
-The DoD requirement is 60 days.</fixtext><fix id="F-18357r646703_fix" /><check system="C-18359r646702_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system enforces a maximum user password age of 60 days or less.
+The DoD requirement is 60 days.</fixtext><fix id="F-18357r646703_fix" /><check system="C-18359r646702_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system enforces a maximum user password age of 60 days or less.
 
 Check that the SUSE operating system enforces 60 days or less as the maximum user password age with the following command:
 
@@ -596,7 +596,7 @@ If any results are returned that are not associated with a system account, this
 
 # sudo touch /etc/security/opasswd
 # sudo chown root:root /etc/security/opasswd
-# sudo chmod 0600 /etc/security/opasswd</fixtext><fix id="F-18358r369553_fix" /><check system="C-18360r369552_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the password history file exists on the SUSE operating system.
+# sudo chmod 0600 /etc/security/opasswd</fixtext><fix id="F-18358r369553_fix" /><check system="C-18360r369552_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the password history file exists on the SUSE operating system.
 
 Check that the password history file exists with the following command:
 
@@ -606,7 +606,7 @@ Check that the password history file exists with the following command:
 
 If "/etc/security/opasswd" does not exist, this is a finding.</check-content></check></Rule></Group><Group id="V-217133"><title>SRG-OS-000077-GPOS-00045</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217133r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010310</version><title>The SUSE operating system must not allow passwords to be reused for a minimum of five (5) generations.</title><description>&lt;VulnDiscussion&gt;Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the end result is a password that is not changed as per policy requirements.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77121</ident><ident system="http://cyber.mil/legacy">SV-91817</ident><ident system="http://cyber.mil/cci">CCI-000200</ident><fixtext fixref="F-18359r369556_fix">Configure the SUSE operating system password history to prohibit the reuse of a password for a minimum of five generations.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_pwhistory.so" to contain the option "remember=5 use_authtok" after the third column.</fixtext><fix id="F-18359r369556_fix" /><check system="C-18361r369555_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prohibits the reuse of a password for a minimum of five (5) generations.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_pwhistory.so" to contain the option "remember=5 use_authtok" after the third column.</fixtext><fix id="F-18359r369556_fix" /><check system="C-18361r369555_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prohibits the reuse of a password for a minimum of five (5) generations.
 
 Check that the SUSE operating system prohibits the reuse of a password for a minimum of five (5) generations with the following command:
 
@@ -618,7 +618,7 @@ If the command does not return a result, or the returned line is commented out,
 
 Edit "/etc/pam.d/common-password" and add the following line:
 
-password requisite pam_cracklib.so retry=3</fixtext><fix id="F-18360r369559_fix" /><check system="C-18362r369558_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents the use of dictionary words for passwords.
+password requisite pam_cracklib.so retry=3</fixtext><fix id="F-18360r369559_fix" /><check system="C-18362r369558_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents the use of dictionary words for passwords.
 
 Check that the SUSE operating system prevents the use of dictionary words for passwords with the following command:
 
@@ -635,7 +635,7 @@ To address access requirements the SUSE operating system can be integrated with
 
 Replace "[Emergency_Administrator]" in the following command with the correct emergency administrator account. Run the following command as an administrator:
 
-# sudo chage -I -1 -M 99999 [Emergency_Administrator]</fixtext><fix id="F-18361r369562_fix" /><check system="C-18363r369561_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured such that emergency administrator accounts are never automatically removed or disabled. 
+# sudo chage -I -1 -M 99999 [Emergency_Administrator]</fixtext><fix id="F-18361r369562_fix" /><check system="C-18363r369561_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured such that emergency administrator accounts are never automatically removed or disabled. 
 
 Note: Root is typically the "account of last resort" on a system and is also used as the example emergency administrator account. If another account is being used as the emergency administrator account, the command should be used against that account. 
 
@@ -645,15 +645,15 @@ Check to see if the root account password or account expires with the following
 
 Password expires:never
 
-If "Password expires" or "Account expires" is set to anything other than "never", this is a finding.</check-content></check></Rule></Group><Group id="V-217136"><title>SRG-OS-000118-GPOS-00060</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217136r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010340</version><title>The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration.</title><description>&lt;VulnDiscussion&gt;Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
+If "Password expires" or "Account expires" is set to anything other than "never", this is a finding.</check-content></check></Rule></Group><Group id="V-217136"><title>SRG-OS-000118-GPOS-00060</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217136r928528_rule" weight="10.0" severity="medium"><version>SLES-12-010340</version><title>The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration.</title><description>&lt;VulnDiscussion&gt;Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
 
-The SUSE operating system needs to track periods of inactivity and disable application identifiers after 35 days of inactivity.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77127</ident><ident system="http://cyber.mil/legacy">SV-91823</ident><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-18362r369565_fix">Configure the SUSE operating system to disable account identifiers after "35" days of inactivity after the password expiration. 
+The SUSE operating system needs to track periods of inactivity and disable application identifiers after 35 days of inactivity.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77127</ident><ident system="http://cyber.mil/legacy">SV-91823</ident><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-18362r928527_fix">Configure the SUSE operating system to disable account identifiers after 35 days of inactivity since the password expiration. 
 
-Run the following command to change the configuration for "useradd" to disable the account identifier after "35" days:
+Run the following command to change the configuration for "useradd" to disable the account identifier after 35 days:
 
 # sudo useradd -D -f 35
 
-DoD recommendation is "35" days, but a lower value greater than "0" is acceptable.</fixtext><fix id="F-18362r369565_fix" /><check system="C-18364r369564_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system disables account identifiers after "35" days of inactivity after the password expiration
+DOD recommendation is 35 days, but a lower value greater than "0" is acceptable.</fixtext><fix id="F-18362r928527_fix" /><check system="C-18364r928526_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system disables account identifiers after 35 days of inactivity since the password expiration
 
 Check the account inactivity value by performing the following command:
 
@@ -661,34 +661,14 @@ Check the account inactivity value by performing the following command:
 
 INACTIVE=35
 
-If "INACTIVE" is not set to a value greater than "0" and less than or equal to "35", this is a finding.</check-content></check></Rule></Group><Group id="V-217137"><title>SRG-OS-000002-GPOS-00002</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217137r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010360</version><title>The SUSE operating system must provision temporary accounts with an expiration date for 72 hours.</title><description>&lt;VulnDiscussion&gt;If temporary user accounts remain active when no longer needed or for an excessive period, these accounts may be used to gain unauthorized access. To mitigate this risk, automated termination of all temporary accounts must be set upon account creation.
-
-Temporary accounts are established as part of normal account activation procedures when there is a need for short-term accounts without the demand for immediacy in account activation.
-
-If temporary accounts are used, the SUSE operating system must be configured to automatically terminate these types of accounts after a DoD-defined time period of 72 hours.
-
-To address access requirements, many SUSE operating systems may be integrated with enterprise-level authentication/access mechanisms that meet or exceed access control policy requirements.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91825</ident><ident system="http://cyber.mil/legacy">V-77129</ident><ident system="http://cyber.mil/cci">CCI-000016</ident><fixtext fixref="F-18363r369568_fix">In the event temporary accounts are required, configure the SUSE operating system to terminate them after "72" hours. 
-
-For every temporary account, run the following command to set an expiration date on it, substituting "system_account_name" with the appropriate value:
-
-# sudo chage -E `date -d "+3 days" +%Y-%m-%d` system_account_name
-
-`date -d "+3 days" +%Y-%m-%d` sets the 72-hour expiration date for the account at the time the command is run.</fixtext><fix id="F-18363r369568_fix" /><check system="C-18365r369567_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system provisions temporary accounts with an expiration date for "72" hours.
-
-Ask the System Administrator if any temporary accounts have been added to the system. For every existing temporary account, run the following command to obtain its account expiration information:
-
-# sudo chage -l system_account_name
-
-Verify each of these accounts has an expiration date that is within "72" hours of its creation.
-
-If any temporary accounts have no expiration date set or do not expire within "72" hours of their creation, this is a finding.</check-content></check></Rule></Group><Group id="V-217138"><title>SRG-OS-000480-GPOS-00226</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217138r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010370</version><title>The SUSE operating system must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.</title><description>&lt;VulnDiscussion&gt;Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91827</ident><ident system="http://cyber.mil/legacy">V-77131</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18364r369571_fix">Configure the SUSE operating system to enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
+If "INACTIVE" is not set to a value greater than "0" and less than or equal to "35", this is a finding.</check-content></check></Rule></Group><Group id="V-217138"><title>SRG-OS-000480-GPOS-00226</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217138r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010370</version><title>The SUSE operating system must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.</title><description>&lt;VulnDiscussion&gt;Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91827</ident><ident system="http://cyber.mil/legacy">V-77131</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18364r369571_fix">Configure the SUSE operating system to enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
 
 Edit the file "/etc/pam.d/common-auth".
 
 Add a parameter "pam_faildelay" and set it to a value of "4000000" or greater:
 
 # delay is in micro seconds
-auth required pam_faildelay.so delay=4000000</fixtext><fix id="F-18364r369571_fix" /><check system="C-18366r369570_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four seconds between logon prompts following a failed logon attempt.
+auth required pam_faildelay.so delay=4000000</fixtext><fix id="F-18364r369571_fix" /><check system="C-18366r369570_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four seconds between logon prompts following a failed logon attempt.
 
 # grep pam_faildelay /etc/pam.d/common-auth*
 auth required pam_faildelay.so delay=4000000
@@ -700,7 +680,7 @@ Configure the SUSE operating system graphical user interface to not allow unatte
 Add or edit the following lines in the "/etc/sysconfig/displaymanager" configuration file:
 
 DISPLAYMANAGER_AUTOLOGIN=""
-DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"</fixtext><fix id="F-18365r646706_fix" /><check system="C-18367r646705_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
+DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"</fixtext><fix id="F-18365r646706_fix" /><check system="C-18367r646705_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system does not allow unattended or automatic logon via a graphical user interface.
 
@@ -720,7 +700,7 @@ finding.</check-content></check></Rule></Group><Group id="V-217140"><title>SRG-O
 
 Add the following line to the top of "/etc/pam.d/login":
 
-session     required      pam_lastlog.so showfailed</fixtext><fix id="F-18366r369577_fix" /><check system="C-18368r646708_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system users are provided with feedback on when account accesses last occurred.
+session     required      pam_lastlog.so showfailed</fixtext><fix id="F-18366r369577_fix" /><check system="C-18368r646708_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system users are provided with feedback on when account accesses last occurred.
 
 Check that "pam_lastlog" is used and not silent with the following command:
 
@@ -730,7 +710,7 @@ session required pam_lastlog.so showfailed
 
 If "pam_lastlog" is missing from "/etc/pam.d/login" file, the "silent" option is present, or the returned line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-217141"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217141r603262_rule" weight="10.0" severity="high"><version>SLES-12-010400</version><title>There must be no .shosts files on the SUSE operating system.</title><description>&lt;VulnDiscussion&gt;The .shosts files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77137</ident><ident system="http://cyber.mil/legacy">SV-91833</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18367r369580_fix">Remove any ".shosts" files found on the SUSE operating system.
 
-# rm /[path]/[to]/[file]/.shosts</fixtext><fix id="F-18367r369580_fix" /><check system="C-18369r369579_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify there are no ".shosts" files on the SUSE operating system.
+# rm /[path]/[to]/[file]/.shosts</fixtext><fix id="F-18367r369580_fix" /><check system="C-18369r369579_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify there are no ".shosts" files on the SUSE operating system.
 
 Check the system for the existence of these files with the following command:
 
@@ -738,7 +718,7 @@ Check the system for the existence of these files with the following command:
 
 If any ".shosts" files are found on the system, this is a finding.</check-content></check></Rule></Group><Group id="V-217142"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217142r603262_rule" weight="10.0" severity="high"><version>SLES-12-010410</version><title>There must be no shosts.equiv files on the SUSE operating system.</title><description>&lt;VulnDiscussion&gt;The shosts.equiv files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77139</ident><ident system="http://cyber.mil/legacy">SV-91835</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18368r369583_fix">Remove any "shosts.equiv" files found on the SUSE operating system.
 
-# rm /[path]/[to]/[file]/shosts.equiv</fixtext><fix id="F-18368r369583_fix" /><check system="C-18370r369582_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify there are no "shosts.equiv" files on the SUSE operating system.
+# rm /[path]/[to]/[file]/shosts.equiv</fixtext><fix id="F-18368r369583_fix" /><check system="C-18370r369582_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify there are no "shosts.equiv" files on the SUSE operating system.
 
 Check the system for the existence of these files with the following command:
 
@@ -750,7 +730,7 @@ Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000478-GPOS-00223&lt;/VulnDiscussion
 
 Enabling FIPS mode on a preexisting system involves a number of modifications to the SUSE operating system. Refer to section 9.1, "Crypto Officer Guidance", of the following document for installation guidance:
 
-http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2435.pdf</fixtext><fix id="F-18369r369586_fix" /><check system="C-18371r369585_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is running in FIPS mode by running the following command.
+http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2435.pdf</fixtext><fix id="F-18369r369586_fix" /><check system="C-18371r369585_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is running in FIPS mode by running the following command.
 
 # cat /proc/sys/crypto/fips_enabled 
 
@@ -779,7 +759,7 @@ EOF
 Generate an updated "grub.conf" file with the new password using the following commands:
 
 # sudo grub2-mkconfig --output=/tmp/grub2.cfg
-# sudo mv /tmp/grub2.cfg /boot/grub2/grub.cfg </fixtext><fix id="F-18370r369589_fix" /><check system="C-18372r369588_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted root password. 
+# sudo mv /tmp/grub2.cfg /boot/grub2/grub.cfg </fixtext><fix id="F-18370r369589_fix" /><check system="C-18372r369588_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted root password. 
 
 Note: If the system does not use a basic input/output system (BIOS) this requirement is Not Applicable.
 
@@ -812,7 +792,7 @@ EOF
 Generate an updated "grub.conf" file with the new password using the following commands:
 
 # sudo grub2-mkconfig --output=/tmp/grub2.cfg
-# sudo mv /tmp/grub2.cfg /boot/efi/EFI/sles/grub.cfg</fixtext><fix id="F-18371r369592_fix" /><check system="C-18373r369591_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted boot password. 
+# sudo mv /tmp/grub2.cfg /boot/efi/EFI/sles/grub.cfg</fixtext><fix id="F-18371r369592_fix" /><check system="C-18373r369591_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted boot password. 
 
 Note: If the system does not use Unified Extensible Firmware Interface (UEFI) this requirement is Not Applicable.
 
@@ -832,7 +812,7 @@ Encrypting a partition in an already-installed system is more difficult because
 
 Refer to the document "SUSE 12 Security Guide", Section 11.1, for a detailed disk encryption guide:
 
-https://www.suse.com/documentation/sles-12/book_security/data/sec_security_cryptofs_y2.html#sec_security_cryptofs_y2_part_run</fixtext><fix id="F-18372r369595_fix" /><check system="C-18374r369594_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized disclosure or modification of all information requiring at rest protection by using disk encryption. 
+https://www.suse.com/documentation/sles-12/book_security/data/sec_security_cryptofs_y2.html#sec_security_cryptofs_y2_part_run</fixtext><fix id="F-18372r369595_fix" /><check system="C-18374r369594_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized disclosure or modification of all information requiring at rest protection by using disk encryption. 
 
 Determine the partition layout for the system with the following command:
 
@@ -864,7 +844,7 @@ An example of a world-writable directory is "/tmp" directory. Set the sticky bit
 
 # sudo chmod 1777 /tmp
 
-For every world-writable directory, replace "/tmp" in the command above with the world-writable directory that does not have the sticky bit set.</fixtext><fix id="F-18373r369598_fix" /><check system="C-18375r369597_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized and unintended information transfer via the shared system resources.
+For every world-writable directory, replace "/tmp" in the command above with the world-writable directory that does not have the sticky bit set.</fixtext><fix id="F-18373r369598_fix" /><check system="C-18375r369597_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized and unintended information transfer via the shared system resources.
 
 Note: The example below should be repeated for each locally defined partition.
 
@@ -886,7 +866,7 @@ The following example output is generic. It will set cron to run AIDE weekly, bu
 
      0 0 * * 6 /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily AIDE integrity check run" root@example_server_name.mil
 
-Note: Per requirement SLES-12-010498, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-18374r902839_fix" /><check system="C-18376r902838_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system checks the baseline configuration for unauthorized changes at least once weekly.
+Note: Per requirement SLES-12-010498, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-18374r902839_fix" /><check system="C-18376r902838_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system checks the baseline configuration for unauthorized changes at least once weekly.
 
 Note: A file integrity tool other than Advanced Intrusion Detection Environment (AIDE) may be used, but the tool must be executed at least once per week.
 
@@ -913,7 +893,7 @@ Add following command to a cron job replacing the "[E-MAIL]" parameter with a pr
 
      /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily AIDE integrity check run" root@example_server_name.mil
 
-Note: Per requirement SLES-12-010498, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-18375r902842_fix" /><check system="C-18377r902841_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system notifies the SA when AIDE discovers anomalies in the operation of any security functions.
+Note: Per requirement SLES-12-010498, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-18375r902842_fix" /><check system="C-18377r902841_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system notifies the SA when AIDE discovers anomalies in the operation of any security functions.
 
 Check to see if the aide cron job sends an email when executed with the following command:
 
@@ -926,7 +906,7 @@ If a "crontab" entry does not exist, check the cron directories for a script tha
 
 If a cron job is not configured to execute a binary to send an email (such as "/bin/mail"), this is a finding.</check-content></check></Rule></Group><Group id="V-217150"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217150r880939_rule" weight="10.0" severity="low"><version>SLES-12-010520</version><title>The SUSE operating system file integrity tool must be configured to verify Access Control Lists (ACLs).</title><description>&lt;VulnDiscussion&gt;ACLs can provide permissions beyond those permitted through the file mode and must be verified by file integrity tools.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77155</ident><ident system="http://cyber.mil/legacy">SV-91851</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18376r369607_fix">Configure the SUSE operating system file integrity tool to check file and directory ACLs. 
 
-If AIDE is installed, ensure the "acl" rule is present on all file and directory selection lists.</fixtext><fix id="F-18376r369607_fix" /><check system="C-18378r880938_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify ACLs.
+If AIDE is installed, ensure the "acl" rule is present on all file and directory selection lists.</fixtext><fix id="F-18376r369607_fix" /><check system="C-18378r880938_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify ACLs.
 
 Check the "aide.conf" file to determine if the "acl" rule has been added to the rule list being applied to the files and directories selection lists.
 
@@ -938,7 +918,7 @@ An example rule that includes the "acl" rule follows:
 
 If the "acl" rule is not being used on all selection lines in the "/etc/aide.conf" file, or ACLs are not being checked by another file integrity tool, this is a finding.</check-content></check></Rule></Group><Group id="V-217151"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217151r880941_rule" weight="10.0" severity="low"><version>SLES-12-010530</version><title>The SUSE operating system file integrity tool must be configured to verify extended attributes.</title><description>&lt;VulnDiscussion&gt;Extended attributes in file systems are used to contain arbitrary data and file metadata with security implications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91853</ident><ident system="http://cyber.mil/legacy">V-77157</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18377r369610_fix">Configure the SUSE operating system file integrity tool to check file and directory extended attributes. 
 
-If AIDE is installed, ensure the "xattrs" rule is present on all file and directory selection lists.</fixtext><fix id="F-18377r369610_fix" /><check system="C-18379r880940_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify extended attributes.
+If AIDE is installed, ensure the "xattrs" rule is present on all file and directory selection lists.</fixtext><fix id="F-18377r369610_fix" /><check system="C-18379r880940_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify extended attributes.
 
 Check the "aide.conf" file to determine if the "xattrs" rule has been added to the rule list being applied to the files and directories selection lists.
 
@@ -965,7 +945,7 @@ Add or update the following lines to "/etc/aide.conf" to protect the integrity o
 /usr/sbin/aureport p+i+n+u+g+s+b+acl+selinux+xattrs+sha512
 /usr/sbin/autrace p+i+n+u+g+s+b+acl+selinux+xattrs+sha512
 /usr/sbin/audispd p+i+n+u+g+s+b+acl+selinux+xattrs+sha512
-/usr/sbin/augenrules p+i+n+u+g+s+b+acl+selinux+xattrs+sha512</fixtext><fix id="F-18378r369613_fix" /><check system="C-18380r369612_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to protect the integrity of the audit tools.
+/usr/sbin/augenrules p+i+n+u+g+s+b+acl+selinux+xattrs+sha512</fixtext><fix id="F-18378r369613_fix" /><check system="C-18380r369612_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to protect the integrity of the audit tools.
 
 Check that AIDE is properly configured to protect the integrity of the audit tools by running the following command:
 
@@ -987,7 +967,7 @@ Accordingly, patches, service packs, device drivers, or SUSE operating system co
 
 Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. The SUSE operating system should not have to verify the software again. This requirement does not mandate DoD certificates for this purpose; however, the certificate used to verify the software must be from an approved Certification Authority (CA).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77161</ident><ident system="http://cyber.mil/legacy">SV-91857</ident><ident system="http://cyber.mil/cci">CCI-001749</ident><fixtext fixref="F-18379r646715_fix">Configure that the SUSE operating system tool zypper to enable gpgcheck by editing or adding the following line to "/etc/zypp/zypp.conf":
 
-gpgcheck = 1</fixtext><fix id="F-18379r646715_fix" /><check system="C-18381r646714_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system tool zypper has gpgcheck enabled.
+gpgcheck = 1</fixtext><fix id="F-18379r646715_fix" /><check system="C-18381r646714_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system tool zypper has gpgcheck enabled.
 
 Check that zypper has gpgcheck enabled with the following command: 
 
@@ -997,7 +977,7 @@ gpgcheck = 1
 
 If "gpgcheck" is set to "0", "off", "no", or "false", this is a finding.</check-content></check></Rule></Group><Group id="V-217154"><title>SRG-OS-000437-GPOS-00194</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217154r854090_rule" weight="10.0" severity="medium"><version>SLES-12-010570</version><title>The SUSE operating system must remove all outdated software components after updated versions have been installed.</title><description>&lt;VulnDiscussion&gt;Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77163</ident><ident system="http://cyber.mil/legacy">SV-91859</ident><ident system="http://cyber.mil/cci">CCI-002617</ident><fixtext fixref="F-18380r369619_fix">Configure the SUSE operating system to remove all outdated software components after an update by editing the following line in "/etc/zypp/zypp.conf" to match the one provided below:
 
-solver.upgradeRemoveDroppedPackages = true</fixtext><fix id="F-18380r369619_fix" /><check system="C-18382r369618_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system removes all outdated software components after updated version have been installed by running the following command:
+solver.upgradeRemoveDroppedPackages = true</fixtext><fix id="F-18380r369619_fix" /><check system="C-18382r369618_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system removes all outdated software components after updated version have been installed by running the following command:
 
 # grep -i upgraderemovedroppedpackages /etc/zypp/zypp.conf 
 
@@ -1009,7 +989,7 @@ Peripherals include but are not limited to such devices as flash drives, externa
 
 Add or update the following line to the "/etc/modprobe.d/50-blacklist.conf" file:
 
-blacklist usb-storage</fixtext><fix id="F-18381r369622_fix" /><check system="C-18383r369621_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not automount USB mass storage devices when connected to the host.
+blacklist usb-storage</fixtext><fix id="F-18381r369622_fix" /><check system="C-18383r369621_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not automount USB mass storage devices when connected to the host.
 
 Check that "usb-storage" is blacklisted in the "/etc/modprobe.d/50-blacklist.conf" file with the following command:
 
@@ -1025,7 +1005,7 @@ Turn off the automount service with the following command:
 # systemctl stop autofs
 # systemctl disable autofs
 
-If "autofs" is required for Network File System (NFS), it must be documented with the ISSO.</fixtext><fix id="F-18382r369625_fix" /><check system="C-18384r369624_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system disables the ability to automount devices.
+If "autofs" is required for Network File System (NFS), it must be documented with the ISSO.</fixtext><fix id="F-18382r369625_fix" /><check system="C-18384r369624_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system disables the ability to automount devices.
 
 Check to see if automounter service is active with the following command:
 
@@ -1044,7 +1024,7 @@ Users' home directories/folders may contain information of a sensitive nature. N
 
 Apparmor can confine users to their home directory, not allowing them to make any changes outside of their own home directories. Confining users to their home directory will minimize the risk of sharing information.
 
-Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPOS-00124, SRG-OS-000324-GPOS-00125, SRG-OS-000326-GPOS-00126, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPOS-00230&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91865</ident><ident system="http://cyber.mil/legacy">V-77169</ident><ident system="http://cyber.mil/cci">CCI-001774</ident><ident system="http://cyber.mil/cci">CCI-002165</ident><ident system="http://cyber.mil/cci">CCI-002233</ident><ident system="http://cyber.mil/cci">CCI-002235</ident><fixtext fixref="F-18384r646718_fix">Configure the SUSE operating system to blacklist all applications by default and permit by whitelist.
+Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123SRG-OS-000312-GPOS-00124, SRG-OS-000324-GPOS-00125, SRG-OS-000326-GPOS-00126, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPOS-00230&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91865</ident><ident system="http://cyber.mil/legacy">V-77169</ident><ident system="http://cyber.mil/cci">CCI-001774</ident><ident system="http://cyber.mil/cci">CCI-002165</ident><ident system="http://cyber.mil/cci">CCI-002233</ident><ident system="http://cyber.mil/cci">CCI-002235</ident><fixtext fixref="F-18384r646718_fix">Configure the SUSE operating system to blacklist all applications by default and permit by whitelist.
 
 Install "pam_apparmor" (if it is not installed) with the following command:
 
@@ -1058,7 +1038,7 @@ Start "Apparmor" with the following command:
 
 &gt; sudo systemctl start apparmor.service
 
-Note: "pam_apparmor" must have properly configured profiles. All configurations will be based on the actual system setup and organization. See the "pam_apparmor" documentation for more information on configuring profiles.</fixtext><fix id="F-18384r646718_fix" /><check system="C-18386r646717_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system Apparmor tool is configured to control whitelisted applications and user home directory access control.
+Note: "pam_apparmor" must have properly configured profiles. All configurations will be based on the actual system setup and organization. See the "pam_apparmor" documentation for more information on configuring profiles.</fixtext><fix id="F-18384r646718_fix" /><check system="C-18386r646717_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system Apparmor tool is configured to control whitelisted applications and user home directory access control.
 
 Check that "pam_apparmor" is installed on the system with the following command:
 
@@ -1082,7 +1062,7 @@ Note: "pam_apparmor" must have properly configured profiles. All configurations
 
 And reload the daemon to take effect 
 
-&gt; sudo systemctl daemon-reload</fixtext><fix id="F-18385r646721_fix" /><check system="C-18387r646720_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed.
+&gt; sudo systemctl daemon-reload</fixtext><fix id="F-18385r646721_fix" /><check system="C-18387r646720_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed.
 
 Check that the ctrl-alt-del.target is masked with the following command:
 
@@ -1117,7 +1097,7 @@ logout=''
 
 4. Update the dconf database: 
 
-&gt; sudo dconf update</fixtext><fix id="F-18386r646724_fix" /><check system="C-18388r646723_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
+&gt; sudo dconf update</fixtext><fix id="F-18386r646724_fix" /><check system="C-18388r646723_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed in the graphical user interface.
 
@@ -1137,7 +1117,7 @@ If the logout value is not [''] and the writable status is not false, this is a
 
 Add or edit the "UMASK" parameter in the "/etc/login.defs" file to match the example below:
 
-UMASK 077</fixtext><fix id="F-18387r369640_fix" /><check system="C-18389r369639_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system defines default permissions for all authenticated users in such a way that the users can only read and modify their own files. 
+UMASK 077</fixtext><fix id="F-18387r369640_fix" /><check system="C-18389r369639_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system defines default permissions for all authenticated users in such a way that the users can only read and modify their own files. 
 
 Check the system default permissions with the following command:
 
@@ -1151,7 +1131,7 @@ If the value of "UMASK" is not set to "077", "UMASK" is commented out, or "UMASK
 
 Remove accounts that do not support approved system activities or that allow for a normal user to perform administrative-level actions. 
 
-Document all authorized accounts on the system.</fixtext><fix id="F-18388r369643_fix" /><check system="C-18390r369642_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify all SUSE operating system accounts are assigned to an active system, application, or user account.
+Document all authorized accounts on the system.</fixtext><fix id="F-18388r369643_fix" /><check system="C-18390r369642_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system accounts are assigned to an active system, application, or user account.
 
 Obtain the list of authorized system accounts from the Information System Security Officer (ISSO).
 
@@ -1174,7 +1154,7 @@ Interactive users include organizational employees or individuals the organizati
 
 Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91873</ident><ident system="http://cyber.mil/legacy">V-77177</ident><ident system="http://cyber.mil/cci">CCI-000764</ident><ident system="http://cyber.mil/cci">CCI-000804</ident><fixtext fixref="F-18389r369646_fix">Configure the SUSE operating system to contain no duplicate UIDs for interactive users.
 
-Edit the file "/etc/passwd" and provide each interactive user account that has a duplicate UID with a unique UID.</fixtext><fix id="F-18389r369646_fix" /><check system="C-18391r369645_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system contains no duplicate UIDs for interactive users.
+Edit the file "/etc/passwd" and provide each interactive user account that has a duplicate UID with a unique UID.</fixtext><fix id="F-18389r369646_fix" /><check system="C-18391r369645_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system contains no duplicate UIDs for interactive users.
 
 Check that the SUSE operating system contains no duplicate UIDs for interactive users by running the following command:
 
@@ -1182,7 +1162,7 @@ Check that the SUSE operating system contains no duplicate UIDs for interactive
 
 If output is produced, this is a finding.</check-content></check></Rule></Group><Group id="V-217164"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217164r603262_rule" weight="10.0" severity="high"><version>SLES-12-010650</version><title>The SUSE operating system root account must be the only account having unrestricted access to the system.</title><description>&lt;VulnDiscussion&gt;If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire SUSE operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77179</ident><ident system="http://cyber.mil/legacy">SV-91875</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18390r369649_fix">Change the UID of any account on the SUSE operating system, other than the root account, that has a UID of "0". 
 
-If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.</fixtext><fix id="F-18390r369649_fix" /><check system="C-18392r369648_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system root account is the only account with unrestricted access to the system.
+If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.</fixtext><fix id="F-18390r369649_fix" /><check system="C-18392r369648_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system root account is the only account with unrestricted access to the system.
 
 Check the system for duplicate UID "0" assignments with the following command:
 
@@ -1194,7 +1174,7 @@ If any accounts other than root have a UID of "0", this is a finding.</check-con
 
 Add or change the following line in "/etc/sssd/sssd.conf" just below the line "[nss]":
 
-memcache_timeout = 86400</fixtext><fix id="F-18392r369655_fix" /><check system="C-18394r369654_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>If NSS is not used on the operating system, this is Not Applicable.
+memcache_timeout = 86400</fixtext><fix id="F-18392r369655_fix" /><check system="C-18394r369654_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>If NSS is not used on the operating system, this is Not Applicable.
 
 If NSS is used by the SUSE operating system, verify it prohibits the use of cached authentications after one day.
 
@@ -1208,7 +1188,7 @@ If "memcache_timeout" has a value greater than "86400", or is missing, this is a
 
 Add or change the following line in "/etc/sssd/sssd.conf" just below the line "[pam]":
 
-offline_credentials_expiration = 1</fixtext><fix id="F-18393r369658_fix" /><check system="C-18395r369657_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>If SSSD is not being used on the operating system, this is Not Applicable.
+offline_credentials_expiration = 1</fixtext><fix id="F-18393r369658_fix" /><check system="C-18395r369657_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>If SSSD is not being used on the operating system, this is Not Applicable.
 
 Verify that the SUSE operating system Pluggable Authentication Modules (PAM) prohibits the use of cached off line authentications after one day.
 
@@ -1220,7 +1200,7 @@ offline_credentials_expiration = 1
 
 If "offline_credentials_expiration" is not set to a value of "1", this is a finding.</check-content></check></Rule></Group><Group id="V-217168"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217168r854096_rule" weight="10.0" severity="medium"><version>SLES-12-010690</version><title>All SUSE operating system files and directories must have a valid owner.</title><description>&lt;VulnDiscussion&gt;Unowned files and directories may be unintentionally inherited if a user is assigned the same User Identifier (UID) as the UID of the unowned files.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91883</ident><ident system="http://cyber.mil/legacy">V-77187</ident><ident system="http://cyber.mil/cci">CCI-002165</ident><fixtext fixref="F-18394r369661_fix">Either remove all files and directories from the SUSE operating system that do not have a valid user, or assign a valid user to all unowned files and directories on the system with the "chown" command:
 
-# sudo chown &lt;user&gt; &lt;file&gt;</fixtext><fix id="F-18394r369661_fix" /><check system="C-18396r369660_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that all SUSE operating system files and directories on the system have a valid owner.
+# sudo chown &lt;user&gt; &lt;file&gt;</fixtext><fix id="F-18394r369661_fix" /><check system="C-18396r369660_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that all SUSE operating system files and directories on the system have a valid owner.
 
 Check the owner of all files and directories with the following command:
 
@@ -1230,7 +1210,7 @@ Note: The value after -fstype must be replaced with the filesystem type. XFS is
 
 If any files on the system do not have an assigned owner, this is a finding.</check-content></check></Rule></Group><Group id="V-217169"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217169r854097_rule" weight="10.0" severity="medium"><version>SLES-12-010700</version><title>All SUSE operating system files and directories must have a valid group owner.</title><description>&lt;VulnDiscussion&gt;Files without a valid group owner may be unintentionally inherited if a group is assigned the same Group Identifier (GID) as the GID of the files without a valid group owner.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91889</ident><ident system="http://cyber.mil/legacy">V-77193</ident><ident system="http://cyber.mil/cci">CCI-002165</ident><fixtext fixref="F-18395r369664_fix">Either remove all files and directories from the SUSE operating system that do not have a valid group, or assign a valid group to all files and directories on the system with the "chgrp" command:
 
-# sudo chgrp &lt;group&gt; &lt;file&gt;</fixtext><fix id="F-18395r369664_fix" /><check system="C-18397r369663_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify all SUSE operating system files and directories on the system have a valid group.
+# sudo chgrp &lt;group&gt; &lt;file&gt;</fixtext><fix id="F-18395r369664_fix" /><check system="C-18397r369663_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system files and directories on the system have a valid group.
 
 Check the owner of all files and directories with the following command:
 
@@ -1242,7 +1222,7 @@ If any files on the system do not have an assigned group, this is a finding.</ch
 
 Assign a home directory to users via the usermod command:
 
-&gt; sudo usermod -d /home/smithj smithj</fixtext><fix id="F-18396r646727_fix" /><check system="C-18398r646726_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify SUSE operating system local interactive users on the system have a home directory assigned.
+&gt; sudo usermod -d /home/smithj smithj</fixtext><fix id="F-18396r646727_fix" /><check system="C-18398r646726_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify SUSE operating system local interactive users on the system have a home directory assigned.
 
 Check for missing local interactive user home directories with the following command:
 
@@ -1255,7 +1235,7 @@ Ask the System Administrator (SA) if any users found without home directories ar
 
 If any interactive users do not have a home directory assigned, this is a finding.</check-content></check></Rule></Group><Group id="V-217171"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217171r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010720</version><title>All SUSE operating system local interactive user accounts, upon creation, must be assigned a home directory.</title><description>&lt;VulnDiscussion&gt;If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77199</ident><ident system="http://cyber.mil/legacy">SV-91895</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18397r369670_fix">Configure the SUSE operating system to assign home directories to all new local interactive users by setting the "CREATE_HOME" parameter in "/etc/login.defs" to "yes" as follows.
 
-CREATE_HOME yes</fixtext><fix id="F-18397r369670_fix" /><check system="C-18399r369669_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify all SUSE operating system local interactive users on the system are assigned a home directory upon creation.
+CREATE_HOME yes</fixtext><fix id="F-18397r369670_fix" /><check system="C-18399r369669_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system local interactive users on the system are assigned a home directory upon creation.
 
 Check to see if the system is configured to create home directories for local interactive users with the following command:
 
@@ -1269,7 +1249,7 @@ Note: The example will be for the user smithj, who has a home directory of "/hom
 # mkdir /home/smithj 
 # chown smithj /home/smithj
 # chgrp users /home/smithj
-# chmod 0750 /home/smithj</fixtext><fix id="F-18398r369673_fix" /><check system="C-18400r622348_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users on the system exists.
+# chmod 0750 /home/smithj</fixtext><fix id="F-18398r369673_fix" /><check system="C-18400r622348_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users on the system exists.
 
 Check the home directory assignment for all local interactive non-privileged users on the system with the following command:
 
@@ -1289,7 +1269,7 @@ If any home directories referenced in "/etc/passwd" are returned as not defined,
 
 Note: The example will be for the user "smithj".
 
-# chmod 0750 /home/smithj</fixtext><fix id="F-18399r369676_fix" /><check system="C-18401r622350_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users has a mode of "0750" or less permissive.
+# chmod 0750 /home/smithj</fixtext><fix id="F-18399r369676_fix" /><check system="C-18401r622350_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users has a mode of "0750" or less permissive.
 
 Check the home directory assignment for all non-privileged users on the system with the following command:
 
@@ -1302,7 +1282,7 @@ If home directories referenced in "/etc/passwd" do not have a mode of "0750" or
 
 Note: The example will be for the user "smithj", who has a home directory of "/home/smithj", and has a primary group of users.
 
-# chgrp users /home/smithj</fixtext><fix id="F-18400r369679_fix" /><check system="C-18402r622352_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users is group-owned by that user's primary GID.
+# chgrp users /home/smithj</fixtext><fix id="F-18400r369679_fix" /><check system="C-18402r622352_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users is group-owned by that user's primary GID.
 
 Check the home directory assignment for all non-privileged users on the system with the following command:
 
@@ -1320,7 +1300,7 @@ If the user home directory referenced in "/etc/passwd" is not group-owned by tha
 
 Note: The example will be for the smithj user, who has a home directory of "/home/smithj".
 
-# chmod 0740 /home/smithj/.&lt;INIT_FILE&gt;</fixtext><fix id="F-18401r369682_fix" /><check system="C-18403r369681_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that all SUSE operating system local initialization files have a mode of "0740" or less permissive.
+# chmod 0740 /home/smithj/.&lt;INIT_FILE&gt;</fixtext><fix id="F-18401r369682_fix" /><check system="C-18403r369681_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that all SUSE operating system local initialization files have a mode of "0740" or less permissive.
 
 Check the mode on all SUSE operating system local initialization files with the following command:
 
@@ -1331,7 +1311,7 @@ Note: The example will be for the user "smithj", who has a home directory of "/h
 -rwxr-xr-x  1 smithj users   497 Jan  6  2007 .login
 -rwxr-xr-x  1 smithj users   886 Jan  6  2007 .something
 
-If any local initialization files have a mode more permissive than "0740", this is a finding.</check-content></check></Rule></Group><Group id="V-217176"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217176r793056_rule" weight="10.0" severity="medium"><version>SLES-12-010770</version><title>All SUSE operating system local interactive user initialization files executable search paths must contain only paths that resolve to the users home directory.</title><description>&lt;VulnDiscussion&gt;The executable search path (typically the PATH environment variable) contains a list of directories for the shell to search to find executables. If this path includes the current working directory (other than the user's home directory), executables in these directories may be executed instead of system commands. This variable is formatted as a colon-separated list of directories. If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is interpreted as the current working directory. If deviations from the default system search path for the local interactive user are required, they must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91915</ident><ident system="http://cyber.mil/legacy">V-77219</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18402r369685_fix">Edit the SUSE operating system local interactive user initialization files to change any PATH variable statements for executables that reference directories other than their home directory. If a local interactive user requires path variables to reference a directory owned by the application, it must be documented with the ISSO.</fixtext><fix id="F-18402r369685_fix" /><check system="C-18404r793055_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that all SUSE operating system local interactive user initialization files executable search path statements do not contain statements that will reference a working directory other than the user's home directory.
+If any local initialization files have a mode more permissive than "0740", this is a finding.</check-content></check></Rule></Group><Group id="V-217176"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217176r793056_rule" weight="10.0" severity="medium"><version>SLES-12-010770</version><title>All SUSE operating system local interactive user initialization files executable search paths must contain only paths that resolve to the users home directory.</title><description>&lt;VulnDiscussion&gt;The executable search path (typically the PATH environment variable) contains a list of directories for the shell to search to find executables. If this path includes the current working directory (other than the user's home directory), executables in these directories may be executed instead of system commands. This variable is formatted as a colon-separated list of directories. If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is interpreted as the current working directory. If deviations from the default system search path for the local interactive user are required, they must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91915</ident><ident system="http://cyber.mil/legacy">V-77219</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18402r369685_fix">Edit the SUSE operating system local interactive user initialization files to change any PATH variable statements for executables that reference directories other than their home directory. If a local interactive user requires path variables to reference a directory owned by the application, it must be documented with the ISSO.</fixtext><fix id="F-18402r369685_fix" /><check system="C-18404r793055_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that all SUSE operating system local interactive user initialization files executable search path statements do not contain statements that will reference a working directory other than the user's home directory.
 
 Check the executable search path statement for all operating system local interactive user initialization files in the user's home directory with the following commands:
 
@@ -1342,7 +1322,7 @@ Note: The example will be for the user "smithj", who has a home directory of "/h
 
 If any local interactive user initialization files have executable search path statements that include directories outside of their home directory, and the additional path statements are not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.</check-content></check></Rule></Group><Group id="V-217177"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217177r646731_rule" weight="10.0" severity="medium"><version>SLES-12-010780</version><title>All SUSE operating system local initialization files must not execute world-writable programs.</title><description>&lt;VulnDiscussion&gt;If user start-up files execute world-writable programs, especially in unprotected directories, they could be maliciously modified to destroy user files or otherwise compromise the system at the user level. If the system is compromised at the user level, it is easier to elevate privileges to eventually compromise the system at the root and network level.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91921</ident><ident system="http://cyber.mil/legacy">V-77225</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18403r646730_fix">Remove the references to these files in the local initialization scripts or remove the world-writable permission of files referenced by SUSE operating system local initialization scripts with the following command:
 
-&gt; sudo chmod 0755 &lt;file&gt;</fixtext><fix id="F-18403r646730_fix" /><check system="C-18405r646729_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that SUSE operating system local initialization files do not execute world-writable programs.
+&gt; sudo chmod 0755 &lt;file&gt;</fixtext><fix id="F-18403r646730_fix" /><check system="C-18405r646729_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that SUSE operating system local initialization files do not execute world-writable programs.
 
 Check the system for world-writable files with the following command:
 
@@ -1360,7 +1340,7 @@ If any local initialization files are found to reference world-writable files, t
 
 Re-mount the filesystems.
 
-# mount -o remount /home</fixtext><fix id="F-18404r369691_fix" /><check system="C-18406r622354_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that SUSE operating system file systems that contain user home directories are mounted with the "nosuid" option.
+# mount -o remount /home</fixtext><fix id="F-18404r369691_fix" /><check system="C-18406r622354_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that SUSE operating system file systems that contain user home directories are mounted with the "nosuid" option.
 
 Print the currently active file system mount options of the file system(s) that contain the user home directories with the following command:
 
@@ -1369,7 +1349,7 @@ Print the currently active file system mount options of the file system(s) that
 
 If a file system containing user home directories is not mounted with the FSTYPE OPTION nosuid, this is a finding.
 
-Note: If a separate file system has not been created for the user home directories (user home directories are mounted under "/"), this is not a finding as the "nosuid" option cannot be used on the "/" system.</check-content></check></Rule></Group><Group id="V-217179"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217179r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010800</version><title>SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91933</ident><ident system="http://cyber.mil/legacy">V-77237</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18405r369694_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are associated with removable media.</fixtext><fix id="F-18405r369694_fix" /><check system="C-18407r369693_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify SUSE operating system file systems used for removable media are mounted with the "nosuid" option.
+Note: If a separate file system has not been created for the user home directories (user home directories are mounted under "/"), this is not a finding as the "nosuid" option cannot be used on the "/" system.</check-content></check></Rule></Group><Group id="V-217179"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217179r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010800</version><title>SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91933</ident><ident system="http://cyber.mil/legacy">V-77237</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18405r369694_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are associated with removable media.</fixtext><fix id="F-18405r369694_fix" /><check system="C-18407r369693_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify SUSE operating system file systems used for removable media are mounted with the "nosuid" option.
 
 Check the file systems that are mounted at boot time with the following command:
 
@@ -1377,7 +1357,7 @@ Check the file systems that are mounted at boot time with the following command:
 
 UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat noauto,owner,ro,nosuid 0 0
 
-If a file system found in "/etc/fstab" refers to removable media and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-217180"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217180r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010810</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91937</ident><ident system="http://cyber.mil/legacy">V-77241</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18406r369697_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are being exported via NFS.</fixtext><fix id="F-18406r369697_fix" /><check system="C-18408r369696_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify SUSE operating system file systems that are being NFS exported are mounted with the "nosuid" option.
+If a file system found in "/etc/fstab" refers to removable media and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-217180"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217180r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010810</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91937</ident><ident system="http://cyber.mil/legacy">V-77241</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18406r369697_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are being exported via NFS.</fixtext><fix id="F-18406r369697_fix" /><check system="C-18408r369696_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify SUSE operating system file systems that are being NFS exported are mounted with the "nosuid" option.
 
 Find the file system(s) that contain the directories being exported with the following command:
 
@@ -1385,7 +1365,7 @@ Find the file system(s) that contain the directories being exported with the fol
 
 UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d   /store   nfs   rw,nosuid   0 0
 
-If a file system found in "/etc/fstab" refers to NFS and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-217181"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217181r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010820</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent binary files from being executed.</title><description>&lt;VulnDiscussion&gt;The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91947</ident><ident system="http://cyber.mil/legacy">V-77251</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18407r369700_fix">Configure the SUSE operating system "/etc/fstab" file to use the "noexec" option on file systems that are being exported via NFS.</fixtext><fix id="F-18407r369700_fix" /><check system="C-18409r369699_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system file systems that are being NFS exported are mounted with the "noexec" option.
+If a file system found in "/etc/fstab" refers to NFS and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-217181"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217181r603262_rule" weight="10.0" severity="medium"><version>SLES-12-010820</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent binary files from being executed.</title><description>&lt;VulnDiscussion&gt;The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91947</ident><ident system="http://cyber.mil/legacy">V-77251</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18407r369700_fix">Configure the SUSE operating system "/etc/fstab" file to use the "noexec" option on file systems that are being exported via NFS.</fixtext><fix id="F-18407r369700_fix" /><check system="C-18409r369699_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system file systems that are being NFS exported are mounted with the "noexec" option.
 
 Find the file system(s) that contain the directories being exported with the following command:
 
@@ -1397,7 +1377,7 @@ If a file system found in "/etc/fstab" refers to NFS and it does not have the "n
 
 The only authorized public directories are those temporary directories supplied with the system or those designed to be temporary file repositories. The setting is normally reserved for directories used by the system and by users for temporary file storage, (e.g., /tmp), and for directories requiring global read/write access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91949</ident><ident system="http://cyber.mil/legacy">V-77253</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18408r369703_fix">Change the group of the SUSE operating system world-writable directories to root with the following command:
 
-# chgrp root &lt;directory&gt;</fixtext><fix id="F-18408r369703_fix" /><check system="C-18410r369702_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify all SUSE operating system world-writable directories are group-owned by root, sys, bin, or an application group.
+# chgrp root &lt;directory&gt;</fixtext><fix id="F-18408r369703_fix" /><check system="C-18410r369702_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system world-writable directories are group-owned by root, sys, bin, or an application group.
 
 Check the system for world-writable directories with the following command:
 
@@ -1413,7 +1393,7 @@ If any world-writable directories are not owned by root, sys, bin, or an applica
 
 # systemctl disable kdump.service
 
-If kernel core dumps are required, document the need with the ISSO.</fixtext><fix id="F-18409r369706_fix" /><check system="C-18411r369705_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that SUSE operating system kernel core dumps are disabled unless needed.
+If kernel core dumps are required, document the need with the ISSO.</fixtext><fix id="F-18409r369706_fix" /><check system="C-18411r369705_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that SUSE operating system kernel core dumps are disabled unless needed.
 
 Check the status of the "kdump" service with the following command:
 
@@ -1425,7 +1405,7 @@ If the "kdump" service is active, ask the System Administrator if the use of the
 
 If the service is active and is not documented, this is a finding.</check-content></check></Rule></Group><Group id="V-217184"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217184r603893_rule" weight="10.0" severity="low"><version>SLES-12-010850</version><title>A separate file system must be used for SUSE operating system user home directories (such as /home or an equivalent).</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-91957</ident><ident system="http://cyber.mil/legacy">V-77261</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18410r369709_fix">Create a separate file system/partition for SUSE operating system non-privileged local interactive user home directories.
 
-Migrate the non-privileged local interactive user home directories onto the separate file system/partition.</fixtext><fix id="F-18410r369709_fix" /><check system="C-18412r622356_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that a separate file system/partition has been created for SUSE operating system non-privileged local interactive user home directories.
+Migrate the non-privileged local interactive user home directories onto the separate file system/partition.</fixtext><fix id="F-18410r369709_fix" /><check system="C-18412r622356_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that a separate file system/partition has been created for SUSE operating system non-privileged local interactive user home directories.
 
 Check the home directory assignment for all non-privileged users (those with a UID greater than 1000) on the system with the following command:
 
@@ -1446,14 +1426,14 @@ UUID=333ada18    /home   ext4   noatime,nobarrier,nodev   1 2
 
 If a separate entry for the file system/partition that contains the non-privileged interactive users' home directories does not exist, this is a finding.</check-content></check></Rule></Group><Group id="V-217185"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217185r603262_rule" weight="10.0" severity="low"><version>SLES-12-010860</version><title>The SUSE operating system must use a separate file system for /var.</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77265</ident><ident system="http://cyber.mil/legacy">SV-91961</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18411r369712_fix">Create a separate file system/partition on the SUSE operating system for "/var".
 
-Migrate "/var" onto the separate file system/partition.</fixtext><fix id="F-18411r369712_fix" /><check system="C-18413r369711_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for "/var".
+Migrate "/var" onto the separate file system/partition.</fixtext><fix id="F-18411r369712_fix" /><check system="C-18413r369711_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for "/var".
 
 Check that a file system/partition has been created for "/var" with the following command:
 
 # grep /var /etc/fstab
 UUID=c274f65f    /var   ext4   noatime,nobarrier   1 2
 
-If a separate entry for "/var" is not in use, this is a finding.</check-content></check></Rule></Group><Group id="V-217186"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217186r603262_rule" weight="10.0" severity="low"><version>SLES-12-010870</version><title>The SUSE operating system must use a separate file system for the system audit data path.</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77271</ident><ident system="http://cyber.mil/legacy">SV-91967</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18412r369715_fix">Migrate the SUSE operating system audit data path onto a separate file system.</fixtext><fix id="F-18412r369715_fix" /><check system="C-18414r369714_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for the system audit data path.
+If a separate entry for "/var" is not in use, this is a finding.</check-content></check></Rule></Group><Group id="V-217186"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217186r603262_rule" weight="10.0" severity="low"><version>SLES-12-010870</version><title>The SUSE operating system must use a separate file system for the system audit data path.</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77271</ident><ident system="http://cyber.mil/legacy">SV-91967</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18412r369715_fix">Migrate the SUSE operating system audit data path onto a separate file system.</fixtext><fix id="F-18412r369715_fix" /><check system="C-18414r369714_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for the system audit data path.
 
 Check that a file system/partition has been created for the system audit data path with the following command:
 
@@ -1474,7 +1454,7 @@ Add or update the following rules in "/etc/permissions.local":
 
 Set the correct permissions with the following command:
 
-&gt; sudo chkstat --set --system</fixtext><fix id="F-18414r646733_fix" /><check system="C-18416r646732_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system prevents unauthorized users from accessing system error messages.
+&gt; sudo chkstat --set --system</fixtext><fix id="F-18414r646733_fix" /><check system="C-18416r646732_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system prevents unauthorized users from accessing system error messages.
 
 Check the "/var/log/messages" file permissions with the following comand:
 
@@ -1492,7 +1472,7 @@ If the effective permissions do not match the "permissions.local" file, the comm
 
 &gt; sudo sh -c 'for X in /etc/pam.d/common-*-pc; do cp -ivp --remove-destination $X ${X:0:-3}; done'
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-18415r646736_fix" /><check system="C-18417r646735_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-18415r646736_fix" /><check system="C-18417r646735_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes.
 
 Check that soft links between PAM configuration files are removed with the following command:
 
@@ -1506,7 +1486,7 @@ Associating event types with detected events in the SUSE operating system audit
 
 Satisfies: SRG-OS-000337-GPOS-00129, SRG-OS-000348-GPOS-00136, SRG-OS-000349-GPOS-00137, SRG-OS-000350-GPOS-00138, SRG-OS-000351-GPOS-00139, SRG-OS-000352-GPOS-00140, SRG-OS-000353-GPOS-00141, SRG-OS-000354-GPOS-00142, SRG-OS-000358-GPOS-00145, SRG-OS-000359-GPOS-00146, SRG-OS-000365-GPOS-00152, SRG-OS-000474-GPOS-00219, SRG-OS-000475-GPOS-00220&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77287</ident><ident system="http://cyber.mil/legacy">SV-91983</ident><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-001882</ident><ident system="http://cyber.mil/cci">CCI-001889</ident><ident system="http://cyber.mil/cci">CCI-001877</ident><ident system="http://cyber.mil/cci">CCI-001914</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><ident system="http://cyber.mil/cci">CCI-001875</ident><ident system="http://cyber.mil/cci">CCI-001878</ident><ident system="http://cyber.mil/cci">CCI-001879</ident><ident system="http://cyber.mil/cci">CCI-001880</ident><ident system="http://cyber.mil/cci">CCI-001881</ident><fixtext fixref="F-18416r369727_fix">The SUSE operating system auditd package must be installed on the system. If it is not installed, use the following command to install it:
 
-# sudo zypper in auditd</fixtext><fix id="F-18416r369727_fix" /><check system="C-18418r369726_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system auditing package is installed.
+# sudo zypper in auditd</fixtext><fix id="F-18416r369727_fix" /><check system="C-18418r369726_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system auditing package is installed.
 
 Check that the "audit" package is installed by performing the following command:
 
@@ -1523,7 +1503,7 @@ Associating event types with detected events in the SUSE operating system audit
 Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPOS-00016, SRG-OS-000039-GPOS-00017, SRG-OS-000040-GPOS-00018, SRG-OS-000041-GPOS-00019, SRG-OS-000042-GPOS-00021, SRG-OS-000051-GPOS-00024, SRG-OS-000054-GPOS-00025, SRG-OS-000122-GPOS-00063, SRG-OS-000254-GPOS-00095, SRG-OS-000255-GPOS-00096, SRG-OS-000392-GPOS-00172, SRG-OS-000480-GPOS-00227&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-77289</ident><ident system="http://cyber.mil/legacy">SV-91985</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><ident system="http://cyber.mil/cci">CCI-001464</ident><ident system="http://cyber.mil/cci">CCI-001487</ident><ident system="http://cyber.mil/cci">CCI-000130</ident><ident system="http://cyber.mil/cci">CCI-000131</ident><ident system="http://cyber.mil/cci">CCI-000132</ident><ident system="http://cyber.mil/cci">CCI-000133</ident><ident system="http://cyber.mil/cci">CCI-000134</ident><ident system="http://cyber.mil/cci">CCI-000135</ident><ident system="http://cyber.mil/cci">CCI-000154</ident><ident system="http://cyber.mil/cci">CCI-000158</ident><ident system="http://cyber.mil/cci">CCI-001876</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-18417r369730_fix">Enable the SUSE operating system auditd service by performing the following commands:
 
 # sudo systemctl enable auditd.service
-# sudo systemctl start auditd.service</fixtext><fix id="F-18417r369730_fix" /><check system="C-18419r369729_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system produces audit records.
+# sudo systemctl start auditd.service</fixtext><fix id="F-18417r369730_fix" /><check system="C-18419r369729_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system produces audit records.
 
 Check that the SUSE operating system produces audit records by running the following command to determine the current status of the auditd service:
 
@@ -1539,7 +1519,7 @@ The task of allocating audit record storage capacity is usually performed during
 
 If audit records are stored on a partition made specifically for audit records, use the "YaST2 - Partitioner" program (installation and configuration tool for Linux) to resize the partition with sufficient space to contain one week's worth of audit records.
 
-If audit records are not stored on a partition made specifically for audit records, a new partition with sufficient amount of space will need be to be created. The new partition can be created using the "YaST2 - Partitioner" program on the system.</fixtext><fix id="F-18418r369733_fix" /><check system="C-18420r369732_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system allocates audit record storage capacity to store at least one week's worth of audit records when audit records are not immediately sent to a central audit record storage facility.
+If audit records are not stored on a partition made specifically for audit records, a new partition with sufficient amount of space will need be to be created. The new partition can be created using the "YaST2 - Partitioner" program on the system.</fixtext><fix id="F-18418r369733_fix" /><check system="C-18420r369732_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system allocates audit record storage capacity to store at least one week's worth of audit records when audit records are not immediately sent to a central audit record storage facility.
 
 Determine which partition the audit records are being written to with the following command:
 
@@ -1566,7 +1546,7 @@ Determine the size of the partition to which audit records are written (e.g., "/
 
 # df -h /var/log/audit/
 
-Set the value of the "space_left" keyword in "/etc/audit/auditd.conf" to 25 percent of the partition size.</fixtext><fix id="F-18419r369736_fix" /><check system="C-18421r369735_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Determine if the SUSE operating system auditd is configured to notify the System Administrator (SA) and Information System Security Officer (ISSO) when the audit record storage volume reaches 75 percent of the storage capacity.
+Set the value of the "space_left" keyword in "/etc/audit/auditd.conf" to 25 percent of the partition size.</fixtext><fix id="F-18419r369736_fix" /><check system="C-18421r369735_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Determine if the SUSE operating system auditd is configured to notify the System Administrator (SA) and Information System Security Officer (ISSO) when the audit record storage volume reaches 75 percent of the storage capacity.
 
 Check the system configuration to determine the partition to which audit records are written using the following command:
 
@@ -1596,7 +1576,7 @@ This requirement applies to each audit data storage repository (i.e., distinct i
 
 Edit the following line in "/etc/audit/auditd.conf" to ensure that administrators are notified via email for those situations:
 
-action_mail_acct = root</fixtext><fix id="F-18420r369739_fix" /><check system="C-18422r369738_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by inspecting "/etc/audit/auditd.conf".
+action_mail_acct = root</fixtext><fix id="F-18420r369739_fix" /><check system="C-18422r369738_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by inspecting "/etc/audit/auditd.conf".
 
 Check if the system is configured to send email to an account when it needs to notify an administrator with the following command: 
 
@@ -1620,7 +1600,7 @@ Configure an alias for root that forwards to a monitored email address with the
 
 The following command must be run to implement changes to the /etc/aliases file:
 
-&gt; sudo newaliases</fixtext><fix id="F-18421r646739_fix" /><check system="C-18423r646738_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by checking that "/etc/aliases" has a defined value for root.
+&gt; sudo newaliases</fixtext><fix id="F-18421r646739_fix" /><check system="C-18423r646738_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by checking that "/etc/aliases" has a defined value for root.
 
 &gt; grep -i "^postmaster:" /etc/aliases
 
@@ -1643,7 +1623,7 @@ When availability is an overriding concern, other approved actions in response t
 
 Add or update the following line (depending on configuration "disk_full_action" can be set to "SYSLOG", "SINGLE", or "HALT" depending on configuration) in "/etc/audit/auditd.conf" file:
 
-disk_full_action = HALT</fixtext><fix id="F-18422r369745_fix" /><check system="C-18424r369744_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system takes the appropriate action when the audit storage volume is full. 
+disk_full_action = HALT</fixtext><fix id="F-18422r369745_fix" /><check system="C-18424r369744_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system takes the appropriate action when the audit storage volume is full. 
 
 Check that the SUSE operating system takes the appropriate action when the audit storage volume is full with the following command:
 
@@ -1658,7 +1638,7 @@ Off-loading is a common process in information systems with limited audit storag
 # sudo zypper install audit-audispd-plugins
 
 In /etc/audisp/plugins.d/au-remote.conf, change the value of "active" to "yes", or add "active = yes" if no such setting exists in the file.
-</fixtext><fix id="F-18423r369748_fix" /><check system="C-18425r369747_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the "audit-audispd-plugins" package is installed on the SUSE operating system. 
+</fixtext><fix id="F-18423r369748_fix" /><check system="C-18425r369747_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the "audit-audispd-plugins" package is installed on the SUSE operating system. 
 
 Check that the "audit-audispd-plugins" package is installed on the SUSE operating system with the following command:
 
@@ -1677,7 +1657,7 @@ Allowing devices and users to connect to or from the system without first authen
 
 Edit or add the following line to match the text below:
 
-enable_krb5 = yes</fixtext><fix id="F-18424r369751_fix" /><check system="C-18426r369750_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Determine if the SUSE operating system audit event multiplexor is configured to use Kerberos by running the following command:
+enable_krb5 = yes</fixtext><fix id="F-18424r369751_fix" /><check system="C-18426r369750_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Determine if the SUSE operating system audit event multiplexor is configured to use Kerberos by running the following command:
 
 # sudo cat /etc/audisp/audisp-remote.conf | grep enable_krb5
 enable_krb5 = yes
@@ -1686,7 +1666,7 @@ If "enable-krb5" is not set to "yes", this is a finding.</check-content></check>
 
 Off-loading is a common process in information systems with limited audit storage capacity.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-92001</ident><ident system="http://cyber.mil/legacy">V-77305</ident><ident system="http://cyber.mil/cci">CCI-001851</ident><fixtext fixref="F-18425r369754_fix">Configure the SUSE operating system "/etc/audisp/audisp-remote.conf" file to off-load audit records onto a different system or media by adding or editing the following line with the correct IP address:
 
-remote_server = [IP ADDRESS]</fixtext><fix id="F-18425r369754_fix" /><check system="C-18427r369753_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify "audispd" off-loads audit records onto a different system or media from the SUSE operating system being audited.
+remote_server = [IP ADDRESS]</fixtext><fix id="F-18425r369754_fix" /><check system="C-18427r369753_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify "audispd" off-loads audit records onto a different system or media from the SUSE operating system being audited.
 
 Check if "audispd" is configured to off-load audit records onto a different system or media from the SUSE operating system by running the following command:
 
@@ -1699,7 +1679,7 @@ Off-loading is a common process in information systems with limited audit storag
 
 Uncomment the "network_failure_action" option in "/etc/audisp/audisp-remote.conf" and set it to "syslog", "single", or "halt". See the example below:
 
-network_failure_action = syslog</fixtext><fix id="F-18426r369757_fix" /><check system="C-18428r369756_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify what action the audit system takes if it cannot off-load audit records to a different system or storage media from the SUSE operating system being audited.
+network_failure_action = syslog</fixtext><fix id="F-18426r369757_fix" /><check system="C-18428r369756_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify what action the audit system takes if it cannot off-load audit records to a different system or storage media from the SUSE operating system being audited.
 
 Check the action that the audit system takes in the event of a network failure with the following command:
 
@@ -1713,7 +1693,7 @@ Off-loading is a common process in information systems with limited audit storag
 
 Add, edit, or uncomment the "disk_full_action" option in "/etc/audisp/audisp-remote.conf". Set it to "syslog", "single" or "halt" as in the example below:
 
-disk_full_action = syslog</fixtext><fix id="F-18427r369760_fix" /><check system="C-18429r369759_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the audit system off-loads audit records if the SUSE operating system storage volume becomes full.
+disk_full_action = syslog</fixtext><fix id="F-18427r369760_fix" /><check system="C-18429r369759_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the audit system off-loads audit records if the SUSE operating system storage volume becomes full.
 
 Check that the records are properly off-loaded to a remote server with the following command:
 
@@ -1733,7 +1713,7 @@ Add or update the following rules in "/etc/permissions.local":
 
 Set the correct permissions with the following command:
 
-# sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-18428r369763_fix" /><check system="C-18430r369762_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system protects audit rules from unauthorized modification.
+# sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-18428r369763_fix" /><check system="C-18430r369762_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system protects audit rules from unauthorized modification.
 
 Check that "permissions.local" file contains the correct permissions rules with the following command:
 
@@ -1770,7 +1750,7 @@ Edit the file "/etc/permissions.local" and insert the following text:
 
 Set the correct permissions with the following command:
 
-&gt; sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-18429r646742_fix" /><check system="C-18431r646741_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system audit tools have the proper permissions configured in the permissions profile to protect from unauthorized access.
+&gt; sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-18429r646742_fix" /><check system="C-18431r646741_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system audit tools have the proper permissions configured in the permissions profile to protect from unauthorized access.
 
 Check that "permissions.local" file contains the correct permissions rules with the following command:
 
@@ -1795,7 +1775,7 @@ If the command returns any output, this is a finding.</check-content></check></R
 The audit daemon must be restarted for the changes to take effect.
 
 &gt; sudo systemctl restart auditd.service
-</fixtext><fix id="F-18430r646745_fix" /><check system="C-18432r646744_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify syscall auditing has not been disabled:
+</fixtext><fix id="F-18430r646745_fix" /><check system="C-18432r646744_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify syscall auditing has not been disabled:
 
 &gt; sudo auditctl -l | grep -i "a task,never"
 
@@ -1817,7 +1797,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for any changes to take effect.   
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18431r369772_fix" /><check system="C-18433r369771_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/passwd" file.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18431r369772_fix" /><check system="C-18433r369771_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/passwd" file.
 
 Check that the following file is being watched by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -1837,7 +1817,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for any changes to take effect.   
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18432r369775_fix" /><check system="C-18434r369774_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/group" file.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18432r369775_fix" /><check system="C-18434r369774_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/group" file.
 
 Check that the following file is being watched by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -1857,7 +1837,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for any changes to take effect.   
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18433r369778_fix" /><check system="C-18435r369777_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/shadow" file.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18433r369778_fix" /><check system="C-18435r369777_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/shadow" file.
 
 Check that the following file is being watched by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -1878,7 +1858,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 The audit daemon must be restarted for any changes to take effect. 
 
 # sudo systemctl restart auditd.service
-</fixtext><fix id="F-18434r369781_fix" /><check system="C-18436r369780_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/security/opasswd" file.
+</fixtext><fix id="F-18434r369781_fix" /><check system="C-18436r369780_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/security/opasswd" file.
 
 Check that the following file is being watched by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -1899,7 +1879,7 @@ Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.   
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18435r369784_fix" /><check system="C-18437r369783_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the operating system audits the execution of privileged functions using the following command:
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18435r369784_fix" /><check system="C-18437r369783_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system audits the execution of privileged functions using the following command:
 
 # grep -iw execve /etc/audit/audit.rules
 
@@ -1922,7 +1902,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18436r622359_fix" /><check system="C-18438r622358_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "su" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18436r622359_fix" /><check system="C-18438r622358_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "su" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -1942,7 +1922,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18437r622362_fix" /><check system="C-18439r622361_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "sudo" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18437r622362_fix" /><check system="C-18439r622361_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "sudo" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -1962,7 +1942,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service </fixtext><fix id="F-18438r622365_fix" /><check system="C-18440r622364_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chfn" command.
+# sudo systemctl restart auditd.service </fixtext><fix id="F-18438r622365_fix" /><check system="C-18440r622364_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chfn" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -1984,7 +1964,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for any changes to take effect. 
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18439r369796_fix" /><check system="C-18441r369795_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "mount" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18439r369796_fix" /><check system="C-18441r369795_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "mount" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2010,7 +1990,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for any changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18440r369799_fix" /><check system="C-18442r369798_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "umount" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18440r369799_fix" /><check system="C-18442r369798_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "umount" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2032,7 +2012,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18441r622368_fix" /><check system="C-18443r622367_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-agent" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18441r622368_fix" /><check system="C-18443r622367_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-agent" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2052,7 +2032,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18442r622371_fix" /><check system="C-18444r622370_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-keysign" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18442r622371_fix" /><check system="C-18444r622370_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-keysign" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2082,7 +2062,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
 
 The audit daemon must be restarted for any changes to take effect.  
  
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18443r369808_fix" /><check system="C-18445r369807_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "kmod" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18443r369808_fix" /><check system="C-18445r369807_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "kmod" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2107,7 +2087,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18444r809427_fix" /><check system="C-18446r854120_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls.
+&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18444r809427_fix" /><check system="C-18446r854120_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" syscalls.
 
 Verify that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2129,7 +2109,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
 
 The audit daemon must be restarted for the changes to take effect.
 
-&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18449r854123_fix" /><check system="C-18451r854122_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chown", "fchown", "fchownat", and "lchown" syscalls.
+&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18449r854123_fix" /><check system="C-18451r854122_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chown", "fchown", "fchownat", and "lchown" syscalls.
 
 Verify that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2153,7 +2133,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18453r809433_fix" /><check system="C-18455r854125_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod", "fchmod" and "fchmodat" system calls.
+&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18453r809433_fix" /><check system="C-18455r854125_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod", "fchmod" and "fchmodat" system calls.
 
 Verify that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2180,7 +2160,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18456r861098_fix" /><check system="C-18458r861097_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls.
+&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18456r861098_fix" /><check system="C-18458r861097_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" syscalls.
 
 Verify that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2208,7 +2188,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18462r622374_fix" /><check system="C-18464r622373_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passwd" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18462r622374_fix" /><check system="C-18464r622373_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passwd" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2228,7 +2208,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18463r622377_fix" /><check system="C-18465r622376_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "gpasswd" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18463r622377_fix" /><check system="C-18465r622376_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "gpasswd" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2248,7 +2228,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18464r622380_fix" /><check system="C-18466r622379_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "newgrp" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18464r622380_fix" /><check system="C-18466r622379_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "newgrp" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2268,7 +2248,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18465r622383_fix" /><check system="C-18467r622382_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chsh" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18465r622383_fix" /><check system="C-18467r622382_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chsh" command.
 
 Check that the following command call is being audited by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2288,7 +2268,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for any changes to take effect.   
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18466r369877_fix" /><check system="C-18468r369876_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/gshadow" file.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18466r369877_fix" /><check system="C-18468r369876_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/gshadow" file.
 
 Check that the following file is being watched by performing the following command on the system rules in "/etc/audit/audit.rules":
 
@@ -2308,7 +2288,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18467r622386_fix" /><check system="C-18469r622385_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18467r622386_fix" /><check system="C-18469r622385_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2328,7 +2308,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18468r622389_fix" /><check system="C-18470r622388_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setfacl" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18468r622389_fix" /><check system="C-18470r622388_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setfacl" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2348,7 +2328,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18469r622392_fix" /><check system="C-18471r622391_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chacl" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18469r622392_fix" /><check system="C-18471r622391_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chacl" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2368,7 +2348,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18470r622395_fix" /><check system="C-18472r622394_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify audit records are generated when successful/unsuccessful attempts to modify categories of information (e.g., classification levels) occur.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18470r622395_fix" /><check system="C-18472r622394_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify audit records are generated when successful/unsuccessful attempts to modify categories of information (e.g., classification levels) occur.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2388,7 +2368,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18471r622398_fix" /><check system="C-18473r622397_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "rm" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18471r622398_fix" /><check system="C-18473r622397_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "rm" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2408,7 +2388,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18472r369895_fix" /><check system="C-18474r369894_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "tallylog" file occur.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18472r369895_fix" /><check system="C-18474r369894_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "tallylog" file occur.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2428,7 +2408,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18473r369898_fix" /><check system="C-18475r369897_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "lastlog" file occur.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18473r369898_fix" /><check system="C-18475r369897_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "lastlog" file occur.
 
 Check that the following is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2448,7 +2428,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18474r622401_fix" /><check system="C-18476r622400_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passmass" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18474r622401_fix" /><check system="C-18476r622400_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passmass" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2469,7 +2449,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 -a always,exit -F path=/sbin/unix2_chkpwd -F perm=x -F auid&gt;=1000 -F auid!=4294967295 -k privileged-unix2-chkpwd
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18475r622404_fix" /><check system="C-18477r622403_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "unix_chkpwd" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18475r622404_fix" /><check system="C-18477r622403_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "unix_chkpwd" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2492,7 +2472,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18476r622407_fix" /><check system="C-18478r622406_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "chage" command. Perform the verification by running the following command:
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18476r622407_fix" /><check system="C-18478r622406_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "chage" command. Perform the verification by running the following command:
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2512,7 +2492,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18477r622410_fix" /><check system="C-18479r622409_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "usermod" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18477r622410_fix" /><check system="C-18479r622409_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "usermod" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2532,7 +2512,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18478r622413_fix" /><check system="C-18480r622412_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "crontab" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18478r622413_fix" /><check system="C-18480r622412_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "crontab" command.
 
 Check for the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2552,7 +2532,7 @@ Add or update the following rules in the "/etc/audit/rules.d/audit.rules" file:
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18479r622416_fix" /><check system="C-18481r622415_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "pam_timestamp_check" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18479r622416_fix" /><check system="C-18481r622415_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "pam_timestamp_check" command.
 
 Check for the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2573,7 +2553,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18480r369919_fix" /><check system="C-18482r369918_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "delete_module" command.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18480r369919_fix" /><check system="C-18482r369918_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "delete_module" command.
 
 Check that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2597,7 +2577,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18481r809439_fix" /><check system="C-18483r854149_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "init_module" and "finit_module" syscalls.
+&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-18481r809439_fix" /><check system="C-18483r854149_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "init_module" and "finit_module" syscalls.
 
 Verify that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2618,7 +2598,7 @@ Add or update the following rule to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-# sudo systemctl restart auditd.service</fixtext><fix id="F-18483r369928_fix" /><check system="C-18485r369927_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "faillog" file occur.
+# sudo systemctl restart auditd.service</fixtext><fix id="F-18483r369928_fix" /><check system="C-18485r369927_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "faillog" file occur.
 
 Check that the following is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -2634,7 +2614,7 @@ Examples of nonessential capabilities include but are not limited to games, soft
 
 Satisfies: SRG-OS-000074-GPOS-00042, SRG-OS-000095-GPOS-00049&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-92125</ident><ident system="http://cyber.mil/legacy">V-77429</ident><ident system="http://cyber.mil/cci">CCI-000197</ident><ident system="http://cyber.mil/cci">CCI-000381</ident><fixtext fixref="F-18484r369931_fix">Remove the telnet-server package from the SUSE operating system by running the following command:
 
-# sudo zypper remove telnet-server</fixtext><fix id="F-18484r369931_fix" /><check system="C-18486r369930_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the telnet-server package is not installed on the SUSE operating system.
+# sudo zypper remove telnet-server</fixtext><fix id="F-18484r369931_fix" /><check system="C-18486r369930_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the telnet-server package is not installed on the SUSE operating system.
 
 Check that the telnet-server package is not installed on the SUSE operating system by running the following command:
 
@@ -2660,7 +2640,7 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-18486r369937_fix" /><check system="C-18488r369936_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system file "/etc/gdm/banner" contains the Standard Mandatory DoD Notice and Consent Banner text by running the following command:
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-18486r369937_fix" /><check system="C-18488r369936_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system file "/etc/gdm/banner" contains the Standard Mandatory DoD Notice and Consent Banner text by running the following command:
 
 # more /etc/gdm/banner
 
@@ -2694,7 +2674,7 @@ Enable the "SuSEfirewall2.service" by running the following command:
 
 Start the "SuSEfirewall2.service" by running the following command:
 
-# systemctl start SuSEfirewall2.service</fixtext><fix id="F-18487r369940_fix" /><check system="C-18489r369939_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments.
+# systemctl start SuSEfirewall2.service</fixtext><fix id="F-18487r369940_fix" /><check system="C-18489r369939_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments.
 
 Check that the "SuSEfirewall2.service" is enabled and running by running the following command:
 
@@ -2730,7 +2710,7 @@ FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"
 
 The firewall must be restarted in order for the changes to take effect.
 
-# sudo systemctl restart SuSEfirewall2.service</fixtext><fix id="F-18488r369943_fix" /><check system="C-18490r369942_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify "SuSEfirewall2" is configured to protect the SUSE operating system against or limit the effects of DoS attacks. 
+# sudo systemctl restart SuSEfirewall2.service</fixtext><fix id="F-18488r369943_fix" /><check system="C-18490r369942_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify "SuSEfirewall2" is configured to protect the SUSE operating system against or limit the effects of DoS attacks. 
 
 Run the following command:
 
@@ -2781,7 +2761,7 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-18489r369946_fix" /><check system="C-18491r369945_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via SSH.
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-18489r369946_fix" /><check system="C-18491r369945_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via SSH.
 
 Check the issue file to verify that it contains one of the DoD required banners. If it does not, this is a finding.
 
@@ -2814,7 +2794,7 @@ The output must show the value of "Banner" set to "/etc/issue". An example is sh
 # sudo grep "Banner" /etc/ssh/sshd_config
 Banner /etc/issue
 
-If it does not, this is a finding.</check-content></check></Rule></Group><Group id="V-217264"><title>SRG-OS-000423-GPOS-00187</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217264r854154_rule" weight="10.0" severity="high"><version>SLES-12-030100</version><title>All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.</title><description>&lt;VulnDiscussion&gt;Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+If it does not, this is a finding.</check-content></check></Rule></Group><Group id="V-217264"><title>SRG-OS-000423-GPOS-00187</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217264r916422_rule" weight="10.0" severity="high"><version>SLES-12-030100</version><title>All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.</title><description>&lt;VulnDiscussion&gt;Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
 
 This requirement applies to both internal and external networks and all types of information system components from which information can be transmitted (e.g., servers, mobile devices, notebook computers, printers, copiers, scanners, and facsimile machines). Communication paths outside the physical protection of a controlled boundary are exposed to the possibility of interception and modification. 
 
@@ -2834,7 +2814,7 @@ Enable the OpenSSH service to start automatically on reboot with the following c
 
 For the changes to take effect immediately, start the service with the following command:
 
-# sudo systemctl restart sshd.service</fixtext><fix id="F-18490r369949_fix" /><check system="C-18492r369948_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Note: If the system is not networked this requirement is Not Applicable.
+# sudo systemctl restart sshd.service</fixtext><fix id="F-18490r369949_fix" /><check system="C-18492r369948_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Note: If the system is not networked this requirement is Not Applicable.
 
 Verify that the SUSE operating system implements SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
 
@@ -2867,7 +2847,7 @@ LogLevel VERBOSE
 
 The SSH service will need to be restarted in order for the changes to take effect:
 
-# systemctl restart sshd</fixtext><fix id="F-18491r369952_fix" /><check system="C-18493r369951_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify SSH is configured to verbosely log connection attempts and failed logon attempts to the SUSE operating system.
+# systemctl restart sshd</fixtext><fix id="F-18491r369952_fix" /><check system="C-18493r369951_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify SSH is configured to verbosely log connection attempts and failed logon attempts to the SUSE operating system.
 
 Check that the SSH daemon configuration verbosely logs connection attempts and failed logon attempts to the server with the following command:
 
@@ -2881,7 +2861,7 @@ If "LogLevel" is not set to "VERBOSE" or "INFO", the LogLevel keyword is missing
 
 Add or edit the following lines in the "/etc/ssh/sshd_config" file:
 
-PrintLastLog yes</fixtext><fix id="F-18492r369955_fix" /><check system="C-18494r369954_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify all remote connections via SSH to the SUSE operating system display feedback on when account accesses last occurred.
+PrintLastLog yes</fixtext><fix id="F-18492r369955_fix" /><check system="C-18494r369954_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify all remote connections via SSH to the SUSE operating system display feedback on when account accesses last occurred.
 
 Check that "PrintLastLog" keyword in the sshd daemon configuration file is used and set to "yes" with the following command:
 
@@ -2900,7 +2880,7 @@ Requiring individuals to be authenticated with an individual authenticator prior
 
 Edit the appropriate "/etc/ssh/sshd_config" file, add or uncomment the line for "PermitRootLogin" and set its value to "no" (this file may be named differently or be in a different location):
 
-PermitRootLogin no</fixtext><fix id="F-18493r369958_fix" /><check system="C-18495r369957_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.
+PermitRootLogin no</fixtext><fix id="F-18493r369958_fix" /><check system="C-18495r369957_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.
 
 Check that SSH denies any user trying to log on directly as root with the following command:
 
@@ -2911,7 +2891,7 @@ If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented ou
 
 Add or edit the following line in the "/etc/ssh/sshd_config" file:
 
-PermitEmptyPasswords no</fixtext><fix id="F-18494r369961_fix" /><check system="C-18496r369960_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system disables automatic logon via SSH.
+PermitEmptyPasswords no</fixtext><fix id="F-18494r369961_fix" /><check system="C-18496r369960_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system disables automatic logon via SSH.
 
 Check that automatic logon via SSH is disabled with the following command:
 
@@ -2923,7 +2903,7 @@ If "PermitEmptyPasswords" is not set to "no", is missing completely, or is comme
 
 Add or edit the following lines in the "/etc/ssh/sshd_config" file:
 
-PermitUserEnvironment no</fixtext><fix id="F-18495r369964_fix" /><check system="C-18497r369963_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system disables unattended via SSH.
+PermitUserEnvironment no</fixtext><fix id="F-18495r369964_fix" /><check system="C-18497r369963_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system disables unattended via SSH.
 
 Check that unattended logon via SSH is disabled with the following command:
 
@@ -2945,7 +2925,7 @@ Ciphers aes256-ctr,aes192-ctr,aes128-ctr
 
 Restart the SSH daemon:
 
-# sudo systemctl restart sshd.service</fixtext><fix id="F-18496r622419_fix" /><check system="C-18498r622418_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system implements DoD-approved encryption to protect the confidentiality of SSH remote connections.
+# sudo systemctl restart sshd.service</fixtext><fix id="F-18496r622419_fix" /><check system="C-18498r622418_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system implements DoD-approved encryption to protect the confidentiality of SSH remote connections.
 
 Check the SSH daemon configuration for allowed ciphers with the following command:
 
@@ -2965,7 +2945,7 @@ Satisfies: SRG-OS-000125-GPOS-00065, SRG-OS-000394-GPOS-00174&lt;/VulnDiscussion
 
 Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the "MACs" keyword and set its value to "hmac-sha2-512" and/or "hmac-sha2-256" (The file might be named differently or be in a different location):
 
-MACs hmac-sha2-512,hmac-sha2-256</fixtext><fix id="F-18497r622422_fix" /><check system="C-18499r622421_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to only use MACs that employ FIPS 140-2 approved hashes.
+MACs hmac-sha2-512,hmac-sha2-256</fixtext><fix id="F-18497r622422_fix" /><check system="C-18499r622421_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to only use MACs that employ FIPS 140-2 approved hashes.
 
 Check that the SSH daemon is configured to only use MACs that employ FIPS 140-2 approved hashes with the following command:
 
@@ -2982,7 +2962,7 @@ Add or modify (to match exactly) the following line in the "/etc/ssh/sshd_config
 
 ClientAliveInterval 600
 
-The SSH daemon must be restarted in order for any changes to take effect.</fixtext><fix id="F-18498r369973_fix" /><check system="C-18500r369972_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to timeout idle sessions.
+The SSH daemon must be restarted in order for any changes to take effect.</fixtext><fix id="F-18498r369973_fix" /><check system="C-18500r369972_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to timeout idle sessions.
 
 Check that the "ClientAliveInterval" parameter is set to a value of "600" with the following command:
 
@@ -3003,7 +2983,7 @@ ClientAliveCountMax 1
 
 In order for the changes to take effect, the SSH daemon must be restarted.
 
-# sudo systemctl restart sshd.service</fixtext><fix id="F-18499r369976_fix" /><check system="C-18501r622424_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that all network connections associated with SSH traffic are automatically terminated at the end of the session or after "10" minutes of inactivity.
+# sudo systemctl restart sshd.service</fixtext><fix id="F-18499r369976_fix" /><check system="C-18501r622424_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that all network connections associated with SSH traffic are automatically terminated at the end of the session or after "10" minutes of inactivity.
 
 Check that the "ClientAliveCountMax" variable is set to a value of "1" or less by performing the following command:
 
@@ -3017,7 +2997,7 @@ If  "ClientAliveCountMax" does not exist or "ClientAliveCountMax" is not set to
 
 Add the following line in "/etc/ssh/sshd_config", or uncomment the line and set the value to "yes":
 
-IgnoreUserKnownHosts yes</fixtext><fix id="F-18500r369979_fix" /><check system="C-18502r369978_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to not allow authentication using known hosts authentication.
+IgnoreUserKnownHosts yes</fixtext><fix id="F-18500r369979_fix" /><check system="C-18502r369978_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to not allow authentication using known hosts authentication.
 
 To determine how the SSH daemon's "IgnoreUserKnownHosts" option is set, run the following command:
 
@@ -3031,7 +3011,7 @@ Note: SSH public key files may be found in other directories on the system depen
 
 Change the mode of public host key files under "/etc/ssh" to "0644" with the following command:
 
-&gt; sudo chmod 0644 /etc/ssh/ssh_host*key.pub</fixtext><fix id="F-18501r646749_fix" /><check system="C-18503r646748_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon public host key files have mode "0644" or less permissive.
+&gt; sudo chmod 0644 /etc/ssh/ssh_host*key.pub</fixtext><fix id="F-18501r646749_fix" /><check system="C-18503r646748_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon public host key files have mode "0644" or less permissive.
 
 Note: SSH public key files may be found in other directories on the system depending on the installation.
 
@@ -3046,7 +3026,7 @@ The following command will find all SSH public key files on the system:
 
 If any file has a mode more permissive than "0644", this is a finding.</check-content></check></Rule></Group><Group id="V-217276"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-217276r880919_rule" weight="10.0" severity="medium"><version>SLES-12-030220</version><title>The SUSE operating system SSH daemon private host key files must have mode 0640 or less permissive.</title><description>&lt;VulnDiscussion&gt;If an unauthorized user obtains the private SSH host key file, the host could be impersonated.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-92161</ident><ident system="http://cyber.mil/legacy">V-77465</ident><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-18502r880918_fix">Configure the mode of the SUSE operating system SSH daemon private host key files under "/etc/ssh" to "0640" with the following command:
 
-     &gt; sudo chmod 0640 /etc/ssh/ssh_host*key</fixtext><fix id="F-18502r880918_fix" /><check system="C-18504r880917_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon private host key files have mode "0640" or less permissive.
+     &gt; sudo chmod 0640 /etc/ssh/ssh_host*key</fixtext><fix id="F-18502r880918_fix" /><check system="C-18504r880917_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon private host key files have mode "0640" or less permissive.
 
 The following command will find all SSH private key files on the system:
 
@@ -3065,7 +3045,7 @@ If any file has a mode more permissive than "0640", this is a finding.</check-co
 
 Uncomment the "StrictModes" keyword in "/etc/ssh/sshd_config" and set the value to "yes":
 
-StrictModes yes</fixtext><fix id="F-18503r369988_fix" /><check system="C-18505r369987_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon performs strict mode checking of home directory configuration files.
+StrictModes yes</fixtext><fix id="F-18503r369988_fix" /><check system="C-18505r369987_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon performs strict mode checking of home directory configuration files.
 
 Check that the SSH daemon performs strict mode checking of home directory configuration files with the following command:
 
@@ -3078,7 +3058,7 @@ If "StrictModes" is set to "no", is missing, or the returned line is commented o
 Uncomment the "UsePrivilegeSeparation" keyword in "/etc/ssh/sshd_config" and set the value to "yes" or "sandbox":
 
 UsePrivilegeSeparation yes
-</fixtext><fix id="F-18504r369991_fix" /><check system="C-18506r369990_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Determine the version of SSH using the following command:
+</fixtext><fix id="F-18504r369991_fix" /><check system="C-18506r369990_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Determine the version of SSH using the following command:
 
 # ssh -V
 OpenSSH_7.9p1
@@ -3097,7 +3077,7 @@ If the "UsePrivilegeSeparation" keyword is not set to "yes" or "sandbox", is mis
 
 Uncomment the "Compression" keyword in "/etc/ssh/sshd_config" on the system and set the value to "delayed" or "no":
 
-     Compression no</fixtext><fix id="F-18505r880924_fix" /><check system="C-18507r880923_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Note:  If the installed version of OpenSSH is 7.4 or above, this requirement is not applicable. 
+     Compression no</fixtext><fix id="F-18505r880924_fix" /><check system="C-18507r880923_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Note:  If the installed version of OpenSSH is 7.4 or above, this requirement is not applicable. 
 
 Verify the SUSE operating system SSH daemon performs compression after a user successfully authenticates.
 
@@ -3112,7 +3092,7 @@ If X11 services are not required for the system's intended function, they should
 
 Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the "X11Forwarding" keyword and set its value to "no" (this file may be named differently or be in a different location if using a version of SSH that is provided by a third-party vendor):
 
-X11Forwarding no</fixtext><fix id="F-18506r622427_fix" /><check system="C-18508r622426_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Determine if X11Forwarding is disabled with the following command:
+X11Forwarding no</fixtext><fix id="F-18506r622427_fix" /><check system="C-18508r622426_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Determine if X11Forwarding is disabled with the following command:
 
 # sudo grep -i x11forwarding /etc/ssh/sshd_config
 X11Forwarding no
@@ -3127,7 +3107,7 @@ Satisfies: SRG-OS-000355-GPOS-00143, SRG-OS-000356-GPOS-00144&lt;/VulnDiscussion
 
 To configure the system clock to synchronize to an authoritative DoD time source at least every 24 hours, edit the file "/etc/ntp.conf". Add or correct the following lines by replacing "[time_source]" with an authoritative DoD time source:
 
-server [time_source] maxpoll 16 </fixtext><fix id="F-18507r370000_fix" /><check system="C-18509r646754_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system clock must be configured to synchronize to an authoritative DoD time source when the time difference is greater than one second. 
+server [time_source] maxpoll 16 </fixtext><fix id="F-18507r370000_fix" /><check system="C-18509r646754_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system clock must be configured to synchronize to an authoritative DoD time source when the time difference is greater than one second. 
 
 Check that the SUSE operating system clock must be configured to synchronize to an authoritative DoD time source when the time difference is greater than one second with the following command:
 
@@ -3148,7 +3128,7 @@ Time stamps generated by the SUSE operating system include date and time. Time i
 
 To configure the system time zone to use UTC or GMT, run the following command, replacing [ZONE] with "UTC" or "GMT".
 
-&gt; sudo timedatectl set-timezone [ZONE]</fixtext><fix id="F-18508r646757_fix" /><check system="C-18510r646756_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system is configured to use UTC or GMT.
+&gt; sudo timedatectl set-timezone [ZONE]</fixtext><fix id="F-18508r646757_fix" /><check system="C-18510r646756_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system is configured to use UTC or GMT.
 
 Check that the SUSE operating system is configured to use UTC or GMT with the following command:
 
@@ -3165,7 +3145,7 @@ If "1" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "kernel.kptr_restrict=1" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-18509r646760_fix" /><check system="C-18511r646759_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents leaking of internal kernel addresses.
+&gt; sudo sysctl --system</fixtext><fix id="F-18509r646760_fix" /><check system="C-18511r646759_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents leaking of internal kernel addresses.
 
 Check that the SUSE operating system prevents leaking of internal kernel addresses by running the following command:
 
@@ -3182,7 +3162,7 @@ If "2" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "kernel.randomize_va_space=2" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-18510r646763_fix" /><check system="C-18512r646762_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system implements ASLR.
+&gt; sudo sysctl --system</fixtext><fix id="F-18510r646763_fix" /><check system="C-18512r646762_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system implements ASLR.
 
 Check that the SUSE operating system implements ASLR by running the following command:
 
@@ -3203,7 +3183,7 @@ For networked systems add a "@[Log_Server_IP_Address]" option to every active me
 
 An additional option is to capture all of the log messages and send them to a remote log host:
 
-*.* @@loghost:514</fixtext><fix id="F-18511r370012_fix" /><check system="C-18513r370011_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.
+*.* @@loghost:514</fixtext><fix id="F-18511r370012_fix" /><check system="C-18513r370011_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.
 
 For stand-alone hosts, verify with the System Administrator that the log files are off-loaded at least weekly.
 
@@ -3221,7 +3201,7 @@ Managing excess capacity ensures that sufficient capacity is available to counte
 
 If "1" is not the system's default value, add or update the following line in "/etc/sysctl.conf":
 
-net.ipv4.tcp_syncookies = 1</fixtext><fix id="F-18512r370015_fix" /><check system="C-18514r370014_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured to use TCP syncookies.
+net.ipv4.tcp_syncookies = 1</fixtext><fix id="F-18512r370015_fix" /><check system="C-18514r370014_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured to use TCP syncookies.
 
 Check to see if syncookies are used with the following command:
 
@@ -3235,7 +3215,7 @@ net.ipv4.conf.all.accept_source_route = 0
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18513r370018_fix" /><check system="C-18515r370017_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets.
+# sysctl --system</fixtext><fix id="F-18513r370018_fix" /><check system="C-18515r370017_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets.
 
 Check the value of the accept source route variable with the following command:
 
@@ -3248,7 +3228,7 @@ net.ipv6.conf.all.accept_source_route = 0
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18514r370021_fix" /><check system="C-18516r370020_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets.
+# sysctl --system</fixtext><fix id="F-18514r370021_fix" /><check system="C-18516r370020_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets.
 
 Check the value of the accept source route variable with the following command:
 
@@ -3261,7 +3241,7 @@ net.ipv4.conf.default.accept_source_route = 0
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18515r370024_fix" /><check system="C-18517r370023_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets by default.
+# sysctl --system</fixtext><fix id="F-18515r370024_fix" /><check system="C-18517r370023_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets by default.
 
 Check the value of the default accept source route variable with the following command:
 
@@ -3274,7 +3254,7 @@ net.ipv4.icmp_echo_ignore_broadcasts = 1
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18516r370027_fix" /><check system="C-18518r370026_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets.
+# sysctl --system</fixtext><fix id="F-18516r370027_fix" /><check system="C-18518r370026_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets.
 
 Check the value of the accept source route variable with the following command:
 
@@ -3287,7 +3267,7 @@ net.ipv4.conf.all.accept_redirects =0
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18517r370030_fix" /><check system="C-18519r370029_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept ICMP redirect messages.
+# sysctl --system</fixtext><fix id="F-18517r370030_fix" /><check system="C-18519r370029_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept ICMP redirect messages.
 
 Check the value of the "net.ipv4.conf.all.accept_redirects" variable with the following command:
 
@@ -3300,7 +3280,7 @@ net.ipv4.conf.default.accept_redirects = 0
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18518r370033_fix" /><check system="C-18520r370032_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system ignores IPv4 ICMP redirect messages.
+# sysctl --system</fixtext><fix id="F-18518r370033_fix" /><check system="C-18520r370032_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system ignores IPv4 ICMP redirect messages.
 
 Check the value of the "accept_redirects" variables with the following command:
 
@@ -3315,7 +3295,7 @@ net.ipv6.conf.default.accept_redirects=0
 
 Run the following command to apply this value:
 
-# sysctl –system</fixtext><fix id="F-18519r370036_fix" /><check system="C-18521r370035_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not allow IPv6 ICMP redirect messages by default.
+# sysctl –system</fixtext><fix id="F-18519r370036_fix" /><check system="C-18521r370035_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not allow IPv6 ICMP redirect messages by default.
 
 Check the value of the "default accept_redirects" variables with the following command:
 
@@ -3330,7 +3310,7 @@ net.ipv4.conf.default.send_redirects=0
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18520r370039_fix" /><check system="C-18522r370038_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not allow interfaces to perform IPv4 ICMP redirects by default.
+# sysctl --system</fixtext><fix id="F-18520r370039_fix" /><check system="C-18522r370038_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not allow interfaces to perform IPv4 ICMP redirects by default.
 
 Check the value of the "default send_redirects" variables with the following command:
 
@@ -3345,7 +3325,7 @@ net.ipv4.conf.all.send_redirects=0
 
 Run the following command to apply this value:
 
-# sysctl --system</fixtext><fix id="F-18521r370042_fix" /><check system="C-18523r370041_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not send IPv4 ICMP redirect messages.
+# sysctl --system</fixtext><fix id="F-18521r370042_fix" /><check system="C-18523r370041_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not send IPv4 ICMP redirect messages.
 
 Check the value of the "all send_redirects" variables with the following command:
 
@@ -3360,7 +3340,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.ip_forward=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-18522r646766_fix" /><check system="C-18524r646765_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv4packet forwarding, unless the system is a router.
+&gt; sudo sysctl --system</fixtext><fix id="F-18522r646766_fix" /><check system="C-18524r646765_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv4packet forwarding, unless the system is a router.
 
 Check to see if IPv4 forwarding is enabled using the following command:
 
@@ -3373,7 +3353,7 @@ If the system is being used to perform a network troubleshooting function, the u
 
 Set the promiscuous mode of an interface to off with the following command:
 
-# ip link set dev &lt;devicename&gt; promisc off</fixtext><fix id="F-18523r370048_fix" /><check system="C-18525r370047_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system network interfaces are not in promiscuous mode unless approved by the ISSO and documented.
+# ip link set dev &lt;devicename&gt; promisc off</fixtext><fix id="F-18523r370048_fix" /><check system="C-18525r370047_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system network interfaces are not in promiscuous mode unless approved by the ISSO and documented.
 
 Check for the status with the following command:
 
@@ -3397,7 +3377,7 @@ For each interface of type wireless with a configuration of type "compat:suse:",
 
 For each interface of type wireless, for each configuration of type "wicked:xml:", remove the associated file or remove the interface configuration from the file.
 
-# rm /etc/wicked/ifconfig/wlan0.xml</fixtext><fix id="F-18524r370051_fix" /><check system="C-18526r370050_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has no wireless network adapters enabled.
+# rm /etc/wicked/ifconfig/wlan0.xml</fixtext><fix id="F-18524r370051_fix" /><check system="C-18526r370050_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has no wireless network adapters enabled.
 
 Check that there are no wireless interfaces configured on the system with the following command:
 
@@ -3461,7 +3441,7 @@ Install the packages required to support multifactor authentication with the fol
 
 #zypper install coolkey
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/</fixtext><fix id="F-18525r370054_fix" /><check system="C-18527r370053_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system has the packages required for multifactor authentication installed.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/</fixtext><fix id="F-18525r370054_fix" /><check system="C-18527r370053_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system has the packages required for multifactor authentication installed.
 
 Check for the presence of the packages required to support multifactor authentication with the following commands:
 
@@ -3504,7 +3484,7 @@ Modify all of the cert_policy lines in "/etc/pam_pkcs11/pam_pkcs11.conf" to incl
 
 Note: OCSP allows sending request for certificate status information. Additional certificate validation polices are permitted.
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/</fixtext><fix id="F-18526r370057_fix" /><check system="C-18528r370056_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system implements certificate status checking for multifactor authentication.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/</fixtext><fix id="F-18526r370057_fix" /><check system="C-18528r370056_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system implements certificate status checking for multifactor authentication.
 
 Check that certificate status checking for multifactor authentication is implemented with the following command:
 
@@ -3526,7 +3506,7 @@ Satisfies: SRG-OS-000068-GPOS-00036, SRG-OS-000105-GPOS-00052, SRG-OS-000106-GPO
 
 Add or update "pam_pkcs11.so" in "/etc/pam.d/common-auth" to match the following line:
 
-auth  sufficient pam_pkcs11.so</fixtext><fix id="F-18527r370060_fix" /><check system="C-18529r370059_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system implements multifactor authentication for remote access to privileged accounts via pluggable authentication modules (PAM).
+auth  sufficient pam_pkcs11.so</fixtext><fix id="F-18527r370060_fix" /><check system="C-18529r370059_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system implements multifactor authentication for remote access to privileged accounts via pluggable authentication modules (PAM).
 
 Check that the "pam_pkcs11.so" option is configured in the "/etc/pam.d/common-auth" file with the following command:
 
@@ -3550,7 +3530,7 @@ cert_policy = ca,signature,oscp_on;
 
 Note: Additional certificate validation polices are permitted.
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/</fixtext><fix id="F-18528r370063_fix" /><check system="C-18530r646768_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system, for PKI-based authentication, had valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/</fixtext><fix id="F-18528r370063_fix" /><check system="C-18530r646768_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system, for PKI-based authentication, had valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
 
 Check that the certification path to an accepted trust anchor for multifactor authentication is implemented with the following command:
 
@@ -3558,7 +3538,7 @@ Check that the certification path to an accepted trust anchor for multifactor au
 
 cert_policy = ca,oscp_on,signature,crl_auto;
 
-If "cert_policy" is not set to include "ca", this is a finding.</check-content></check></Rule></Group><Group id="V-222385"><title>SRG-OS-000191-GPOS-00080</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-222385r754754_rule" weight="10.0" severity="medium"><version>SLES-12-010599</version><title>The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool.</title><description>&lt;VulnDiscussion&gt;Adding endpoint security tools can provide the capability to automatically take actions in response to malicious behavior, which can provide additional agility in reacting to network threats. These tools also often include a reporting capability to provide network awareness of the system, which may not otherwise exist in an organization's systems management regime.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-92249</ident><ident system="http://cyber.mil/legacy">SV-102351</ident><ident system="http://cyber.mil/cci">CCI-001233</ident><fixtext fixref="F-36322r754753_fix">Install and enable the latest McAfee ENSLTP package.</fixtext><fix id="F-36322r754753_fix" /><check system="C-18385r754752_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Per OPORD 16-0080, the preferred endpoint security tool is McAfee Endpoint Security for Linux (ENSL) in conjunction with SELinux. 
+If "cert_policy" is not set to include "ca", this is a finding.</check-content></check></Rule></Group><Group id="V-222385"><title>SRG-OS-000191-GPOS-00080</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-222385r754754_rule" weight="10.0" severity="medium"><version>SLES-12-010599</version><title>The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool.</title><description>&lt;VulnDiscussion&gt;Adding endpoint security tools can provide the capability to automatically take actions in response to malicious behavior, which can provide additional agility in reacting to network threats. These tools also often include a reporting capability to provide network awareness of the system, which may not otherwise exist in an organization's systems management regime.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-92249</ident><ident system="http://cyber.mil/legacy">SV-102351</ident><ident system="http://cyber.mil/cci">CCI-001233</ident><fixtext fixref="F-36322r754753_fix">Install and enable the latest McAfee ENSLTP package.</fixtext><fix id="F-36322r754753_fix" /><check system="C-18385r754752_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Per OPORD 16-0080, the preferred endpoint security tool is McAfee Endpoint Security for Linux (ENSL) in conjunction with SELinux. 
 
 Procedure:
 Check that the following package has been installed:
@@ -3575,14 +3555,14 @@ If the daemon is not running, this is a finding.</check-content></check></Rule><
 
 The virus scanning software should be configured to perform scans dynamically on accessed files. If this capability is not available, the system must be configured to scan, at a minimum, all altered files on the system on a daily basis.
 
-If the system processes inbound SMTP mail, the virus scanner must be configured to scan all received mail.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-102727</ident><ident system="http://cyber.mil/legacy">SV-111689</ident><ident system="http://cyber.mil/cci">CCI-001668</ident><fixtext fixref="F-21313r466211_fix">Install an antivirus solution on the system.</fixtext><fix id="F-21313r466211_fix" /><check system="C-19592r466210_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify an anti-virus solution is installed on the system. The anti-virus solution may be bundled with an approved host-based security solution.
+If the system processes inbound SMTP mail, the virus scanner must be configured to scan all received mail.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-102727</ident><ident system="http://cyber.mil/legacy">SV-111689</ident><ident system="http://cyber.mil/cci">CCI-001668</ident><fixtext fixref="F-21313r466211_fix">Install an antivirus solution on the system.</fixtext><fix id="F-21313r466211_fix" /><check system="C-19592r466210_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify an anti-virus solution is installed on the system. The anti-virus solution may be bundled with an approved host-based security solution.
 
 If there is no anti-virus solution installed on the system, this is a finding.
 </check-content></check></Rule></Group><Group id="V-233308"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-233308r603331_rule" weight="10.0" severity="medium"><version>SLES-12-030261</version><title>The SUSE operating system SSH daemon must prevent remote hosts from connecting to the proxy display.</title><description>&lt;VulnDiscussion&gt;When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-36467r622237_fix">Configure the SUSE operating system SSH daemon to prevent remote hosts from connecting to the proxy display.
 
 Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the "X11UseLocalhost" keyword and set its value to "yes" (this file may be named differently or be in a different location if using a version of SSH that is provided by a third-party vendor):
 
-X11UseLocalhost yes</fixtext><fix id="F-36467r622237_fix" /><check system="C-36503r622236_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon prevents remote hosts from connecting to the proxy display.
+X11UseLocalhost yes</fixtext><fix id="F-36467r622237_fix" /><check system="C-36503r622236_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon prevents remote hosts from connecting to the proxy display.
 
 Check the SSH X11UseLocalhost setting with the following command:
 
@@ -3591,7 +3571,7 @@ X11UseLocalhost yes
 
 If the "X11UseLocalhost" keyword is set to "no", is missing, or is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-237603"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-237603r646772_rule" weight="10.0" severity="medium"><version>SLES-12-010111</version><title>The SUSE operating system must restrict privilege elevation to authorized personnel.</title><description>&lt;VulnDiscussion&gt;The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-40785r646771_fix">Remove the following entries from the sudoers file:
 ALL     ALL=(ALL) ALL
-ALL     ALL=(ALL:ALL) ALL</fixtext><fix id="F-40785r646771_fix" /><check system="C-40822r646770_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the "sudoers" file restricts sudo access to authorized personnel.
+ALL     ALL=(ALL:ALL) ALL</fixtext><fix id="F-40785r646771_fix" /><check system="C-40822r646770_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the "sudoers" file restricts sudo access to authorized personnel.
 $ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*
 
 If the either of the following entries are returned, this is a finding:
@@ -3600,7 +3580,7 @@ ALL     ALL=(ALL:ALL) ALL</check-content></check></Rule></Group><Group id="V-237
 For more information on each of the listed configurations, reference the sudoers(5) manual page.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002227</ident><fixtext fixref="F-40786r646774_fix">Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:
 Defaults !targetpw
 Defaults !rootpw
-Defaults !runaspw</fixtext><fix id="F-40786r646774_fix" /><check system="C-40823r861100_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
+Defaults !runaspw</fixtext><fix id="F-40786r646774_fix" /><check system="C-40823r861100_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
 
 &gt; sudo egrep -ir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'
 
@@ -3621,7 +3601,7 @@ Edit the /etc/sudoers file:
 
 Add or modify the following line:
 Defaults timestamp_timeout=[value]
-Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-40787r861103_fix" /><check system="C-40824r861102_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
+Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-40787r861103_fix" /><check system="C-40824r861102_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
 
 &gt; sudo grep -ir 'timestamp_timeout' /etc/sudoers /etc/sudoers.d
 /etc/sudoers:Defaults timestamp_timeout=0
@@ -3632,7 +3612,7 @@ If "timestamp_timeout" is set to a negative number, is commented out, or no resu
 
 Run the following command to disable the interactive shell for a specific non-interactive user account:
 
-&gt; sudo usermod --shell /sbin/nologin nobody</fixtext><fix id="F-40788r646780_fix" /><check system="C-40825r646779_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify all non-interactive SUSE operating system accounts do not have an interactive shell assigned to them.
+&gt; sudo usermod --shell /sbin/nologin nobody</fixtext><fix id="F-40788r646780_fix" /><check system="C-40825r646779_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify all non-interactive SUSE operating system accounts do not have an interactive shell assigned to them.
 
 Obtain the list of authorized system accounts from the Information System Security Officer (ISSO).
 
@@ -3646,7 +3626,7 @@ If a non-interactive accounts such as "games" or "nobody" is listed with an inte
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40789r646783_fix">Configure the library files to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-40789r646783_fix" /><check system="C-40826r646782_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode 0755 or less permissive.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-40789r646783_fix" /><check system="C-40826r646782_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode 0755 or less permissive.
 
 Check that the system-wide shared library files have mode 0755 or less permissive with the following command:
 
@@ -3656,7 +3636,7 @@ If any files are found to be group-writable or world-writable, this is a finding
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40790r646786_fix">Configure the shared library directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec chmod 755 '{}' \;</fixtext><fix id="F-40790r646786_fix" /><check system="C-40827r646785_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode 0755 or less permissive.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec chmod 755 '{}' \;</fixtext><fix id="F-40790r646786_fix" /><check system="C-40827r646785_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode 0755 or less permissive.
 
 Check that the system-wide shared library directories have mode 0755 or less permissive with the following command:
 
@@ -3666,7 +3646,7 @@ If any of the aforementioned directories are found to be group-writable or world
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40791r646789_fix">Configure the system library files to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-40791r646789_fix" /><check system="C-40828r646788_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-40791r646789_fix" /><check system="C-40828r646788_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are owned by root.
 
 Check that the system-wide shared library files are owned by root with the following command:
 
@@ -3676,7 +3656,7 @@ If any system wide library file is returned, this is a finding.</check-content><
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40792r646792_fix">Configure the library files and their respective parent directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-40792r646792_fix" /><check system="C-40829r646791_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-40792r646792_fix" /><check system="C-40829r646791_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.
 
 Check that the system-wide shared library directories are owned by root with the following command:
 
@@ -3686,7 +3666,7 @@ If any system wide library directory is returned, this is a finding.</check-cont
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40793r646795_fix">Configure the system library files to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type f -exec chgrp root '{}' \;</fixtext><fix id="F-40793r646795_fix" /><check system="C-40830r646794_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system-wide library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type f -exec chgrp root '{}' \;</fixtext><fix id="F-40793r646795_fix" /><check system="C-40830r646794_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
 
 Check that the system-wide library files are group-owned by root with the following command:
 
@@ -3696,17 +3676,17 @@ If any system wide shared library file is returned, this is a finding.</check-co
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40794r646798_fix">Configure the system library directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-40794r646798_fix" /><check system="C-40831r646797_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system-wide library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-40794r646798_fix" /><check system="C-40831r646797_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
 
 Check that the system-wide library directories are group-owned by root with the following command:
 
 &gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c "%n %G" '{}' \;
 
-If any system wide shared library directory is returned, this is a finding.</check-content></check></Rule></Group><Group id="V-237613"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-237613r646802_rule" weight="10.0" severity="medium"><version>SLES-12-010877</version><title>The SUSE operating system must have system commands set to a mode of 0755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If the SUSE operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+If any system wide shared library directory is returned, this is a finding.</check-content></check></Rule></Group><Group id="V-237613"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-237613r917814_rule" weight="10.0" severity="medium"><version>SLES-12-010877</version><title>The SUSE operating system must have system commands set to a mode of 755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If the SUSE operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40795r646801_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-40795r646801_fix" /><check system="C-40832r646800_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system commands contained in the following directories have mode 0755 or less permissive:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-40795r646801_fix" /><check system="C-40832r917813_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands contained in the following directories have mode 755 or less permissive:
 
 /bin
 /sbin
@@ -3715,7 +3695,7 @@ This requirement applies to SUSE operating systems with software libraries that
 /usr/local/bin
 /usr/local/sbin
 
-Check that the system command files have mode 0755 or less permissive with the following command:
+Check that the system command files have mode 755 or less permissive with the following command:
 
 &gt; find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type f -exec stat -c "%n %a" '{}' \;
 
@@ -3723,7 +3703,7 @@ If any files are found to be group-writable or world-writable, this is a finding
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40796r646804_fix">Configure the system commands directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type d -exec chmod -R 755 '{}' \;</fixtext><fix id="F-40796r646804_fix" /><check system="C-40833r646803_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system commands directories have mode 0755 or less permissive:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type d -exec chmod -R 755 '{}' \;</fixtext><fix id="F-40796r646804_fix" /><check system="C-40833r646803_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands directories have mode 0755 or less permissive:
 
 /bin
 /sbin
@@ -3740,7 +3720,7 @@ If any directories are found to be group-writable or world-writable, this is a f
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40797r646807_fix">Configure the system commands - and their respective parent directories - to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-40797r646807_fix" /><check system="C-40834r646806_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system commands contained in the following directories are owned by root:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-40797r646807_fix" /><check system="C-40834r646806_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands contained in the following directories are owned by root:
 
 /bin
 /sbin
@@ -3757,7 +3737,7 @@ If any system commands are returned, this is a finding.</check-content></check><
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40798r646810_fix">Configure the system commands directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-40798r646810_fix" /><check system="C-40835r646809_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system commands directories are owned by root:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-40798r646810_fix" /><check system="C-40835r646809_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands directories are owned by root:
 
 /bin
 /sbin
@@ -3774,7 +3754,7 @@ If any system commands directories are returned, this is a finding.</check-conte
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40799r832996_fix">Configure the system commands to be protected from unauthorized access. Run the following command, replacing "[FILE]" with any system command file not group-owned by "root" or a required system account.
 
-&gt; sudo chgrp root [FILE]</fixtext><fix id="F-40799r832996_fix" /><check system="C-40836r832995_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system commands contained in the following directories are group-owned by root or a system account:
+&gt; sudo chgrp root [FILE]</fixtext><fix id="F-40799r832996_fix" /><check system="C-40836r832995_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands contained in the following directories are group-owned by root or a system account:
 
 /bin
 /sbin
@@ -3791,7 +3771,7 @@ If any system commands are returned that are not Set Group ID upon execution (SG
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-40800r646816_fix">Configure the system commands directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-40800r646816_fix" /><check system="C-40837r646815_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the system commands directories are group-owned by root:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-40800r646816_fix" /><check system="C-40837r646815_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands directories are group-owned by root:
 
 /bin
 /sbin
@@ -3810,7 +3790,7 @@ SUSE operating systems are capable of providing a wide variety of functions and
 
 Examples of nonessential capabilities include but are not limited to games, software packages, tools, and demonstration software not related to requirements or providing a wide array of functionality not required for every mission but which cannot be disabled.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000197</ident><ident system="http://cyber.mil/cci">CCI-000381</ident><fixtext fixref="F-40801r646819_fix">Document the "vsftpd" package with the ISSO as an operational requirement or remove it from the system with the following command:
 
-&gt; sudo zypper remove vsftpd</fixtext><fix id="F-40801r646819_fix" /><check system="C-40838r646818_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the vsftpd package is not installed on the SUSE operating system.
+&gt; sudo zypper remove vsftpd</fixtext><fix id="F-40801r646819_fix" /><check system="C-40838r646818_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the vsftpd package is not installed on the SUSE operating system.
 
 Check that the vsftpd package is not installed on the SUSE operating system by running the following command:
 
@@ -3824,7 +3804,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.default.accept_source_route=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-40802r646822_fix" /><check system="C-40839r646821_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets by default.
+&gt; sudo sysctl --system</fixtext><fix id="F-40802r646822_fix" /><check system="C-40839r646821_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets by default.
 
 Check the value of the default IPv6 accept source route variable with the following command:
 
@@ -3839,7 +3819,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.all.accept_redirects=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-40803r646825_fix" /><check system="C-40840r646824_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets by default.
+&gt; sudo sysctl --system</fixtext><fix id="F-40803r646825_fix" /><check system="C-40840r646824_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets by default.
 Verify the SUSE operating system does not accept IPv6 ICMP redirect messages.
 
 Check the value of the IPv6 accept_redirects variable with the following command:
@@ -3855,7 +3835,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.all.forwarding=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-40804r646828_fix" /><check system="C-40841r646827_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding, unless the system is a router.
+&gt; sudo sysctl --system</fixtext><fix id="F-40804r646828_fix" /><check system="C-40841r646827_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding, unless the system is a router.
 
 Check to see if IPv6 forwarding is enabled using the following command:
 
@@ -3870,7 +3850,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.default.forwarding=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-40805r646831_fix" /><check system="C-40842r646830_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding by default, unless the system is a router.
+&gt; sudo sysctl --system</fixtext><fix id="F-40805r646831_fix" /><check system="C-40842r646830_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding by default, unless the system is a router.
 
 Check to see if IPv6 forwarding is disabled by default using the following command:
 
@@ -3886,7 +3866,7 @@ Edit the /etc/sudoers file with the following command:
 &gt; sudo visudo
 
 Add or modify the following line:
-#includedir /etc/sudoers.d</fixtext><fix id="F-55110r832988_fix" /><check system="C-55156r832987_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Note: If the "include" and "includedir" directives are not present in the /etc/sudoers file, this requirement is not applicable.
+#includedir /etc/sudoers.d</fixtext><fix id="F-55110r832988_fix" /><check system="C-55156r832987_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Note: If the "include" and "includedir" directives are not present in the /etc/sudoers file, this requirement is not applicable.
 
 Verify the operating system specifies only the default "include" directory for the /etc/sudoers file with the following command:
 
@@ -3909,7 +3889,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
 Check the configuration of the "/etc/ pam.d/sudo" file with the following command:
 $ sudo vi /etc/pam.d/sudo
 
-Remove any occurrences of "pam_succeed_if" in the file.</fixtext><fix id="F-55111r854175_fix" /><check system="C-55157r854174_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the operating system is not configured to bypass password requirements for privilege escalation.
+Remove any occurrences of "pam_succeed_if" in the file.</fixtext><fix id="F-55111r854175_fix" /><check system="C-55157r854174_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system is not configured to bypass password requirements for privilege escalation.
 
 Check the configuration of the "/etc/pam.d/sudo" file with the following command:
 
@@ -3920,7 +3900,7 @@ If any occurrences of "pam_succeed_if" are returned from the command, this is a
 Perform a password reset:
 $ sudo passwd [username]
 Lock an account:
-$ sudo passwd -l [username]</fixtext><fix id="F-55112r809452_fix" /><check system="C-55158r809451_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Check the "/etc/shadow" file for blank passwords with the following command:
+$ sudo passwd -l [username]</fixtext><fix id="F-55112r809452_fix" /><check system="C-55158r809451_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Check the "/etc/shadow" file for blank passwords with the following command:
 
 $ sudo awk -F: '!$2 {print $1}' /etc/shadow
 
@@ -3937,7 +3917,7 @@ Add or update the following rules to "/etc/audit/rules.d/audit.rules":
 
 The audit daemon must be restarted for the changes to take effect.
 
-&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-55113r809455_fix" /><check system="C-55159r854177_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls.
+&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-55113r809455_fix" /><check system="C-55159r854177_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "unlink", "unlinkat", "rename", "renameat", and "rmdir" syscalls.
 
 Verify that the following command call is being audited by performing the following command to check the file system rules in "/etc/audit/audit.rules":
 
@@ -3954,7 +3934,7 @@ The system will attempt to use the first algorithm presented by the client that
 
 Restart the "sshd" service for changes to take effect:
 
-     $ sudo systemctl restart sshd</fixtext><fix id="F-59534r880921_fix" /><check system="C-59591r880920_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:
+     $ sudo systemctl restart sshd</fixtext><fix id="F-59534r880921_fix" /><check system="C-59591r880920_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:
 
      $ sudo grep -i kexalgorithms /etc/ssh/sshd_config
      KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
@@ -3975,7 +3955,7 @@ Remove any configurations that conflict with the above from the following locati
 
 Reload settings from all system configuration files with the following command:
 
-     $ sudo sysctl --system</fixtext><fix id="F-59535r880927_fix" /><check system="C-59592r880926_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:
+     $ sudo sysctl --system</fixtext><fix id="F-59535r880927_fix" /><check system="C-59592r880926_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:
 
      $ sudo sysctl kernel.dmesg_restrict
      kernel.dmesg_restrict = 1
@@ -4013,7 +3993,7 @@ Example output:
        Removed files:                1
        Changed files:                0
 
-Done.</fixtext><fix id="F-59536r880936_fix" /><check system="C-59593r880935_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.
+Done.</fixtext><fix id="F-59536r880936_fix" /><check system="C-59593r880935_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.
 
 Check that the AIDE package is installed with the following command:
      $ sudo zypper if aide | grep "Installed"
@@ -4026,13 +4006,13 @@ If there is no application installed to perform integrity checks, this is a find
 If AIDE is installed, check if it has been initialized with the following command:
      $ sudo aide --check
 
-If the output is "Couldn't open file /var/lib/aide/aide.db for reading", this is a finding.</check-content></check></Rule></Group><Group id="V-256980"><title>SRG-OS-000123-GPOS-00064</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-256980r902831_rule" weight="10.0" severity="medium"><version>SLES-12-010331</version><title>The SUSE operating system must automatically expire temporary accounts within 72 hours.</title><description>&lt;VulnDiscussion&gt;Temporary accounts are privileged or nonprivileged accounts that are established during pressing circumstances, such as new software or hardware configuration or an incident response, where the need for prompt account activation requires bypassing normal account authorization procedures. If any inactive temporary accounts are left enabled on the system and are not either manually removed or automatically expired within 72 hours, the security posture of the system will be degraded and exposed to expoitation by unauthorized users or insider threat actors.
-
-Temporary accounts are different from emergency accounts. Emergency accounts, also known as "last resort" or "break glass" accounts, are local logon accounts enabled on the system for emergency use by authorized system administrators to manage a system when standard logon methods are failing or not available. Emergency accounts are not subject to manual removal or scheduled expiration requirements.
-
+If the output is "Couldn't open file /var/lib/aide/aide.db for reading", this is a finding.</check-content></check></Rule></Group><Group id="V-256980"><title>SRG-OS-000123-GPOS-00064</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-256980r903128_rule" weight="10.0" severity="medium"><version>SLES-12-010331</version><title>The SUSE operating system must automatically expire temporary accounts within 72 hours.</title><description>&lt;VulnDiscussion&gt;Temporary accounts are privileged or nonprivileged accounts that are established during pressing circumstances, such as new software or hardware configuration or an incident response, where the need for prompt account activation requires bypassing normal account authorization procedures. If any inactive temporary accounts are left enabled on the system and are not either manually removed or automatically expired within 72 hours, the security posture of the system will be degraded and exposed to exploitation by unauthorized users or insider threat actors.
+
+Temporary accounts are different from emergency accounts. Emergency accounts, also known as "last resort" or "break glass" accounts, are local logon accounts enabled on the system for emergency use by authorized system administrators to manage a system when standard logon methods are failing or not available. Emergency accounts are not subject to manual removal or scheduled expiration requirements.
+
 The automatic expiration of temporary accounts may be extended as needed by the circumstances but it must not be extended indefinitely. A documented permanent account should be established for privileged users who need long-term maintenance accounts.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001682</ident><fixtext fixref="F-60600r902830_fix">Configure the operating system to expire temporary accounts after 72 hours with the following command:
 
-     &gt; sudo chage -E $(date -d +3days +%Y-%m-%d) &lt;temporary_account_name&gt;</fixtext><fix id="F-60600r902830_fix" /><check system="C-60658r902829_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify temporary accounts have been provisioned with an expiration date of 72 hours.
+     &gt; sudo chage -E $(date -d +3days +%Y-%m-%d) &lt;temporary_account_name&gt;</fixtext><fix id="F-60600r902830_fix" /><check system="C-60658r902829_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify temporary accounts have been provisioned with an expiration date of 72 hours.
 
 For every existing temporary account, run the following command to obtain its account expiration information:
 
@@ -4043,7 +4023,7 @@ If any temporary accounts have no expiration date set or do not expire within 72
 
 Detecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 12</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 12</dc:subject><dc:identifier>4033</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001744</ident><fixtext fixref="F-60601r902836_fix">Install the "mailx" package on the system:
 
-     &gt; sudo zypper install mailx</fixtext><fix id="F-60601r902836_fix" /><check system="C-60659r902835_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_12_STIG.xml" name="M" /><check-content>Verify that the operating system is configured to allow sending email notifications.
+     &gt; sudo zypper install mailx</fixtext><fix id="F-60601r902836_fix" /><check system="C-60659r902835_chk"><check-content-ref href="U_SLES_12_STIG_V2R12_Manual-xccdf.xml" name="M" /><check-content>Verify that the operating system is configured to allow sending email notifications.
 
 Note: The "mailx" package provides the "mail" command that is used to send email messages.
 

From 840ee0922ebcb597d247df73d3e4041c6f861e15 Mon Sep 17 00:00:00 2001
From: Christian Hagenest <christian.hagenest@suse.com>
Date: Tue, 21 Nov 2023 09:52:25 +0100
Subject: [PATCH 2/3] Update DISA STIG for SLES 15 to V1 R11

---
 ...=> disa-stig-sle15-v1r11-xccdf-manual.xml} | 446 +++++++++---------
 1 file changed, 223 insertions(+), 223 deletions(-)
 rename shared/references/{disa-stig-sle15-v1r10-xccdf-manual.xml => disa-stig-sle15-v1r11-xccdf-manual.xml} (93%)

diff --git a/shared/references/disa-stig-sle15-v1r10-xccdf-manual.xml b/shared/references/disa-stig-sle15-v1r11-xccdf-manual.xml
similarity index 93%
rename from shared/references/disa-stig-sle15-v1r10-xccdf-manual.xml
rename to shared/references/disa-stig-sle15-v1r11-xccdf-manual.xml
index 3ecd66cb582..2cd23f7d082 100644
--- a/shared/references/disa-stig-sle15-v1r10-xccdf-manual.xml
+++ b/shared/references/disa-stig-sle15-v1r11-xccdf-manual.xml
@@ -1,6 +1,6 @@
-<?xml version="1.0" encoding="utf-8"?><?xml-stylesheet type='text/xsl' href='STIG_unclass.xsl'?><Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="SLES_15_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2023-03-08">accepted</status><title>SUSE Linux Enterprise Server 15 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 10 Benchmark Date: 27 Apr 2023</plain-text><plain-text id="generator">3.4.0.34222</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>1</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Group id="V-234800"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234800r622137_rule" weight="10.0" severity="high"><version>SLES-15-010000</version><title>The SUSE operating system must be a vendor-supported release.</title><description>&lt;VulnDiscussion&gt;A SUSE operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001230</ident><fixtext fixref="F-37951r618670_fix">Upgrade the SUSE operating system to a version supported by the vendor. If the system is not registered with the SUSE Customer Center, register the system against the correct subscription.
+<?xml version="1.0" encoding="utf-8"?><?xml-stylesheet type='text/xsl' href='STIG_unclass.xsl'?><Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="SLES_15_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2023-09-08">accepted</status><title>SUSE Linux Enterprise Server 15 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 11 Benchmark Date: 25 Oct 2023</plain-text><plain-text id="generator">3.4.1.22916</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>1</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-234800" selected="true" /><select idref="V-234801" selected="true" /><select idref="V-234802" selected="true" /><select idref="V-234803" selected="true" /><select idref="V-234804" selected="true" /><select idref="V-234805" selected="true" /><select idref="V-234806" selected="true" /><select idref="V-234807" selected="true" /><select idref="V-234808" selected="true" /><select idref="V-234809" selected="true" /><select idref="V-234810" selected="true" /><select idref="V-234811" selected="true" /><select idref="V-234812" selected="true" /><select idref="V-234813" selected="true" /><select idref="V-234814" selected="true" /><select idref="V-234815" selected="true" /><select idref="V-234816" selected="true" /><select idref="V-234817" selected="true" /><select idref="V-234818" selected="true" /><select idref="V-234819" selected="true" /><select idref="V-234820" selected="true" /><select idref="V-234821" selected="true" /><select idref="V-234822" selected="true" /><select idref="V-234823" selected="true" /><select idref="V-234825" selected="true" /><select idref="V-234826" selected="true" /><select idref="V-234827" selected="true" /><select idref="V-234828" selected="true" /><select idref="V-234829" selected="true" /><select idref="V-234830" selected="true" /><select idref="V-234831" selected="true" /><select idref="V-234832" selected="true" /><select idref="V-234833" selected="true" /><select idref="V-234834" selected="true" /><select idref="V-234835" selected="true" /><select idref="V-234836" selected="true" /><select idref="V-234837" selected="true" /><select idref="V-234838" selected="true" /><select idref="V-234839" selected="true" /><select idref="V-234840" selected="true" /><select idref="V-234841" selected="true" /><select idref="V-234842" selected="true" /><select idref="V-234843" selected="true" /><select idref="V-234844" selected="true" /><select idref="V-234845" selected="true" /><select idref="V-234846" selected="true" /><select idref="V-234847" selected="true" /><select idref="V-234848" selected="true" /><select idref="V-234849" selected="true" /><select idref="V-234850" selected="true" /><select idref="V-234851" selected="true" /><select idref="V-234852" selected="true" /><select idref="V-234853" selected="true" /><select idref="V-234854" selected="true" /><select idref="V-234855" selected="true" /><select idref="V-234856" selected="true" /><select idref="V-234857" selected="true" /><select idref="V-234858" selected="true" /><select idref="V-234859" selected="true" /><select idref="V-234860" selected="true" /><select idref="V-234861" selected="true" /><select idref="V-234862" selected="true" /><select idref="V-234863" selected="true" /><select idref="V-234864" selected="true" /><select idref="V-234865" selected="true" /><select idref="V-234866" selected="true" /><select idref="V-234867" selected="true" /><select idref="V-234868" selected="true" /><select idref="V-234869" selected="true" /><select idref="V-234870" selected="true" /><select idref="V-234871" selected="true" /><select idref="V-234872" selected="true" /><select idref="V-234873" selected="true" /><select idref="V-234874" selected="true" /><select idref="V-234875" selected="true" /><select idref="V-234876" selected="true" /><select idref="V-234877" selected="true" /><select idref="V-234878" selected="true" /><select idref="V-234879" selected="true" /><select idref="V-234880" selected="true" /><select idref="V-234881" selected="true" /><select idref="V-234882" selected="true" /><select idref="V-234883" selected="true" /><select idref="V-234884" selected="true" /><select idref="V-234885" selected="true" /><select idref="V-234886" selected="true" /><select idref="V-234887" selected="true" /><select idref="V-234888" selected="true" /><select idref="V-234889" selected="true" /><select idref="V-234890" selected="true" /><select idref="V-234891" selected="true" /><select idref="V-234892" selected="true" /><select idref="V-234893" selected="true" /><select idref="V-234894" selected="true" /><select idref="V-234895" selected="true" /><select idref="V-234896" selected="true" /><select idref="V-234897" selected="true" /><select idref="V-234898" selected="true" /><select idref="V-234899" selected="true" /><select idref="V-234900" selected="true" /><select idref="V-234901" selected="true" /><select idref="V-234902" selected="true" /><select idref="V-234903" selected="true" /><select idref="V-234904" selected="true" /><select idref="V-234905" selected="true" /><select idref="V-234906" selected="true" /><select idref="V-234907" selected="true" /><select idref="V-234908" selected="true" /><select idref="V-234909" selected="true" /><select idref="V-234910" selected="true" /><select idref="V-234911" selected="true" /><select idref="V-234912" selected="true" /><select idref="V-234913" selected="true" /><select idref="V-234914" selected="true" /><select idref="V-234918" selected="true" /><select idref="V-234924" selected="true" /><select idref="V-234928" selected="true" /><select idref="V-234932" selected="true" /><select idref="V-234933" selected="true" /><select idref="V-234934" selected="true" /><select idref="V-234935" selected="true" /><select idref="V-234936" selected="true" /><select idref="V-234937" selected="true" /><select idref="V-234938" selected="true" /><select idref="V-234939" selected="true" /><select idref="V-234940" selected="true" /><select idref="V-234941" selected="true" /><select idref="V-234942" selected="true" /><select idref="V-234943" selected="true" /><select idref="V-234944" selected="true" /><select idref="V-234945" selected="true" /><select idref="V-234946" selected="true" /><select idref="V-234947" selected="true" /><select idref="V-234948" selected="true" /><select idref="V-234949" selected="true" /><select idref="V-234950" selected="true" /><select idref="V-234951" selected="true" /><select idref="V-234952" selected="true" /><select idref="V-234954" selected="true" /><select idref="V-234955" selected="true" /><select idref="V-234956" selected="true" /><select idref="V-234957" selected="true" /><select idref="V-234958" selected="true" /><select idref="V-234959" selected="true" /><select idref="V-234961" selected="true" /><select idref="V-234962" selected="true" /><select idref="V-234963" selected="true" /><select idref="V-234964" selected="true" /><select idref="V-234965" selected="true" /><select idref="V-234966" selected="true" /><select idref="V-234967" selected="true" /><select idref="V-234968" selected="true" /><select idref="V-234969" selected="true" /><select idref="V-234973" selected="true" /><select idref="V-234975" selected="true" /><select idref="V-234976" selected="true" /><select idref="V-234977" selected="true" /><select idref="V-234978" selected="true" /><select idref="V-234979" selected="true" /><select idref="V-234980" selected="true" /><select idref="V-234981" selected="true" /><select idref="V-234982" selected="true" /><select idref="V-234983" selected="true" /><select idref="V-234984" selected="true" /><select idref="V-234985" selected="true" /><select idref="V-234986" selected="true" /><select idref="V-234987" selected="true" /><select idref="V-234988" selected="true" /><select idref="V-234989" selected="true" /><select idref="V-234990" selected="true" /><select idref="V-234991" selected="true" /><select idref="V-234992" selected="true" /><select idref="V-234993" selected="true" /><select idref="V-234994" selected="true" /><select idref="V-234995" selected="true" /><select idref="V-234996" selected="true" /><select idref="V-234997" selected="true" /><select idref="V-234998" selected="true" /><select idref="V-234999" selected="true" /><select idref="V-235000" selected="true" /><select idref="V-235001" selected="true" /><select idref="V-235002" selected="true" /><select idref="V-235003" selected="true" /><select idref="V-235004" selected="true" /><select idref="V-235005" selected="true" /><select idref="V-235006" selected="true" /><select idref="V-235007" selected="true" /><select idref="V-235008" selected="true" /><select idref="V-235009" selected="true" /><select idref="V-235010" selected="true" /><select idref="V-235013" selected="true" /><select idref="V-235014" selected="true" /><select idref="V-235015" selected="true" /><select idref="V-235016" selected="true" /><select idref="V-235017" selected="true" /><select idref="V-235018" selected="true" /><select idref="V-235019" selected="true" /><select idref="V-235020" selected="true" /><select idref="V-235021" selected="true" /><select idref="V-235022" selected="true" /><select idref="V-235023" selected="true" /><select idref="V-235024" selected="true" /><select idref="V-235025" selected="true" /><select idref="V-235026" selected="true" /><select idref="V-235027" selected="true" /><select idref="V-235028" selected="true" /><select idref="V-235029" selected="true" /><select idref="V-235030" selected="true" /><select idref="V-235031" selected="true" /><select idref="V-235032" selected="true" /><select idref="V-251723" selected="true" /><select idref="V-251724" selected="true" /><select idref="V-251725" selected="true" /><select idref="V-255920" selected="true" /><select idref="V-255921" selected="true" /><select idref="V-255922" selected="true" /><select idref="V-256982" selected="true" /><select idref="V-256983" selected="true" /></Profile><Group id="V-234800"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234800r622137_rule" weight="10.0" severity="high"><version>SLES-15-010000</version><title>The SUSE operating system must be a vendor-supported release.</title><description>&lt;VulnDiscussion&gt;A SUSE operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001230</ident><fixtext fixref="F-37951r618670_fix">Upgrade the SUSE operating system to a version supported by the vendor. If the system is not registered with the SUSE Customer Center, register the system against the correct subscription.
 
-If the system requires Long-Term Service Pack Support (LTSS), obtain the correct LTSS subscription for the system.</fixtext><fix id="F-37951r618670_fix" /><check system="C-37988r618669_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is a vendor-supported release.
+If the system requires Long-Term Service Pack Support (LTSS), obtain the correct LTSS subscription for the system.</fixtext><fix id="F-37951r618670_fix" /><check system="C-37988r618669_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is a vendor-supported release.
 
 Use the following command to verify the SUSE operating system is a vendor-supported release:
 
@@ -16,7 +16,7 @@ VERSION="15-SPx"
 
 Current End of Life for SLES 15 General Support is 31 Jul 2028 and Long-term Support is until 31 Jul 2031.
 
-If the release is not supported by the vendor, this is a finding.</check-content></check></Rule></Group><Group id="V-234801"><title>SRG-OS-000191-GPOS-00080</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234801r754757_rule" weight="10.0" severity="medium"><version>SLES-15-010001</version><title>The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool.</title><description>&lt;VulnDiscussion&gt;Adding endpoint security tools can provide the capability to automatically take actions in response to malicious behavior, which can provide additional agility in reacting to network threats. These tools also often include a reporting capability to provide network awareness of the system, which may not otherwise exist in an organization's systems management regime.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001233</ident><fixtext fixref="F-37952r754756_fix">Install and enable the latest McAfee ENSLTP package.</fixtext><fix id="F-37952r754756_fix" /><check system="C-37989r754755_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Per OPORD 16-0080, the preferred endpoint security tool is Endpoint Security for Linux (ENSL) in conjunction with SELinux.
+If the release is not supported by the vendor, this is a finding.</check-content></check></Rule></Group><Group id="V-234801"><title>SRG-OS-000191-GPOS-00080</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234801r754757_rule" weight="10.0" severity="medium"><version>SLES-15-010001</version><title>The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool.</title><description>&lt;VulnDiscussion&gt;Adding endpoint security tools can provide the capability to automatically take actions in response to malicious behavior, which can provide additional agility in reacting to network threats. These tools also often include a reporting capability to provide network awareness of the system, which may not otherwise exist in an organization's systems management regime.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001233</ident><fixtext fixref="F-37952r754756_fix">Install and enable the latest McAfee ENSLTP package.</fixtext><fix id="F-37952r754756_fix" /><check system="C-37989r754755_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Per OPORD 16-0080, the preferred endpoint security tool is Endpoint Security for Linux (ENSL) in conjunction with SELinux.
 
 Procedure:
 Check that the following package has been installed:
@@ -31,7 +31,7 @@ Verify that the daemon is running:
 
 If the daemon is not running, this is a finding.</check-content></check></Rule></Group><Group id="V-234802"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234802r622137_rule" weight="10.0" severity="medium"><version>SLES-15-010010</version><title>Vendor-packaged SUSE operating system security patches and updates must be installed and up to date.</title><description>&lt;VulnDiscussion&gt;Timely patching is critical for maintaining the operational availability, confidentiality, and integrity of information technology (IT) systems. However, failure to keep SUSE operating system and application software patched is a common mistake made by IT professionals. New patches are released frequently, and it is often difficult for even experienced System Administrators (SAs) to keep abreast of all the new patches. When new weaknesses in a SUSE operating system exist, patches are usually made available by the vendor to resolve the problems. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001227</ident><fixtext fixref="F-37953r618676_fix">Install the applicable SUSE operating system patches available from SUSE by running the following command:
 
-&gt; sudo zypper patch</fixtext><fix id="F-37953r618676_fix" /><check system="C-37990r618675_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system security patches and updates are installed and up to date.
+&gt; sudo zypper patch</fixtext><fix id="F-37953r618676_fix" /><check system="C-37990r618675_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system security patches and updates are installed and up to date.
 
 Note: Updates are required to be applied with a frequency determined by the site or Program Management Office (PMO).
 
@@ -85,7 +85,7 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-37954r618679_fix" /><check system="C-37991r618678_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via local console.
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-37954r618679_fix" /><check system="C-37991r618678_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via local console.
 
 Check the "motd" (message of the day) file to verify that it contains the DoD required banner text:
 
@@ -115,7 +115,7 @@ Examples of nonessential capabilities include but are not limited to games, soft
 
 Satisfies: SRG-OS-000074-GPOS-00042, SRG-OS-000095-GPOS-00049&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000197</ident><ident system="http://cyber.mil/cci">CCI-000381</ident><fixtext fixref="F-37955r618682_fix">Document the "vsftpd" package with the ISSO as an operational requirement or remove it from the system with the following command:
 
-&gt; sudo zypper remove vsftpd</fixtext><fix id="F-37955r618682_fix" /><check system="C-37992r618681_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the vsftpd package is not installed on the SUSE operating system.
+&gt; sudo zypper remove vsftpd</fixtext><fix id="F-37955r618682_fix" /><check system="C-37992r618681_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the vsftpd package is not installed on the SUSE operating system.
 
 Check that the vsftpd package is not installed on the SUSE operating system by running the following command:
 
@@ -165,7 +165,7 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-37956r618685_fix" /><check system="C-37993r618684_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via SSH.
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-37956r618685_fix" /><check system="C-37993r618684_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system via SSH.
 
 Check the issue file to verify it contains one of the DoD required banners. If it does not, this is a finding.
 
@@ -217,7 +217,7 @@ sleep 1;
 exit 1;
 fi
 
-Save the file "/etc/gdm/Xsession".</fixtext><fix id="F-37957r618688_fix" /><check system="C-37994r618687_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on via the local GUI. 
+Save the file "/etc/gdm/Xsession".</fixtext><fix id="F-37957r618688_fix" /><check system="C-37994r618687_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on via the local GUI. 
 
 Note: If a graphical user interface is not installed, this requirement is Not Applicable.
 
@@ -258,7 +258,7 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-37958r618691_fix" /><check system="C-37995r618690_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</fixtext><fix id="F-37958r618691_fix" /><check system="C-37995r618690_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system file "/etc/gdm/banner" contains the Standard Mandatory DoD Notice and Consent Banner text by running the following command:
 
@@ -322,7 +322,7 @@ Update the system databases:
 
 &gt; sudo dconf update
 
-Users must log out and back in again before the system-wide settings take effect.</fixtext><fix id="F-37959r618694_fix" /><check system="C-37996r618693_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
+Users must log out and back in again before the system-wide settings take effect.</fixtext><fix id="F-37959r618694_fix" /><check system="C-37996r618693_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system displays a banner before local or remote access to the system via a graphical user logon.
 
@@ -372,7 +372,7 @@ banner-message-text="You are accessing a U.S. Government (USG) Information Syste
 Note: The "\n" characters are for formatting only. They will not be displayed on the GUI.
 
 Run the following command to update the database:
-&gt; sudo dconf update</fixtext><fix id="F-37960r618697_fix" /><check system="C-37997r618696_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
+&gt; sudo dconf update</fixtext><fix id="F-37960r618697_fix" /><check system="C-37997r618696_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system displays the approved Standard Mandatory DoD Notice before granting local or remote access to the system via a graphical user logon.
 
@@ -396,7 +396,7 @@ Configure the SUSE operating system to allow the user to lock the GUI.
 
 Run the following command to configure the SUSE operating system to allow the user to lock the GUI:
 
-&gt; sudo gsettings set org.gnome.desktop.lockdown disable-lock-screen false</fixtext><fix id="F-37961r618700_fix" /><check system="C-37998r618699_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system allows the user to lock the GUI. 
+&gt; sudo gsettings set org.gnome.desktop.lockdown disable-lock-screen false</fixtext><fix id="F-37961r618700_fix" /><check system="C-37998r618699_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system allows the user to lock the GUI. 
 
 Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
@@ -412,7 +412,7 @@ Regardless of where the session lock is determined and implemented, once invoked
 
 Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011, SRG-OS-000031-GPOS-00012&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000056</ident><ident system="http://cyber.mil/cci">CCI-000058</ident><ident system="http://cyber.mil/cci">CCI-000060</ident><fixtext fixref="F-37962r618703_fix">Allow users to lock the console by installing the "kbd" package using zypper:
 
-&gt; sudo zypper install kbd</fixtext><fix id="F-37962r618703_fix" /><check system="C-37999r618702_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Check that the SUSE operating system has the "vlock" package installed by running the following command: 
+&gt; sudo zypper install kbd</fixtext><fix id="F-37962r618703_fix" /><check system="C-37999r618702_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Check that the SUSE operating system has the "vlock" package installed by running the following command: 
 
 &gt; zypper search --installed-only --match-exact --provides vlock
 
@@ -424,7 +424,7 @@ The session lock is implemented at the point where session activity can be deter
 
 Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable. This command must be run from an X11 session, otherwise the command will not work correctly.
 
-&gt; sudo gsettings set org.gnome.desktop.session idle-delay 900</fixtext><fix id="F-37963r618706_fix" /><check system="C-38000r618705_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system initiates a session lock after a 15-minute period of inactivity via the GUI by running the following command:
+&gt; sudo gsettings set org.gnome.desktop.session idle-delay 900</fixtext><fix id="F-37963r618706_fix" /><check system="C-38000r618705_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system initiates a session lock after a 15-minute period of inactivity via the GUI by running the following command:
 
 Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
 
@@ -444,7 +444,7 @@ export TMOUT
 
 Set the proper permissions for the "/etc/profile.d/autologout.sh" file with the following command:
 
-&gt; sudo chmod +x /etc/profile.d/autologout.sh</fixtext><fix id="F-37964r618709_fix" /><check system="C-38001r618708_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types. 
+&gt; sudo chmod +x /etc/profile.d/autologout.sh</fixtext><fix id="F-37964r618709_fix" /><check system="C-38001r618708_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types. 
 
 Check the proper script exists to kill an idle session after a 15-minute period of inactivity with the following command:
 
@@ -466,7 +466,7 @@ Configure the SUSE operating system to use a publically viewable image by findin
 - Click the "Settings" icon.
 - Click "Background" from left hand menu.
 - Select image and set the Lock Screen image to the user's choice.
-- Exit Settings Dialog.</fixtext><fix id="F-37965r618712_fix" /><check system="C-38002r618711_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system conceals via the session lock information previously visible on the display with a publicly viewable image in the GUI.
+- Exit Settings Dialog.</fixtext><fix id="F-37965r618712_fix" /><check system="C-38002r618711_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system conceals via the session lock information previously visible on the display with a publicly viewable image in the GUI.
 
 Note: If the system does not have X Windows installed, this requirement is Not Applicable.
 
@@ -485,7 +485,7 @@ Add or update the following line in the "/etc/ssh/sshd_config" file:
 
 LogLevel VERBOSE
 
-The SSH service will need to be restarted in order for the changes to take effect.</fixtext><fix id="F-37966r618715_fix" /><check system="C-38003r618714_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify SSH is configured to verbosely log connection attempts and failed logon attempts to the SUSE operating system.
+The SSH service will need to be restarted in order for the changes to take effect.</fixtext><fix id="F-37966r618715_fix" /><check system="C-38003r618714_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify SSH is configured to verbosely log connection attempts and failed logon attempts to the SUSE operating system.
 
 Check that the SSH daemon configuration verbosely logs connection attempts and failed logon attempts to the server with the following command:
 
@@ -509,7 +509,7 @@ Ciphers aes256-ctr,aes192-ctr,aes128-ctr
 
 Restart the SSH daemon:
 
-&gt; sudo systemctl restart sshd.service</fixtext><fix id="F-37967r618718_fix" /><check system="C-38004r618717_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system implements DoD-approved encryption to protect the confidentiality of SSH remote connections.
+&gt; sudo systemctl restart sshd.service</fixtext><fix id="F-37967r618718_fix" /><check system="C-38004r618717_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system implements DoD-approved encryption to protect the confidentiality of SSH remote connections.
 
 Check the SSH daemon configuration for allowed ciphers with the following command:
 
@@ -533,7 +533,7 @@ cert_policy = ca,signature,oscp_on;
 
 Note: Additional certificate validation polices are permitted.
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-37968r618721_fix" /><check system="C-38005r618720_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system for PKI-based authentication had valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-37968r618721_fix" /><check system="C-38005r618720_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system for PKI-based authentication had valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
 
 Check that the certification path to an accepted trust anchor for multifactor authentication is implemented with the following command:
 
@@ -549,7 +549,7 @@ Examples of nonessential capabilities include but are not limited to games, soft
 
 Satisfies: SRG-OS-000074-GPOS-00042, SRG-OS-000095-GPOS-00049&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000197</ident><ident system="http://cyber.mil/cci">CCI-000381</ident><fixtext fixref="F-37969r618724_fix">Remove the telnet-server package from the SUSE operating system by running the following command:
 
-&gt; sudo zypper remove telnet-server</fixtext><fix id="F-37969r618724_fix" /><check system="C-38006r618723_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the telnet-server package is not installed on the SUSE operating system.
+&gt; sudo zypper remove telnet-server</fixtext><fix id="F-37969r618724_fix" /><check system="C-38006r618723_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the telnet-server package is not installed on the SUSE operating system.
 
 Check that the telnet-server package is not installed on the SUSE operating system by running the following command:
 
@@ -576,7 +576,7 @@ password_pbkdf2 root grub.pbkdf2.sha512.VeryLongString
 Generate an updated "grub.conf" file with the new password using the following commands:
 
 &gt; sudo grub2-mkconfig --output=/tmp/grub2.cfg
-&gt; sudo mv /tmp/grub2.cfg /boot/grub2/grub.cfg</fixtext><fix id="F-37970r618727_fix" /><check system="C-38007r618726_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted root password. 
+&gt; sudo mv /tmp/grub2.cfg /boot/grub2/grub.cfg</fixtext><fix id="F-37970r618727_fix" /><check system="C-38007r618726_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted root password. 
 
 Note: If the system does not use a BIOS this requirement is Not Applicable.
 
@@ -605,7 +605,7 @@ password_pbkdf2 root grub.pbkdf2.sha512.VeryLongString
 Generate an updated "grub.conf" file with the new password using the following commands:
 
 &gt; sudo grub2-mkconfig --output=/tmp/grub2.cfg
-&gt; sudo mv /tmp/grub2.cfg /boot/efi/EFI/sles/grub.cfg</fixtext><fix id="F-37971r618730_fix" /><check system="C-38008r618729_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted root password. 
+&gt; sudo mv /tmp/grub2.cfg /boot/efi/EFI/sles/grub.cfg</fixtext><fix id="F-37971r618730_fix" /><check system="C-38008r618729_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has set an encrypted root password. 
 
 Note: If the system does not use UEFI, this requirement is Not Applicable.
 
@@ -631,7 +631,7 @@ Enable the "firewalld.service" by running the following command:
 
 Start the "firewalld.service" by running the following command:
 
-&gt; sudo systemctl start firewalld.service</fixtext><fix id="F-37972r618733_fix" /><check system="C-38009r618732_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.
+&gt; sudo systemctl start firewalld.service</fixtext><fix id="F-37972r618733_fix" /><check system="C-38009r618732_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.
 
 Check that the "firewalld.service" is enabled and running by running the following command:
 
@@ -667,7 +667,7 @@ Interactive users include organizational employees or individuals the organizati
 
 Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000764</ident><ident system="http://cyber.mil/cci">CCI-000804</ident><fixtext fixref="F-37973r618736_fix">Configure the SUSE operating system to contain no duplicate UIDs for interactive users.
 
-Edit the file "/etc/passwd" and provide each interactive user account that has a duplicate UID with a unique UID.</fixtext><fix id="F-37973r618736_fix" /><check system="C-38010r618735_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system contains no duplicate UIDs for interactive users.
+Edit the file "/etc/passwd" and provide each interactive user account that has a duplicate UID with a unique UID.</fixtext><fix id="F-37973r618736_fix" /><check system="C-38010r618735_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system contains no duplicate UIDs for interactive users.
 
 Check that the SUSE operating system contains no duplicate UIDs for interactive users by running the following command:
 
@@ -682,7 +682,7 @@ Turn off the automount service with the following command:
 &gt; systemctl stop autofs
 &gt; systemctl disable autofs
 
-If "autofs" is required for Network File System (NFS), it must be documented with the ISSO.</fixtext><fix id="F-37974r618739_fix" /><check system="C-38011r618738_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system disables the ability to automount devices.
+If "autofs" is required for Network File System (NFS), it must be documented with the ISSO.</fixtext><fix id="F-37974r618739_fix" /><check system="C-38011r618738_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system disables the ability to automount devices.
 
 Check to see if automounter service is active with the following command:
 
@@ -699,7 +699,7 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
 
 Edit the "/etc/login.defs" file with the following line:
 
-ENCRYPT_METHOD SHA512</fixtext><fix id="F-37976r618745_fix" /><check system="C-38013r618744_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system requires that the "ENCRYPT_METHOD" value in "/etc/login.defs" is set to "SHA512".
+ENCRYPT_METHOD SHA512</fixtext><fix id="F-37976r618745_fix" /><check system="C-38013r618744_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system requires that the "ENCRYPT_METHOD" value in "/etc/login.defs" is set to "SHA512".
 
 Check the value of "ENCRYPT_METHOD" value in "/etc/login.defs" with the following command:
 
@@ -719,7 +719,7 @@ Satisfies: SRG-OS-000125-GPOS-00065, SRG-OS-000394-GPOS-00174&lt;/VulnDiscussion
 
 Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the "MACs" keyword and set its value to "hmac-sha2-512" and/or "hmac-sha2-256" (The file might be named differently or be in a different location):
 
-MACs hmac-sha2-512,hmac-sha2-256</fixtext><fix id="F-37977r618748_fix" /><check system="C-38014r618747_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to only use MACs that employ FIPS 140-2 approved hashes.
+MACs hmac-sha2-512,hmac-sha2-256</fixtext><fix id="F-37977r618748_fix" /><check system="C-38014r618747_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to only use MACs that employ FIPS 140-2 approved hashes.
 
 Check that the SSH daemon is configured to only use MACs that employ FIPS 140-2 approved hashes with the following command:
 
@@ -736,7 +736,7 @@ Add or modify (to match exactly) the following line in the "/etc/ssh/sshd_config
 
 ClientAliveInterval 600
 
-The SSH daemon must be restarted for any changes to take effect.</fixtext><fix id="F-37978r618751_fix" /><check system="C-38015r618750_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to timeout idle sessions.
+The SSH daemon must be restarted for any changes to take effect.</fixtext><fix id="F-37978r618751_fix" /><check system="C-38015r618750_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to timeout idle sessions.
 
 Check that the "ClientAliveInterval" parameter is set to a value of "600" with the following command:
 
@@ -753,7 +753,7 @@ An example of a world-writable directory is "/tmp" directory. Set the sticky bit
 
 &gt; sudo chmod 1777 /tmp
 
-For every world-writable directory, replace "/tmp" in the command above with the world-writable directory that does not have the sticky bit set.</fixtext><fix id="F-37979r618754_fix" /><check system="C-38016r618753_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized and unintended information transfer via the shared system resources.
+For every world-writable directory, replace "/tmp" in the command above with the world-writable directory that does not have the sticky bit set.</fixtext><fix id="F-37979r618754_fix" /><check system="C-38016r618753_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized and unintended information transfer via the shared system resources.
 
 Check that world-writable directories have the sticky bit set with the following command:
 
@@ -771,7 +771,7 @@ If "1" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.tcp_syncookies=1" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-37980r618757_fix" /><check system="C-38017r618756_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured to use IPv4 TCP syncookies.
+&gt; sudo sysctl --system</fixtext><fix id="F-37980r618757_fix" /><check system="C-38017r618756_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured to use IPv4 TCP syncookies.
 
 Check to see if syncookies are used with the following command:
 
@@ -792,7 +792,7 @@ ClientAliveCountMax 0
 
 In order for the changes to take effect, the SSH daemon must be restarted.
 
-&gt; sudo systemctl restart sshd.service</fixtext><fix id="F-37981r618760_fix" /><check system="C-38018r618759_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that all network connections associated with SSH traffic are automatically terminated at the end of the session or after 10 minutes of inactivity.
+&gt; sudo systemctl restart sshd.service</fixtext><fix id="F-37981r618760_fix" /><check system="C-38018r618759_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that all network connections associated with SSH traffic are automatically terminated at the end of the session or after 10 minutes of inactivity.
 
 Check that the "ClientAliveCountMax" variable is set to a value of "0" or less by performing the following command:
 
@@ -812,7 +812,7 @@ Encrypting a partition in an already-installed system is more difficult because
 
 Refer to the document "SUSE Linux Enterprise Server 15 SP1 - Security Guide", Section 12.1.2, for a detailed disk encryption guide:
 
-https://documentation.suse.com/sles/15-SP1/html/SLES-all/cha-security-cryptofs.html#sec-security-cryptofs-y2-part-run</fixtext><fix id="F-37982r618763_fix" /><check system="C-38019r618762_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized disclosure or modification of all information requiring at rest protection by using disk encryption. 
+https://documentation.suse.com/sles/15-SP1/html/SLES-all/cha-security-cryptofs.html#sec-security-cryptofs-y2-part-run</fixtext><fix id="F-37982r618763_fix" /><check system="C-38019r618762_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized disclosure or modification of all information requiring at rest protection by using disk encryption. 
 
 Determine the partition layout for the system with the following command:
 
@@ -842,7 +842,7 @@ The /var/log/btmp, /var/log/wtmp, and /var/log/lastlog files have group write an
 
 Note: The btmp, wtmp, and lastlog files are excluded. Refer to the Discussion for details.
 
-&gt; sudo find /var/log -perm /137 ! -name '*[bw]tmp' ! -name '*lastlog' -type f -exec chmod 640 '{}' \;</fixtext><fix id="F-37983r880883_fix" /><check system="C-38020r880882_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system has all system log files under the /var/log directory with a permission set to "640", by using the following command:
+&gt; sudo find /var/log -perm /137 ! -name '*[bw]tmp' ! -name '*lastlog' -type f -exec chmod 640 '{}' \;</fixtext><fix id="F-37983r880883_fix" /><check system="C-38020r880882_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system has all system log files under the /var/log directory with a permission set to "640", by using the following command:
 
 Note: The btmp, wtmp, and lastlog files are excluded. Refer to the Discussion for details.
 
@@ -858,7 +858,7 @@ Add or update the following rules in "/etc/permissions.local":
 
 Set the correct permissions with the following command:
 
-&gt; sudo chkstat --set --system</fixtext><fix id="F-37984r618769_fix" /><check system="C-38021r618768_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized users from accessing system error messages.
+&gt; sudo chkstat --set --system</fixtext><fix id="F-37984r618769_fix" /><check system="C-38021r618768_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents unauthorized users from accessing system error messages.
 
 Check the "/var/log/messages" file permissions with the following command:
 
@@ -876,7 +876,7 @@ If the effective permissions do not match the "permissions.local" file, the comm
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37985r618772_fix">Configure the library files to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-37985r618772_fix" /><check system="C-38022r618771_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib", and "/usr/lib64" have mode "0755" or less permissive.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-37985r618772_fix" /><check system="C-38022r618771_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib", and "/usr/lib64" have mode "0755" or less permissive.
 
 Check that the system-wide shared library files have mode "0755" or less permissive with the following command:
 
@@ -886,7 +886,7 @@ If any files are found to be group-writable or world-writable, this is a finding
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37986r618775_fix">Configure the shared library directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec chmod 755 '{}' \;</fixtext><fix id="F-37986r618775_fix" /><check system="C-38023r618774_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode "0755" or less permissive.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec chmod 755 '{}' \;</fixtext><fix id="F-37986r618775_fix" /><check system="C-38023r618774_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode "0755" or less permissive.
 
 Check that the system-wide shared library directories have mode "0755" or less permissive with the following command:
 
@@ -896,7 +896,7 @@ If any of the aforementioned directories are found to be group-writable or world
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37987r618778_fix">Configure the system library files to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-37987r618778_fix" /><check system="C-38024r618777_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-37987r618778_fix" /><check system="C-38024r618777_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are owned by root.
 
 Check that the system-wide shared library files are owned by root with the following command:
 
@@ -906,7 +906,7 @@ If any system wide library file is returned, this is a finding.</check-content><
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37988r618781_fix">Configure the library files and their respective parent directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-37988r618781_fix" /><check system="C-38025r618780_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-37988r618781_fix" /><check system="C-38025r618780_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.
 
 Check that the system-wide shared library directories are owned by root with the following command:
 
@@ -916,7 +916,7 @@ If any system wide library directory is returned, this is a finding.</check-cont
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37989r618784_fix">Configure the system library files to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type f -exec chgrp root '{}' \;</fixtext><fix id="F-37989r618784_fix" /><check system="C-38026r618783_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system-wide library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type f -exec chgrp root '{}' \;</fixtext><fix id="F-37989r618784_fix" /><check system="C-38026r618783_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide library files contained in the directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
 
 Check that the system-wide library files are group-owned by root with the following command:
 
@@ -926,7 +926,7 @@ If any system wide shared library file is returned, this is a finding.</check-co
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37990r618787_fix">Configure the system library directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-37990r618787_fix" /><check system="C-38027r618786_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system-wide library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
+&gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-37990r618787_fix" /><check system="C-38027r618786_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system-wide library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
 
 Check that the system-wide library directories are group-owned by root with the following command:
 
@@ -936,7 +936,7 @@ If any system wide shared library directory is returned, this is a finding.</che
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37991r618790_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-37991r618790_fix" /><check system="C-38028r618789_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system commands contained in the following directories have mode "0755" or less permissive:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type f -exec chmod 755 '{}' \;</fixtext><fix id="F-37991r618790_fix" /><check system="C-38028r618789_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands contained in the following directories have mode "0755" or less permissive:
 
 /bin
 /sbin
@@ -953,7 +953,7 @@ If any files are found to be group-writable or world-writable, this is a finding
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37992r618793_fix">Configure the system commands directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type d -exec chmod -R 755 '{}' \;</fixtext><fix id="F-37992r618793_fix" /><check system="C-38029r618792_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system commands directories have mode "0755" or less permissive:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type d -exec chmod -R 755 '{}' \;</fixtext><fix id="F-37992r618793_fix" /><check system="C-38029r618792_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands directories have mode "0755" or less permissive:
 
 /bin
 /sbin
@@ -970,7 +970,7 @@ If any directories are found to be group-writable or world-writable, this is a f
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37993r618796_fix">Configure the system commands - and their respective parent directories - to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-37993r618796_fix" /><check system="C-38030r618795_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system commands contained in the following directories are owned by root:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type f -exec chown root '{}' \;</fixtext><fix id="F-37993r618796_fix" /><check system="C-38030r618795_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands contained in the following directories are owned by root:
 
 /bin
 /sbin
@@ -987,7 +987,7 @@ If any system commands are returned, this is a finding.</check-content></check><
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37994r618799_fix">Configure the system commands directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-37994r618799_fix" /><check system="C-38031r618798_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system commands directories are owned by root:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -user root -type d -exec chown root '{}' \;</fixtext><fix id="F-37994r618799_fix" /><check system="C-38031r618798_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands directories are owned by root:
 
 /bin
 /sbin
@@ -1004,7 +1004,7 @@ If any system commands directories are returned, this is a finding.</check-conte
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37995r833002_fix">Configure the system commands to be protected from unauthorized access. Run the following command, replacing "[FILE]" with any system command file not group-owned by "root" or a required system account.
 
-&gt; sudo chgrp root [FILE]</fixtext><fix id="F-37995r833002_fix" /><check system="C-38032r833001_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system commands contained in the following directories are group-owned by root or a system account:
+&gt; sudo chgrp root [FILE]</fixtext><fix id="F-37995r833002_fix" /><check system="C-38032r833001_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands contained in the following directories are group-owned by root or a system account:
 
 /bin
 /sbin
@@ -1021,7 +1021,7 @@ If any system commands are returned that are not Set Group ID upon execution (SG
 
 This requirement applies to SUSE operating systems with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-37996r618805_fix">Configure the system commands directories to be protected from unauthorized access. Run the following command:
 
-&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-37996r618805_fix" /><check system="C-38033r618804_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the system commands directories are group-owned by root:
+&gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -type d -exec chgrp root '{}' \;</fixtext><fix id="F-37996r618805_fix" /><check system="C-38033r618804_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the system commands directories are group-owned by root:
 
 /bin
 /sbin
@@ -1060,7 +1060,7 @@ To immediately disconnect or disable remote access the firewall needs to be set
 
 To enable remote connection again, panic mode needs to be disabled.
 
-&gt; sudo firewall-cmd --panic-off</fixtext><fix id="F-37997r618808_fix" /><check system="C-38034r618807_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify "firewalld" is configured to protect the SUSE operating system. 
+&gt; sudo firewall-cmd --panic-off</fixtext><fix id="F-37997r618808_fix" /><check system="C-38034r618807_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify "firewalld" is configured to protect the SUSE operating system. 
 
 Run the following command:
 
@@ -1094,7 +1094,7 @@ For each interface of type wireless with a configuration type of "compat:suse:",
 
 For each interface of type wireless, for each configuration of type "wicked:xml:", remove the associated file or remove the interface configuration from the file.
 
-&gt; sudo rm /etc/wicked/ifconfig/wlan0.xml</fixtext><fix id="F-37998r618811_fix" /><check system="C-38035r618810_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has no wireless network adapters enabled.
+&gt; sudo rm /etc/wicked/ifconfig/wlan0.xml</fixtext><fix id="F-37998r618811_fix" /><check system="C-38035r618810_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has no wireless network adapters enabled.
 
 Check that there are no wireless interfaces configured on the system with the following command:
 
@@ -1152,7 +1152,7 @@ Start "Apparmor" with the following command:
 
 &gt; sudo systemctl start apparmor.service
 
-Note: "pam_apparmor" must have properly configured profiles. All configurations will be based on the actual system setup and organization. See the "pam_apparmor" documentation for more information on configuring profiles.</fixtext><fix id="F-37999r618814_fix" /><check system="C-38036r618813_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system AppArmor tool is configured to control whitelisted applications and user home directory access control.
+Note: "pam_apparmor" must have properly configured profiles. All configurations will be based on the actual system setup and organization. See the "pam_apparmor" documentation for more information on configuring profiles.</fixtext><fix id="F-37999r618814_fix" /><check system="C-38036r618813_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system AppArmor tool is configured to control whitelisted applications and user home directory access control.
 
 Check that "pam_apparmor" is installed on the system with the following command:
 
@@ -1178,7 +1178,7 @@ Satisfies: SRG-OS-000355-GPOS-00143, SRG-OS-000356-GPOS-00144&lt;/VulnDiscussion
 
 To configure the system clock to synchronize to an authoritative DoD time source at least every 24 hours, edit the file "/etc/chrony.conf". Add or correct the following lines by replacing "[time_source]" with an authoritative DoD time source:
 
-server [time_source] maxpoll 16</fixtext><fix id="F-38000r618817_fix" /><check system="C-38037r618816_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>The SUSE operating system clock must be configured to synchronize to an authoritative DoD time source when the time difference is greater than one second. 
+server [time_source] maxpoll 16</fixtext><fix id="F-38000r618817_fix" /><check system="C-38037r618816_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>The SUSE operating system clock must be configured to synchronize to an authoritative DoD time source when the time difference is greater than one second. 
 
 Check that the SUSE operating system clock must be configured to synchronize to an authoritative DoD time source when the time difference is greater than one second with the following command:
 
@@ -1199,7 +1199,7 @@ Time stamps generated by the SUSE operating system include date and time. Time i
 
 To configure the system time zone to use UTC or GMT, run the following command, replacing [ZONE] with "UTC" or "GMT".
 
-&gt; sudo timedatectl set-timezone [ZONE]</fixtext><fix id="F-38001r618820_fix" /><check system="C-38038r618819_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured to use UTC or GMT.
+&gt; sudo timedatectl set-timezone [ZONE]</fixtext><fix id="F-38001r618820_fix" /><check system="C-38038r618819_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured to use UTC or GMT.
 
 Check that the SUSE operating system is configured to use UTC or GMT with the following command:
 
@@ -1221,7 +1221,7 @@ Configure the file integrity tool to automatically run on the system at least we
      &gt; cat /etc/cron.weekly/aide 
      0 0 * * * /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily AIDE integrity check run" root@example_server_name.mil
 
-Note: Per requirement SLES-15-010418, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-38002r902850_fix" /><check system="C-38039r880946_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system checks the baseline configuration for unauthorized changes at least once weekly.
+Note: Per requirement SLES-15-010418, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-38002r902850_fix" /><check system="C-38039r880946_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system checks the baseline configuration for unauthorized changes at least once weekly.
 
 Note: A file integrity tool other than AIDE may be used, but the tool must be executed at least once per week.
 
@@ -1238,7 +1238,7 @@ Accordingly, patches, service packs, device drivers, or SUSE operating system co
 
 Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. The SUSE operating system should not have to verify the software again. This requirement does not mandate DoD certificates for this purpose; however, the certificate used to verify the software must be from an approved Certification Authority (CA).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001749</ident><fixtext fixref="F-38003r618826_fix">Configure that the SUSE operating system tool zypper to enable gpgcheck by editing or adding the following line to "/etc/zypp/zypp.conf":
 
-gpgcheck = 1</fixtext><fix id="F-38003r618826_fix" /><check system="C-38040r618825_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system tool zypper has gpgcheck enabled.
+gpgcheck = 1</fixtext><fix id="F-38003r618826_fix" /><check system="C-38040r618825_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system tool zypper has gpgcheck enabled.
 
 Check that zypper has gpgcheck enabled with the following command: 
 
@@ -1250,7 +1250,7 @@ If "gpgcheck" is set to "0", "off", "no", or "false", this is a finding.</check-
 
 When the SUSE operating system provides the capability to change user authenticators, change security roles, or escalate a functional capability, it is critical the user reauthenticate.
 
-Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002038</ident><fixtext fixref="F-38004r618829_fix">Configure the SUSE operating system to remove any occurrence of "NOPASSWD" or "!authenticate" found in the "/etc/sudoers" file. If the system does not use passwords for authentication, the "NOPASSWD" tag may exist in the file.</fixtext><fix id="F-38004r618829_fix" /><check system="C-38041r618828_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system requires reauthentication when changing authenticators, roles, or escalating privileges.
+Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002038</ident><fixtext fixref="F-38004r618829_fix">Configure the SUSE operating system to remove any occurrence of "NOPASSWD" or "!authenticate" found in the "/etc/sudoers" file. If the system does not use passwords for authentication, the "NOPASSWD" tag may exist in the file.</fixtext><fix id="F-38004r618829_fix" /><check system="C-38041r618828_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system requires reauthentication when changing authenticators, roles, or escalating privileges.
 
 Check that "/etc/sudoers" has no occurrences of "NOPASSWD" or "!authenticate" with the following command:
 
@@ -1286,7 +1286,7 @@ Install the packages required to support multifactor authentication with the fol
 
 &gt; zypper install coolkey
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-38005r618832_fix" /><check system="C-38042r618831_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system has the packages required for multifactor authentication installed.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-38005r618832_fix" /><check system="C-38042r618831_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system has the packages required for multifactor authentication installed.
 
 Check for the presence of the packages required to support multifactor authentication with the following commands:
 
@@ -1322,7 +1322,7 @@ Modify all of the cert_policy lines in "/etc/pam_pkcs11/pam_pkcs11.conf" to incl
 
 Note: OCSP allows sending request for certificate status information. Additional certificate validation polices are permitted.
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-38006r618835_fix" /><check system="C-38043r618834_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system implements certificate status checking for multifactor authentication.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-38006r618835_fix" /><check system="C-38043r618834_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system implements certificate status checking for multifactor authentication.
 
 Check that certificate status checking for multifactor authentication is implemented with the following command:
 
@@ -1336,7 +1336,7 @@ Peripherals include but are not limited to such devices as flash drives, externa
 
 Add or update the following line to the "/etc/modprobe.d/50-blacklist.conf" file:
 
-blacklist usb-storage</fixtext><fix id="F-38007r618838_fix" /><check system="C-38044r618837_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not automount USB mass storage devices when connected to the host.
+blacklist usb-storage</fixtext><fix id="F-38007r618838_fix" /><check system="C-38044r618837_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not automount USB mass storage devices when connected to the host.
 
 Check that "usb-storage" is blacklisted in the "/etc/modprobe.d/50-blacklist.conf" file with the following command:
 
@@ -1347,7 +1347,7 @@ If nothing is output from the command, this is a finding.</check-content></check
 
 Add or change the following line in "/etc/sssd/sssd.conf" just below the line "[nss]":
 
-memcache_timeout = 86400</fixtext><fix id="F-38008r618841_fix" /><check system="C-38045r618840_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>If NSS is not used on the operating system, this is Not Applicable.
+memcache_timeout = 86400</fixtext><fix id="F-38008r618841_fix" /><check system="C-38045r618840_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>If NSS is not used on the operating system, this is Not Applicable.
 
 If NSS is used by the SUSE operating system, verify it prohibits the use of cached authentications after one day.
 
@@ -1361,7 +1361,7 @@ If "memcache_timeout" has a value greater than "86400", or is missing, this is a
 
 Add or change the following line in "/etc/sssd/sssd.conf" just below the line "[pam]":
 
-offline_credentials_expiration = 1</fixtext><fix id="F-38009r618844_fix" /><check system="C-38046r618843_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>If SSSD is not being used on the operating system, this is Not Applicable.
+offline_credentials_expiration = 1</fixtext><fix id="F-38009r618844_fix" /><check system="C-38046r618843_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>If SSSD is not being used on the operating system, this is Not Applicable.
 
 Verify that the SUSE operating system PAM prohibits the use of cached off line authentications after one day.
 
@@ -1377,13 +1377,13 @@ Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000478-GPOS-00223&lt;/VulnDiscussion
 
 Enabling FIPS mode on a preexisting system involves a number of modifications to the SUSE operating system. Refer to section 9.1, "Crypto Officer Guidance", of the following document for installation guidance:
 
-http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2435.pdf</fixtext><fix id="F-38010r618847_fix" /><check system="C-38047r618846_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is running in FIPS mode by running the following command.
+http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2435.pdf</fixtext><fix id="F-38010r618847_fix" /><check system="C-38047r618846_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is running in FIPS mode by running the following command.
 
 &gt; cat /proc/sys/crypto/fips_enabled 
 
 1
 
-If nothing is returned, the file does not exist, or the value returned is "0", this is a finding.</check-content></check></Rule></Group><Group id="V-234860"><title>SRG-OS-000423-GPOS-00187</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234860r854206_rule" weight="10.0" severity="high"><version>SLES-15-010530</version><title>All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.</title><description>&lt;VulnDiscussion&gt;Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+If nothing is returned, the file does not exist, or the value returned is "0", this is a finding.</check-content></check></Rule></Group><Group id="V-234860"><title>SRG-OS-000423-GPOS-00187</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234860r916422_rule" weight="10.0" severity="high"><version>SLES-15-010530</version><title>All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.</title><description>&lt;VulnDiscussion&gt;Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
 
 This requirement applies to both internal and external networks and all types of information system components from which information can be transmitted (e.g., servers, mobile devices, notebook computers, printers, copiers, scanners, and facsimile machines). Communication paths outside the physical protection of a controlled boundary are exposed to the possibility of interception and modification. 
 
@@ -1403,7 +1403,7 @@ Enable the OpenSSH service to start automatically on reboot with the following c
 
 For the changes to take effect immediately, start the service with the following command:
 
-&gt; sudo systemctl restart sshd.service</fixtext><fix id="F-38011r618850_fix" /><check system="C-38048r618849_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Note: If the system is not networked, this requirement is Not Applicable.
+&gt; sudo systemctl restart sshd.service</fixtext><fix id="F-38011r618850_fix" /><check system="C-38048r618849_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Note: If the system is not networked, this requirement is Not Applicable.
 
 Verify that the SUSE operating system implements SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
 
@@ -1429,7 +1429,7 @@ If "1" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "kernel.kptr_restrict=1" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38012r618853_fix" /><check system="C-38049r618852_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents leaking of internal kernel addresses.
+&gt; sudo sysctl --system</fixtext><fix id="F-38012r618853_fix" /><check system="C-38049r618852_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents leaking of internal kernel addresses.
 
 Check that the SUSE operating system prevents leaking of internal kernel addresses by running the following command:
 
@@ -1446,7 +1446,7 @@ If "2" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "kernel.randomize_va_space=2" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38013r618856_fix" /><check system="C-38050r618855_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system implements ASLR.
+&gt; sudo sysctl --system</fixtext><fix id="F-38013r618856_fix" /><check system="C-38050r618855_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system implements ASLR.
 
 Check that the SUSE operating system implements ASLR by running the following command:
 
@@ -1455,7 +1455,7 @@ Kernel.randomize_va_space = 2
 
 If the kernel parameter "randomize_va_space" is not equal to "2" or nothing is returned, this is a finding.</check-content></check></Rule></Group><Group id="V-234863"><title>SRG-OS-000437-GPOS-00194</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234863r854209_rule" weight="10.0" severity="medium"><version>SLES-15-010560</version><title>The SUSE operating system must remove all outdated software components after updated versions have been installed.</title><description>&lt;VulnDiscussion&gt;Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002617</ident><fixtext fixref="F-38014r618859_fix">Configure the SUSE operating system to remove all outdated software components after an update by editing the following line in "/etc/zypp/zypp.conf" to match the one provided below:
 
-solver.upgradeRemoveDroppedPackages = true</fixtext><fix id="F-38014r618859_fix" /><check system="C-38051r618858_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system removes all outdated software components after updated version have been installed by running the following command:
+solver.upgradeRemoveDroppedPackages = true</fixtext><fix id="F-38014r618859_fix" /><check system="C-38051r618858_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system removes all outdated software components after updated version have been installed by running the following command:
 
 &gt; grep -i upgraderemovedroppedpackages /etc/zypp/zypp.conf 
 
@@ -1473,7 +1473,7 @@ Create the aide crontab file in "/etc/cron.daily" and add following command repl
 
      0 0 * * * /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily AIDE integrity check run" root@example_server_name.mil
 
-Note: Per requirement SLES-15-010418, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-38015r902853_fix" /><check system="C-38052r902852_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system notifies the SA when AIDE discovers anomalies in the operation of any security functions.
+Note: Per requirement SLES-15-010418, the "mailx" package must be installed on the system to enable email functionality.</fixtext><fix id="F-38015r902853_fix" /><check system="C-38052r902852_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system notifies the SA when AIDE discovers anomalies in the operation of any security functions.
 
 Check to see if the aide cron job sends an email when executed with the following command:
 
@@ -1493,7 +1493,7 @@ For networked systems add a "@[Log_Server_IP_Address]" option to every active me
 
 An additional option is to capture all of the log messages and send them to a remote log host:
 
-*.* @@loghost:514</fixtext><fix id="F-38016r618865_fix" /><check system="C-38053r618864_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.
+*.* @@loghost:514</fixtext><fix id="F-38016r618865_fix" /><check system="C-38053r618864_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.
 
 For stand-alone hosts, verify with the System Administrator that the log files are off-loaded at least weekly.
 
@@ -1515,7 +1515,7 @@ For every temporary account, run the following command to set an expiration date
 
 &gt; sudo chage -E `date -d "+3 days" +%Y-%m-%d` system_account_name
 
-`date -d "+3 days" +%Y-%m-%d` sets the 72-hour expiration date for the account at the time the command is run.</fixtext><fix id="F-38017r618868_fix" /><check system="C-38054r618867_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system provisions temporary accounts with an expiration date for "72" hours.
+`date -d "+3 days" +%Y-%m-%d` sets the 72-hour expiration date for the account at the time the command is run.</fixtext><fix id="F-38017r618868_fix" /><check system="C-38054r618867_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system provisions temporary accounts with an expiration date for "72" hours.
 
 Ask the System Administrator if any temporary accounts have been added to the system. For every existing temporary account, run the following command to obtain its account expiration information:
 
@@ -1536,7 +1536,7 @@ auth required pam_tally2.so onerr=fail silent audit deny=3
 Add or modify the following line in the /etc/pam.d/common-account file:
 account required pam_tally2.so 
 
-Note: Manual changes to the listed files may be overwritten by the "pam-config" program. The "pam-config" program should not be used to update the configurations listed in this requirement.</fixtext><fix id="F-38018r618871_fix" /><check system="C-38055r618870_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system locks a user account after three consecutive failed access attempts until the locked account is released by an administrator. 
+Note: Manual changes to the listed files may be overwritten by the "pam-config" program. The "pam-config" program should not be used to update the configurations listed in this requirement.</fixtext><fix id="F-38018r618871_fix" /><check system="C-38055r618870_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system locks a user account after three consecutive failed access attempts until the locked account is released by an administrator. 
 
 Check that the system locks a user account after three consecutive failed login attempts using the following command: 
 
@@ -1558,7 +1558,7 @@ This requirement addresses concurrent sessions for information system accounts a
 
 Add the following line to the file "/etc/security/limits.conf":
 
-* hard maxlogins 10</fixtext><fix id="F-38019r618874_fix" /><check system="C-38056r618873_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system limits the number of concurrent sessions to 10 for all accounts and/or account types by running the following command:
+* hard maxlogins 10</fixtext><fix id="F-38019r618874_fix" /><check system="C-38056r618873_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system limits the number of concurrent sessions to 10 for all accounts and/or account types by running the following command:
 
 &gt; grep "maxlogins" /etc/security/limits.conf
 
@@ -1580,7 +1580,7 @@ Satisfies: SRG-OS-000068-GPOS-00036, SRG-OS-000105-GPOS-00052, SRG-OS-000106-GPO
 
 Add or update "pam_pkcs11.so" in "/etc/pam.d/common-auth" to match the following line:
 
-auth sufficient pam_pkcs11.so</fixtext><fix id="F-38020r618877_fix" /><check system="C-38057r618876_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system implements multifactor authentication for remote access to privileged accounts via PAM.
+auth sufficient pam_pkcs11.so</fixtext><fix id="F-38020r618877_fix" /><check system="C-38057r618876_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system implements multifactor authentication for remote access to privileged accounts via PAM.
 
 Check that the "pam_pkcs11.so" option is configured in the "/etc/pam.d/common-auth" file with the following command:
 
@@ -1600,22 +1600,22 @@ Requiring individuals to be authenticated with an individual authenticator prior
 
 Edit the appropriate "/etc/ssh/sshd_config" file, add or uncomment the line for "PermitRootLogin" and set its value to "no" (this file may be named differently or be in a different location):
 
-PermitRootLogin no</fixtext><fix id="F-38021r618880_fix" /><check system="C-38058r618879_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.
+PermitRootLogin no</fixtext><fix id="F-38021r618880_fix" /><check system="C-38058r618879_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.
 
 Check that SSH denies any user trying to log on directly as root with the following command:
 
 &gt; sudo grep -i permitrootlogin /etc/ssh/sshd_config
 PermitRootLogin no
 
-If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-234871"><title>SRG-OS-000118-GPOS-00060</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234871r622137_rule" weight="10.0" severity="medium"><version>SLES-15-020050</version><title>The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration.</title><description>&lt;VulnDiscussion&gt;Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
+If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-234871"><title>SRG-OS-000118-GPOS-00060</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234871r928531_rule" weight="10.0" severity="medium"><version>SLES-15-020050</version><title>The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration.</title><description>&lt;VulnDiscussion&gt;Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
 
-The SUSE operating system needs to track periods of inactivity and disable application identifiers after 35 days of inactivity.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-38022r618883_fix">Configure the SUSE operating system to disable account identifiers after 35 days of inactivity after the password expiration. 
+The SUSE operating system needs to track periods of inactivity and disable application identifiers after 35 days of inactivity.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000795</ident><fixtext fixref="F-38022r928530_fix">Configure the SUSE operating system to disable account identifiers after 35 days of inactivity since the password expiration. 
 
-Run the following command to change the configuration for "useradd" to disable the account identifier after "35" days:
+Run the following command to change the configuration for "useradd" to disable the account identifier after 35 days:
 
 &gt; sudo useradd -D -f 35
 
-DoD recommendation is "35" days, but a lower value greater than "0" is acceptable.</fixtext><fix id="F-38022r618883_fix" /><check system="C-38059r618882_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system disables account identifiers after 35 days of inactivity after the password expiration
+DOD recommendation is 35 days, but a lower value greater than "0" is acceptable.</fixtext><fix id="F-38022r928530_fix" /><check system="C-38059r928529_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system disables account identifiers after 35 days of inactivity since the password expiration.
 
 Check the account inactivity value by performing the following command:
 
@@ -1631,7 +1631,7 @@ To address access requirements the SUSE operating system can be integrated with
 
 Replace "[Emergency_Administrator]" in the following command with the correct emergency administrator account. Run the following command as an administrator:
 
-&gt; sudo chage -I -1 -M 99999 [Emergency_Administrator]</fixtext><fix id="F-38023r618886_fix" /><check system="C-38060r618885_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured such that emergency administrator accounts are never automatically removed or disabled. 
+&gt; sudo chage -I -1 -M 99999 [Emergency_Administrator]</fixtext><fix id="F-38023r618886_fix" /><check system="C-38060r618885_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured such that emergency administrator accounts are never automatically removed or disabled. 
 
 Note: Root is typically the "account of last resort" on a system and is also used as the example emergency administrator account. If another account is being used as the emergency administrator account, the command should be used against that account. 
 
@@ -1645,7 +1645,7 @@ If "Password expires" or "Account expires" is set to anything other than "never"
 
 Add the following line to the top of "/etc/pam.d/login":
 
-session required pam_lastlog.so showfailed</fixtext><fix id="F-38024r618889_fix" /><check system="C-38061r618888_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system users are provided with feedback on when account accesses last occurred.
+session required pam_lastlog.so showfailed</fixtext><fix id="F-38024r618889_fix" /><check system="C-38061r618888_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system users are provided with feedback on when account accesses last occurred.
 
 Check that "pam_lastlog" is used and not silent with the following command:
 
@@ -1657,7 +1657,7 @@ If "pam_lastlog" is missing from "/etc/pam.d/login" file, the "silent" option is
 
 Remove accounts that do not support approved system activities or that allow for a normal user to perform administrative-level actions. 
 
-Document all authorized accounts on the system.</fixtext><fix id="F-38025r618892_fix" /><check system="C-38062r618891_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify all SUSE operating system accounts are assigned to an active system, application, or user account.
+Document all authorized accounts on the system.</fixtext><fix id="F-38025r618892_fix" /><check system="C-38062r618891_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system accounts are assigned to an active system, application, or user account.
 
 Obtain the list of authorized system accounts from the Information System Security Officer (ISSO).
 
@@ -1674,7 +1674,7 @@ If the accounts on the system do not match the provided documentation, this is a
 
 Run the following command to disable the interactive shell for a specific non-interactive user account:
 
-&gt; sudo usermod --shell /sbin/nologin nobody</fixtext><fix id="F-38026r618895_fix" /><check system="C-38063r618894_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify all non-interactive SUSE operating system accounts do not have an interactive shell assigned to them.
+&gt; sudo usermod --shell /sbin/nologin nobody</fixtext><fix id="F-38026r618895_fix" /><check system="C-38063r618894_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify all non-interactive SUSE operating system accounts do not have an interactive shell assigned to them.
 
 Obtain the list of authorized system accounts from the Information System Security Officer (ISSO).
 
@@ -1686,7 +1686,7 @@ nobody:65534:/bin/bash
 
 If a non-interactive accounts such as "games" or "nobody" is listed with an interactive shell, this is a finding.</check-content></check></Rule></Group><Group id="V-234876"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234876r622137_rule" weight="10.0" severity="high"><version>SLES-15-020100</version><title>The SUSE operating system root account must be the only account with unrestricted access to the system.</title><description>&lt;VulnDiscussion&gt;If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire SUSE operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38027r618898_fix">Change the UID of any account on the SUSE operating system, other than the root account, that has a UID of "0". 
 
-If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.</fixtext><fix id="F-38027r618898_fix" /><check system="C-38064r618897_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system root account is the only account with unrestricted access to the system.
+If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.</fixtext><fix id="F-38027r618898_fix" /><check system="C-38064r618897_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system root account is the only account with unrestricted access to the system.
 
 Check the system for duplicate UID "0" assignments with the following command:
 
@@ -1696,7 +1696,7 @@ root
 
 If any accounts other than root have a UID of "0", this is a finding.</check-content></check></Rule></Group><Group id="V-234877"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234877r622137_rule" weight="10.0" severity="medium"><version>SLES-15-020101</version><title>The SUSE operating system must restrict privilege elevation to authorized personnel.</title><description>&lt;VulnDiscussion&gt;The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38028r618901_fix">Remove the following entries from the sudoers file:
 ALL     ALL=(ALL) ALL
-ALL     ALL=(ALL:ALL) ALL</fixtext><fix id="F-38028r618901_fix" /><check system="C-38065r618900_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the "sudoers" file restricts sudo access to authorized personnel.
+ALL     ALL=(ALL:ALL) ALL</fixtext><fix id="F-38028r618901_fix" /><check system="C-38065r618900_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the "sudoers" file restricts sudo access to authorized personnel.
 &gt; sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*
 
 If the either of the following entries are returned, this is a finding:
@@ -1712,7 +1712,7 @@ Edit the /etc/sudoers file:
 
 Add or modify the following line:
 Defaults timestamp_timeout=[value]
-Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-38029r618904_fix" /><check system="C-38066r861107_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
+Note: The "[value]" must be a number that is greater than or equal to "0".</fixtext><fix id="F-38029r618904_fix" /><check system="C-38066r861107_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system requires re-authentication when using the "sudo" command to elevate privileges.
 
 &gt; sudo grep -ir 'timestamp_timeout' /etc/sudoers /etc/sudoers.d
 /etc/sudoers:Defaults timestamp_timeout=0
@@ -1724,7 +1724,7 @@ For more information on each of the listed configurations, reference the sudoers
 
 Defaults !targetpw
 Defaults !rootpw
-Defaults !runaspw</fixtext><fix id="F-38030r618907_fix" /><check system="C-38067r833009_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
+Defaults !runaspw</fixtext><fix id="F-38030r618907_fix" /><check system="C-38067r833009_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.
 
 &gt; sudo egrep -ir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'
 
@@ -1737,7 +1737,7 @@ If "Defaults !targetpw" is not defined, this is a finding.
 If "Defaults !rootpw" is not defined, this is a finding.
 If "Defaults !runaspw" is not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-234880"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234880r622137_rule" weight="10.0" severity="medium"><version>SLES-15-020110</version><title>All SUSE operating system local interactive user accounts, upon creation, must be assigned a home directory.</title><description>&lt;VulnDiscussion&gt;If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38031r618910_fix">Configure the SUSE operating system to assign home directories to all new local interactive users by setting the "CREATE_HOME" parameter in "/etc/login.defs" to "yes" as follows.
 
-CREATE_HOME yes</fixtext><fix id="F-38031r618910_fix" /><check system="C-38068r618909_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify all SUSE operating system local interactive users on the system are assigned a home directory upon creation.
+CREATE_HOME yes</fixtext><fix id="F-38031r618910_fix" /><check system="C-38068r618909_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system local interactive users on the system are assigned a home directory upon creation.
 
 Check to see if the system is configured to create home directories for local interactive users with the following command:
 
@@ -1748,7 +1748,7 @@ If the value for "CREATE_HOME" parameter is not set to "yes", the line is missin
 
 Add or edit the following lines in the "/etc/ssh/sshd_config" file:
 
-PrintLastLog yes</fixtext><fix id="F-38032r618913_fix" /><check system="C-38069r618912_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify all remote connections via SSH to the SUSE operating system display feedback on when account accesses last occurred.
+PrintLastLog yes</fixtext><fix id="F-38032r618913_fix" /><check system="C-38069r618912_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify all remote connections via SSH to the SUSE operating system display feedback on when account accesses last occurred.
 
 Check that "PrintLastLog" keyword in the sshd daemon configuration file is used and set to "yes" with the following command:
 
@@ -1759,7 +1759,7 @@ If the "PrintLastLog" keyword is set to "no", is missing, or is commented out, t
 
 Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000192</ident><fixtext fixref="F-38033r618916_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one uppercase character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ucredit=-1" after the third column.</fixtext><fix id="F-38033r618916_fix" /><check system="C-38070r618915_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring at least one uppercase character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ucredit=-1" after the third column.</fixtext><fix id="F-38033r618916_fix" /><check system="C-38070r618915_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring at least one uppercase character.
 
 Check that the operating system enforces password complexity by requiring that at least one uppercase character be used by using the following command:
 
@@ -1770,7 +1770,7 @@ If the command does not return anything, the returned line is commented out, or
 
 Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000193</ident><fixtext fixref="F-38034r618919_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one lowercase character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "lcredit=-1" after the third column.</fixtext><fix id="F-38034r618919_fix" /><check system="C-38071r618918_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one lowercase character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "lcredit=-1" after the third column.</fixtext><fix id="F-38034r618919_fix" /><check system="C-38071r618918_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one lowercase character.
 
 Check that the operating system enforces password complexity by requiring that at least one lowercase character be used by using the following command:
 
@@ -1781,7 +1781,7 @@ If the command does not return anything, the returned line is commented out, or
 
 Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000194</ident><fixtext fixref="F-38035r618922_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one numeric character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "dcredit=-1" after the third column.</fixtext><fix id="F-38035r618922_fix" /><check system="C-38072r618921_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one numeric character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "dcredit=-1" after the third column.</fixtext><fix id="F-38035r618922_fix" /><check system="C-38072r618921_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring that at least one numeric character.
 
 Check that the operating system enforces password complexity by requiring that at least one numeric character be used by using the following command:
 
@@ -1790,7 +1790,7 @@ password requisite pam_cracklib.so dcredit=-1
 
 If the command does not return anything, the returned line is commented out, or has a second column value different from "requisite", or does not contain "dcredit=-1", this is a finding.</check-content></check></Rule></Group><Group id="V-234885"><title>SRG-OS-000072-GPOS-00040</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234885r622137_rule" weight="10.0" severity="medium"><version>SLES-15-020160</version><title>The SUSE operating system must require the change of at least eight of the total number of characters when passwords are changed.</title><description>&lt;VulnDiscussion&gt;If the SUSE operating system allows the user to consecutively reuse extensive portions of passwords, this increases the chances of password compromise by increasing the window of opportunity for attempts at guessing and brute-force attacks.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000195</ident><fixtext fixref="F-38036r618925_fix">Configure the SUSE operating system to require at least eight characters be changed between the old and new passwords during a password change with the following command:
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "difok=8" after the third column.</fixtext><fix id="F-38036r618925_fix" /><check system="C-38073r618924_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system requires at least eight characters be changed between the old and new passwords during a password change.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "difok=8" after the third column.</fixtext><fix id="F-38036r618925_fix" /><check system="C-38073r618924_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system requires at least eight characters be changed between the old and new passwords during a password change.
 
 Check that the operating system requires at least eight characters be changed between the old and new passwords during a password change by running the following command:
 
@@ -1799,7 +1799,7 @@ password requisite pam_cracklib.so difok=8
 
 If the command does not return anything, the returned line is commented out, or has a second column value different from "requisite", or does not contain "difok", or the value is less than "8", this is a finding.</check-content></check></Rule></Group><Group id="V-234886"><title>SRG-OS-000073-GPOS-00041</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234886r877397_rule" weight="10.0" severity="medium"><version>SLES-15-020170</version><title>The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords.</title><description>&lt;VulnDiscussion&gt;Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000196</ident><fixtext fixref="F-38037r618928_fix">Configure the SUSE operating system Linux PAM to only store encrypted representations of passwords. All account passwords must be hashed with SHA512 encryption strength.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_unix.so" to contain the SHA512 keyword after third column. Remove the "nullok" option.</fixtext><fix id="F-38037r618928_fix" /><check system="C-38074r618927_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system configures the Linux PAM to only store encrypted representations of passwords. All account passwords must be hashed with SHA512 encryption strength.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_unix.so" to contain the SHA512 keyword after third column. Remove the "nullok" option.</fixtext><fix id="F-38037r618928_fix" /><check system="C-38074r618927_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system configures the Linux PAM to only store encrypted representations of passwords. All account passwords must be hashed with SHA512 encryption strength.
 
 Check that PAM is configured to create SHA512 hashed passwords by running the following command:
 
@@ -1816,7 +1816,7 @@ Edit/modify the following line in the "/etc/login.defs" file and set "ENCRYPT_ME
 
 ENCRYPT_METHOD SHA512
 
-Lock all interactive user accounts not using SHA512 hashing until the passwords can be regenerated.</fixtext><fix id="F-38038r618931_fix" /><check system="C-38075r618930_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system requires the shadow password suite configuration be set to encrypt interactive user passwords using a strong cryptographic hash.
+Lock all interactive user accounts not using SHA512 hashing until the passwords can be regenerated.</fixtext><fix id="F-38038r618931_fix" /><check system="C-38075r618930_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system requires the shadow password suite configuration be set to encrypt interactive user passwords using a strong cryptographic hash.
 
 Check that the interactive user account passwords are using a strong password hash with the following command:
 
@@ -1834,7 +1834,7 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061&lt;/VulnDiscussion
 
 Edit/modify the following line in the "/etc/login.defs" file and set "SHA_CRYPT_MIN_ROUNDS" to a value no lower than "5000":
 
-SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-38039r618934_fix" /><check system="C-38076r618933_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system configures the shadow password suite configuration to encrypt passwords using a strong cryptographic hash.
+SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-38039r618934_fix" /><check system="C-38076r618933_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system configures the shadow password suite configuration to encrypt passwords using a strong cryptographic hash.
 
 Check that a minimum number of hash rounds is configured by running the following command:
 
@@ -1848,7 +1848,7 @@ Edit the file "/etc/login.defs" and add or correct the following line. Replace [
 
 PASS_MIN_DAYS [DAYS]
 
-The DoD requirement is "1" but a greater value is acceptable.</fixtext><fix id="F-38040r618937_fix" /><check system="C-38077r618936_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system creates or updates passwords with minimum password age of one day or greater.
+The DoD requirement is "1" but a greater value is acceptable.</fixtext><fix id="F-38040r618937_fix" /><check system="C-38077r618936_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system creates or updates passwords with minimum password age of one day or greater.
 
 To check that the SUSE operating system enforces 24 hours/one day as the minimum password age, run the following command:
 
@@ -1860,7 +1860,7 @@ If no output is produced, or if "PASS_MIN_DAYS" does not have a value of "1" or
 
 Change the minimum time period between password changes for each [USER] account to "1" day with the command, replacing [USER] with the user account that must be changed:
 
-&gt; sudo passwd -n 1 [USER]</fixtext><fix id="F-38041r618940_fix" /><check system="C-38078r618939_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum time period between password changes for each user account of one day or greater.
+&gt; sudo passwd -n 1 [USER]</fixtext><fix id="F-38041r618940_fix" /><check system="C-38078r618939_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum time period between password changes for each user account of one day or greater.
 
 Check the minimum time period between password changes for each user account with the following command:
 
@@ -1874,7 +1874,7 @@ Edit the file "/etc/login.defs" and add or correct the following line. Replace [
 
 PASS_MAX_DAYS [DAYS]
 
-The DoD requirement is 60 days or less (greater than zero, as zero days will lock the account immediately).</fixtext><fix id="F-38042r618943_fix" /><check system="C-38079r618942_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system is configured to create or update passwords with a maximum password age of 60 days or less.
+The DoD requirement is 60 days or less (greater than zero, as zero days will lock the account immediately).</fixtext><fix id="F-38042r618943_fix" /><check system="C-38079r618942_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system is configured to create or update passwords with a maximum password age of 60 days or less.
 
 Check that the SUSE operating system enforces 60 days or less as the maximum password age with the following command:
 
@@ -1886,7 +1886,7 @@ If no output is produced, or if "PASS_MAX_DAYS" is not set to "60" days or less,
 
 &gt; sudo passwd -x 60 [USER]
 
-The DoD requirement is 60 days.</fixtext><fix id="F-38043r618946_fix" /><check system="C-38080r618945_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system enforces a maximum user password age of 60 days or less.
+The DoD requirement is 60 days.</fixtext><fix id="F-38043r618946_fix" /><check system="C-38080r618945_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system enforces a maximum user password age of 60 days or less.
 
 Check that the SUSE operating system enforces 60 days or less as the maximum user password age with the following command:
 
@@ -1896,7 +1896,7 @@ If any results are returned that are not associated with a system account, this
 
 &gt; sudo touch /etc/security/opasswd
 &gt; sudo chown root:root /etc/security/opasswd
-&gt; sudo chmod 0600 /etc/security/opasswd</fixtext><fix id="F-38044r618949_fix" /><check system="C-38081r618948_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the password history file exists on the SUSE operating system.
+&gt; sudo chmod 0600 /etc/security/opasswd</fixtext><fix id="F-38044r618949_fix" /><check system="C-38081r618948_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the password history file exists on the SUSE operating system.
 
 Check that the password history file exists with the following command:
 
@@ -1906,7 +1906,7 @@ Check that the password history file exists with the following command:
 
 If "/etc/security/opasswd" does not exist, this is a finding.</check-content></check></Rule></Group><Group id="V-234894"><title>SRG-OS-000077-GPOS-00045</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234894r622137_rule" weight="10.0" severity="medium"><version>SLES-15-020250</version><title>The SUSE operating system must not allow passwords to be reused for a minimum of five generations.</title><description>&lt;VulnDiscussion&gt;Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the end result is a password that is not changed as per policy requirements.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000200</ident><fixtext fixref="F-38045r618952_fix">Configure the SUSE operating system password history to prohibit the reuse of a password for a minimum of five generations.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_pwhistory.so" to contain the option "remember=5 use_authtok" after the third column.</fixtext><fix id="F-38045r618952_fix" /><check system="C-38082r618951_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prohibits the reuse of a password for a minimum of five generations.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_pwhistory.so" to contain the option "remember=5 use_authtok" after the third column.</fixtext><fix id="F-38045r618952_fix" /><check system="C-38082r618951_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prohibits the reuse of a password for a minimum of five generations.
 
 Check that the SUSE operating system prohibits the reuse of a password for a minimum of five generations with the following command:
 
@@ -1920,7 +1920,7 @@ Password complexity, or strength, is a measure of the effectiveness of a passwor
 
 Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "minlen=15" after the third column.
 
-The DoD standard requires a minimum 15-character password length.</fixtext><fix id="F-38046r618955_fix" /><check system="C-38083r618954_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum 15-character password length.
+The DoD standard requires a minimum 15-character password length.</fixtext><fix id="F-38046r618955_fix" /><check system="C-38083r618954_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a minimum 15-character password length.
 
 Check that the operating system enforces a minimum 15-character password length with the following command:
 
@@ -1933,7 +1933,7 @@ Password complexity is one factor in determining how long it takes to crack a pa
 
 Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001619</ident><fixtext fixref="F-38047r618958_fix">Configure the SUSE operating system to enforce password complexity by requiring at least one special character.
 
-Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ocredit=-1" after the third column.</fixtext><fix id="F-38047r618958_fix" /><check system="C-38084r618957_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring at least one special character.
+Edit "/etc/pam.d/common-password" and edit the line containing "pam_cracklib.so" to contain the option "ocredit=-1" after the third column.</fixtext><fix id="F-38047r618958_fix" /><check system="C-38084r618957_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces password complexity by requiring at least one special character.
 
 Check that the operating system enforces password complexity by requiring at least one special character using the following command:
 
@@ -1944,7 +1944,7 @@ If the command does not return anything, the returned line is commented out, or
 
 Edit "/etc/pam.d/common-password" and add the following line:
 
-password requisite pam_cracklib.so</fixtext><fix id="F-38048r618961_fix" /><check system="C-38085r618960_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system prevents the use of dictionary words for passwords.
+password requisite pam_cracklib.so</fixtext><fix id="F-38048r618961_fix" /><check system="C-38085r618960_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system prevents the use of dictionary words for passwords.
 
 Check that the SUSE operating system prevents the use of dictionary words for passwords with the following command:
 
@@ -1953,7 +1953,7 @@ password requisite pam_cracklib.so
 
 If the command does not return anything, or the returned line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-234898"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234898r622137_rule" weight="10.0" severity="high"><version>SLES-15-020300</version><title>The SUSE operating system must not be configured to allow blank or null passwords.</title><description>&lt;VulnDiscussion&gt;Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38049r618964_fix">Configure the SUSE operating system to not allow blank or null passwords.
 
-Remove any instances of the "nullok" option in "/etc/pam.d/common-auth" and "/etc/pam.d/common-password" to prevent logons with empty passwords.</fixtext><fix id="F-38049r618964_fix" /><check system="C-38086r618963_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to allow blank or null passwords.
+Remove any instances of the "nullok" option in "/etc/pam.d/common-auth" and "/etc/pam.d/common-password" to prevent logons with empty passwords.</fixtext><fix id="F-38049r618964_fix" /><check system="C-38086r618963_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to allow blank or null passwords.
 
 Check that blank or null passwords cannot be used by running the following command:
 
@@ -1977,7 +1977,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38050r618967_fix" /><check system="C-38087r618966_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/passwd" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38050r618967_fix" /><check system="C-38087r618966_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/passwd" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -2004,7 +2004,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38051r618970_fix" /><check system="C-38088r618969_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/group" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38051r618970_fix" /><check system="C-38088r618969_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/group" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -2031,7 +2031,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38052r618973_fix" /><check system="C-38089r618972_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/shadow" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38052r618973_fix" /><check system="C-38089r618972_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/shadow" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -2058,7 +2058,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38053r618976_fix" /><check system="C-38090r618975_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/security/opasswd" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38053r618976_fix" /><check system="C-38090r618975_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when modifications occur to the "/etc/security/opasswd" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -2085,7 +2085,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38054r618979_fix" /><check system="C-38091r618978_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/gshadow" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38054r618979_fix" /><check system="C-38091r618978_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications occur to the "/etc/gshadow" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -2105,7 +2105,7 @@ Associating event types with detected events in the SUSE operating system audit
 Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPOS-00016, SRG-OS-000039-GPOS-00017, SRG-OS-000040-GPOS-00018, SRG-OS-000041-GPOS-00019, SRG-OS-000042-GPOS-00021, SRG-OS-000051-GPOS-00024, SRG-OS-000054-GPOS-00025, SRG-OS-000122-GPOS-00063, SRG-OS-000254-GPOS-00095, SRG-OS-000255-GPOS-00096, SRG-OS-000392-GPOS-00172&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000130</ident><ident system="http://cyber.mil/cci">CCI-000131</ident><ident system="http://cyber.mil/cci">CCI-000132</ident><ident system="http://cyber.mil/cci">CCI-000133</ident><ident system="http://cyber.mil/cci">CCI-000134</ident><ident system="http://cyber.mil/cci">CCI-000135</ident><ident system="http://cyber.mil/cci">CCI-000154</ident><ident system="http://cyber.mil/cci">CCI-000158</ident><ident system="http://cyber.mil/cci">CCI-001464</ident><ident system="http://cyber.mil/cci">CCI-001487</ident><ident system="http://cyber.mil/cci">CCI-001876</ident><ident system="http://cyber.mil/cci">CCI-002884</ident><fixtext fixref="F-38055r618982_fix">Enable the SUSE operating system auditd service by performing the following commands:
 
 &gt; sudo systemctl enable auditd.service
-&gt; sudo systemctl start auditd.service</fixtext><fix id="F-38055r618982_fix" /><check system="C-38092r618981_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system produces audit records.
+&gt; sudo systemctl start auditd.service</fixtext><fix id="F-38055r618982_fix" /><check system="C-38092r618981_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system produces audit records.
 
 Check that the SUSE operating system produces audit records by running the following command to determine the current status of the auditd service:
 
@@ -2131,7 +2131,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38056r618985_fix" /><check system="C-38093r618984_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-keysign" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38056r618985_fix" /><check system="C-38093r618984_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-keysign" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2158,7 +2158,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38057r618988_fix" /><check system="C-38094r618987_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passwd" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38057r618988_fix" /><check system="C-38094r618987_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passwd" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2185,7 +2185,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38058r618991_fix" /><check system="C-38095r618990_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "gpasswd" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38058r618991_fix" /><check system="C-38095r618990_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "gpasswd" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2212,7 +2212,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38059r618994_fix" /><check system="C-38096r618993_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "newgrp" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38059r618994_fix" /><check system="C-38096r618993_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "newgrp" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2239,7 +2239,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38060r618997_fix" /><check system="C-38097r618996_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chsh" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38060r618997_fix" /><check system="C-38097r618996_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chsh" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2267,7 +2267,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38061r619000_fix" /><check system="C-38098r618999_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "unix_chkpwd" or "unix2_chkpwd" commands.
+&gt; sudo augenrules --load</fixtext><fix id="F-38061r619000_fix" /><check system="C-38098r618999_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "unix_chkpwd" or "unix2_chkpwd" commands.
 
 Check that the commands are being audited by performing the following command:
 
@@ -2295,7 +2295,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38062r619003_fix" /><check system="C-38099r619002_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "chage" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38062r619003_fix" /><check system="C-38099r619002_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "chage" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2322,7 +2322,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38063r619006_fix" /><check system="C-38100r619005_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "crontab" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38063r619006_fix" /><check system="C-38100r619005_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "crontab" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2351,7 +2351,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38064r619009_fix" /><check system="C-38101r619008_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to access the "/etc/sudoers" file and files in the "/etc/sudoers.d/" directory.
+&gt; sudo augenrules --load</fixtext><fix id="F-38064r619009_fix" /><check system="C-38101r619008_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system generates audit records when successful/unsuccessful attempts to access the "/etc/sudoers" file and files in the "/etc/sudoers.d/" directory.
 
 Check that the file and directory is being audited by performing the following command:
 
@@ -2383,7 +2383,7 @@ To reload the rules file, restart the audit daemon:
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38065r854231_fix" /><check system="C-38102r809461_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" system calls.
+&gt; sudo augenrules --load</fixtext><fix id="F-38065r854231_fix" /><check system="C-38102r809461_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" system calls.
 
 Check that the system calls are being audited by performing the following command:
 
@@ -2419,7 +2419,7 @@ To reload the rules file, restart the audit daemon:
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38069r854233_fix" /><check system="C-38106r809464_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" system calls.
+&gt; sudo augenrules --load</fixtext><fix id="F-38069r854233_fix" /><check system="C-38106r809464_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setxattr", "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and "lremovexattr" system calls.
 
 Check that the system calls are being audited by performing the following command:
 
@@ -2448,7 +2448,7 @@ To reload the rules file, restart the audit daemon:
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38075r854235_fix" /><check system="C-38112r809467_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chown", "fchown", "fchownat", and "lchown" system calls.
+&gt; sudo augenrules --load</fixtext><fix id="F-38075r854235_fix" /><check system="C-38112r809467_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chown", "fchown", "fchownat", and "lchown" system calls.
 
 Check that the system calls are being audited by performing the following command:
 
@@ -2477,7 +2477,7 @@ To reload the rules file, restart the audit daemon:
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38079r854237_fix" /><check system="C-38116r809470_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod", "fchmod" a,nd "fchmodat" system calls.
+&gt; sudo augenrules --load</fixtext><fix id="F-38079r854237_fix" /><check system="C-38116r809470_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod", "fchmod" a,nd "fchmodat" system calls.
 
 Check that the system calls are being audited by performing the following command:
 
@@ -2505,7 +2505,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38083r619066_fix" /><check system="C-38120r619065_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "sudoedit" command. 
+&gt; sudo augenrules --load</fixtext><fix id="F-38083r619066_fix" /><check system="C-38120r619065_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify an audit record is generated for all uses of the "sudoedit" command. 
 
 Check that the command is being audited by performing the following command:
 
@@ -2532,7 +2532,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38084r619069_fix" /><check system="C-38121r619068_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chfn" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38084r619069_fix" /><check system="C-38121r619068_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chfn" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2560,7 +2560,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38085r619072_fix" /><check system="C-38122r619071_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "mount" system call.
+&gt; sudo augenrules --load</fixtext><fix id="F-38085r619072_fix" /><check system="C-38122r619071_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "mount" system call.
 
 Check that the system call is being audited by performing the following command:
 
@@ -2590,7 +2590,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38086r619075_fix" /><check system="C-38123r619074_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "umount" and "umount2" system calls.
+&gt; sudo augenrules --load</fixtext><fix id="F-38086r619075_fix" /><check system="C-38123r619074_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "umount" and "umount2" system calls.
 
 Check that the system calls are being audited by performing the following command:
 
@@ -2619,7 +2619,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38087r619078_fix" /><check system="C-38124r619077_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-agent" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38087r619078_fix" /><check system="C-38124r619077_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "ssh-agent" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2656,7 +2656,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38088r619081_fix" /><check system="C-38125r619080_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is generates an audit record for all uses of the "insmod" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38088r619081_fix" /><check system="C-38125r619080_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is generates an audit record for all uses of the "insmod" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2695,7 +2695,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38089r619084_fix" /><check system="C-38126r619083_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "rmmod" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38089r619084_fix" /><check system="C-38126r619083_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "rmmod" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2734,7 +2734,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38090r619087_fix" /><check system="C-38127r619086_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "modprobe" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38090r619087_fix" /><check system="C-38127r619086_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "modprobe" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2773,7 +2773,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38091r619090_fix" /><check system="C-38128r619089_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "kmod" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38091r619090_fix" /><check system="C-38128r619089_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "kmod" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2802,7 +2802,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38092r619093_fix" /><check system="C-38129r619092_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38092r619093_fix" /><check system="C-38129r619092_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chmod" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2829,7 +2829,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38093r619096_fix" /><check system="C-38130r619095_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setfacl" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38093r619096_fix" /><check system="C-38130r619095_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "setfacl" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2856,7 +2856,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38094r619099_fix" /><check system="C-38131r619098_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chacl" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38094r619099_fix" /><check system="C-38131r619098_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chacl" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2883,7 +2883,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38095r619102_fix" /><check system="C-38132r619101_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chcon" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38095r619102_fix" /><check system="C-38132r619101_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "chcon" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2910,7 +2910,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38096r619105_fix" /><check system="C-38133r619104_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "rm" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38096r619105_fix" /><check system="C-38133r619104_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "rm" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -2937,7 +2937,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38097r619108_fix" /><check system="C-38134r619107_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "tallylog" file occur.
+&gt; sudo augenrules --load</fixtext><fix id="F-38097r619108_fix" /><check system="C-38134r619107_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "tallylog" file occur.
 
 Check that the file is being audited by performing the following command:
 
@@ -2964,7 +2964,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38098r619111_fix" /><check system="C-38135r619110_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "lastlog" file occur.
+&gt; sudo augenrules --load</fixtext><fix id="F-38098r619111_fix" /><check system="C-38135r619110_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record when all modifications to the "lastlog" file occur.
 
 Check that the file is being audited by performing the following command:
 
@@ -2991,7 +2991,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38099r619114_fix" /><check system="C-38136r619113_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passmass" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38099r619114_fix" /><check system="C-38136r619113_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "passmass" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -3018,7 +3018,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38100r619117_fix" /><check system="C-38137r619116_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "usermod" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38100r619117_fix" /><check system="C-38137r619116_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "usermod" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -3045,7 +3045,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38101r619120_fix" /><check system="C-38138r619119_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "pam_timestamp_check" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38101r619120_fix" /><check system="C-38138r619119_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "pam_timestamp_check" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -3073,7 +3073,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38102r619123_fix" /><check system="C-38139r619122_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "delete_module" system call.
+&gt; sudo augenrules --load</fixtext><fix id="F-38102r619123_fix" /><check system="C-38139r619122_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "delete_module" system call.
 
 Check that the system call is being audited by performing the following command:
 
@@ -3102,7 +3102,7 @@ To reload the rules file, restart the audit daemon:
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38103r854259_fix" /><check system="C-38140r809473_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "init_module" and "finit_module" system calls.
+&gt; sudo augenrules --load</fixtext><fix id="F-38103r854259_fix" /><check system="C-38140r809473_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "init_module" and "finit_module" system calls.
 
 Check that the system calls are being audited by performing the following command:
 
@@ -3130,7 +3130,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38105r619132_fix" /><check system="C-38142r619131_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "su" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38105r619132_fix" /><check system="C-38142r619131_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "su" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -3157,7 +3157,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38106r619135_fix" /><check system="C-38143r619134_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "sudo" command.
+&gt; sudo augenrules --load</fixtext><fix id="F-38106r619135_fix" /><check system="C-38143r619134_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any use of the "sudo" command.
 
 Check that the command is being audited by performing the following command:
 
@@ -3176,7 +3176,7 @@ This requirement applies to each audit data storage repository (i.e., distinct i
 
 Edit the following line in "/etc/audit/auditd.conf" to ensure that administrators are notified via email for those situations:
 
-action_mail_acct = root</fixtext><fix id="F-38107r619138_fix" /><check system="C-38144r619137_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by inspecting "/etc/audit/auditd.conf".
+action_mail_acct = root</fixtext><fix id="F-38107r619138_fix" /><check system="C-38144r619137_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by inspecting "/etc/audit/auditd.conf".
 
 Check if the system is configured to send email to an account when it needs to notify an administrator with the following command: 
 
@@ -3200,7 +3200,7 @@ Configure an alias for root that forwards to a monitored email address with the
 
 The following command must be run to implement changes to the /etc/aliases file:
 
-&gt; sudo newaliases</fixtext><fix id="F-38108r619141_fix" /><check system="C-38145r619140_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by checking that "/etc/aliases" has a defined value for root.
+&gt; sudo newaliases</fixtext><fix id="F-38108r619141_fix" /><check system="C-38145r619140_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the administrators are notified in the event of a SUSE operating system audit processing failure by checking that "/etc/aliases" has a defined value for root.
 
 &gt; grep -i "^postmaster:" /etc/aliases
 
@@ -3223,7 +3223,7 @@ When availability is an overriding concern, other approved actions in response t
 
 Add or update the following line (depending on configuration "disk_full_action" can be set to "SYSLOG", "SINGLE", or "HALT" depending on configuration) in "/etc/audit/auditd.conf" file:
 
-disk_full_action = HALT</fixtext><fix id="F-38109r619144_fix" /><check system="C-38146r619143_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system takes the appropriate action when the audit storage volume is full. 
+disk_full_action = HALT</fixtext><fix id="F-38109r619144_fix" /><check system="C-38146r619143_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system takes the appropriate action when the audit storage volume is full. 
 
 Check that the SUSE operating system takes the appropriate action when the audit storage volume is full with the following command:
 
@@ -3244,7 +3244,7 @@ Add or update the following rules in "/etc/permissions.local":
 
 Set the correct permissions with the following command:
 
-&gt; sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-38110r619147_fix" /><check system="C-38147r619146_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system protects audit rules from unauthorized modification.
+&gt; sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-38110r619147_fix" /><check system="C-38147r619146_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system protects audit rules from unauthorized modification.
 
 Check that "permissions.local" file contains the correct permissions rules with the following command:
 
@@ -3281,7 +3281,7 @@ Edit the file "/etc/permissions.local" and insert the following text:
 
 Set the correct permissions with the following command:
 
-&gt; sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-38112r619153_fix" /><check system="C-38149r619152_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system audit tools have the proper permissions configured in the permissions profile to protect from unauthorized access.
+&gt; sudo chkstat --set /etc/permissions.local</fixtext><fix id="F-38112r619153_fix" /><check system="C-38149r619152_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system audit tools have the proper permissions configured in the permissions profile to protect from unauthorized access.
 
 Check that "permissions.local" file contains the correct permissions rules with the following command:
 
@@ -3318,7 +3318,7 @@ Add or update the following lines to "/etc/aide.conf" to protect the integrity o
 /usr/sbin/aureport p+i+n+u+g+s+b+acl+selinux+xattrs+sha512
 /usr/sbin/autrace p+i+n+u+g+s+b+acl+selinux+xattrs+sha512
 /usr/sbin/audispd p+i+n+u+g+s+b+acl+selinux+xattrs+sha512
-/usr/sbin/augenrules p+i+n+u+g+s+b+acl+selinux+xattrs+sha512</fixtext><fix id="F-38113r619156_fix" /><check system="C-38150r619155_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to protect the integrity of the audit tools.
+/usr/sbin/augenrules p+i+n+u+g+s+b+acl+selinux+xattrs+sha512</fixtext><fix id="F-38113r619156_fix" /><check system="C-38150r619155_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to protect the integrity of the audit tools.
 
 Check that AIDE is properly configured to protect the integrity of the audit tools by running the following command:
 
@@ -3351,7 +3351,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38114r619159_fix" /><check system="C-38151r619158_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any privileged use of the "execve" system call.
+&gt; sudo augenrules --load</fixtext><fix id="F-38114r619159_fix" /><check system="C-38151r619158_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for any privileged use of the "execve" system call.
 
 &gt; sudo auditctl -l | grep -w 'execve'
 
@@ -3373,7 +3373,7 @@ Associating event types with detected events in the SUSE operating system audit
 
 Satisfies: SRG-OS-000337-GPOS-00129, SRG-OS-000348-GPOS-00136, SRG-OS-000349-GPOS-00137, SRG-OS-000350-GPOS-00138, SRG-OS-000351-GPOS-00139, SRG-OS-000352-GPOS-00140, SRG-OS-000353-GPOS-00141, SRG-OS-000354-GPOS-00142, SRG-OS-000358-GPOS-00145, SRG-OS-000359-GPOS-00146, SRG-OS-000365-GPOS-00152, SRG-OS-000474-GPOS-00219, SRG-OS-000475-GPOS-00220&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000172</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><ident system="http://cyber.mil/cci">CCI-001875</ident><ident system="http://cyber.mil/cci">CCI-001877</ident><ident system="http://cyber.mil/cci">CCI-001878</ident><ident system="http://cyber.mil/cci">CCI-001879</ident><ident system="http://cyber.mil/cci">CCI-001880</ident><ident system="http://cyber.mil/cci">CCI-001881</ident><ident system="http://cyber.mil/cci">CCI-001882</ident><ident system="http://cyber.mil/cci">CCI-001889</ident><ident system="http://cyber.mil/cci">CCI-001914</ident><fixtext fixref="F-38115r619162_fix">The SUSE operating system auditd package must be installed on the system. If it is not installed, use the following command to install it:
 
-&gt; sudo zypper in audit</fixtext><fix id="F-38115r619162_fix" /><check system="C-38152r619161_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system auditing package is installed.
+&gt; sudo zypper in audit</fixtext><fix id="F-38115r619162_fix" /><check system="C-38152r619161_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system auditing package is installed.
 
 Check that the "audit" package is installed by performing the following command:
 
@@ -3387,7 +3387,7 @@ The task of allocating audit record storage capacity is usually performed during
 
 If audit records are stored on a partition made specifically for audit records, use the "YaST2 - Partitioner" program (installation and configuration tool for Linux) to resize the partition with sufficient space to contain one week of audit records.
 
-If audit records are not stored on a partition made specifically for audit records, a new partition with sufficient amount of space will need be to be created. The new partition can be created using the "YaST2 - Partitioner" program on the system.</fixtext><fix id="F-38116r619165_fix" /><check system="C-38153r619164_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system allocates audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility.
+If audit records are not stored on a partition made specifically for audit records, a new partition with sufficient amount of space will need be to be created. The new partition can be created using the "YaST2 - Partitioner" program on the system.</fixtext><fix id="F-38116r619165_fix" /><check system="C-38153r619164_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system allocates audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility.
 
 Determine to which partition the audit records are being written with the following command:
 
@@ -3410,7 +3410,7 @@ If the audit record partition is not allocated sufficient storage capacity, this
 
 &gt; sudo zypper install audit-audispd-plugins
 
-In "/etc/audisp/plugins.d/au-remote.conf", change the value of "active" to "yes", or add "active = yes" if no such setting exists in the file.</fixtext><fix id="F-38117r619168_fix" /><check system="C-38154r619167_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the "audit-audispd-plugins" package is installed on the SUSE operating system. 
+In "/etc/audisp/plugins.d/au-remote.conf", change the value of "active" to "yes", or add "active = yes" if no such setting exists in the file.</fixtext><fix id="F-38117r619168_fix" /><check system="C-38154r619167_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the "audit-audispd-plugins" package is installed on the SUSE operating system. 
 
 Check that the "audit-audispd-plugins" package is installed on the SUSE operating system with the following command:
 
@@ -3429,7 +3429,7 @@ Allowing devices and users to connect to or from the system without first authen
 
 Edit or add the following line to match the text below:
 
-enable_krb5 = yes</fixtext><fix id="F-38118r619171_fix" /><check system="C-38155r619170_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Determine if the SUSE operating system audit event multiplexor is configured to use Kerberos by running the following command:
+enable_krb5 = yes</fixtext><fix id="F-38118r619171_fix" /><check system="C-38155r619170_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Determine if the SUSE operating system audit event multiplexor is configured to use Kerberos by running the following command:
 
 &gt; sudo grep enable_krb5 /etc/audisp/audisp-remote.conf
 enable_krb5 = yes
@@ -3438,7 +3438,7 @@ If "enable_krb5" is not set to "yes", or is commented out, this is a finding.</c
 
 Off-loading is a common process in information systems with limited audit storage capacity.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001851</ident><fixtext fixref="F-38119r619174_fix">Configure the SUSE operating system "/etc/audisp/audisp-remote.conf" file to off-load audit records onto a different system or media by adding or editing the following line with the correct IP address:
 
-remote_server = [IP ADDRESS]</fixtext><fix id="F-38119r619174_fix" /><check system="C-38156r619173_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify "audispd" off-loads audit records onto a different system or media from the SUSE operating system being audited.
+remote_server = [IP ADDRESS]</fixtext><fix id="F-38119r619174_fix" /><check system="C-38156r619173_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify "audispd" off-loads audit records onto a different system or media from the SUSE operating system being audited.
 
 Check if "audispd" is configured to off-load audit records onto a different system or media from the SUSE operating system by running the following command:
 
@@ -3453,7 +3453,7 @@ Determine the size of the partition to which audit records are written (e.g., "/
 
 &gt; df -h /var/log/audit/
 
-Set the value of the "space_left" keyword in "/etc/audit/auditd.conf" to 25 percent of the partition size.</fixtext><fix id="F-38120r619177_fix" /><check system="C-38157r619176_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Determine if the SUSE operating system auditd is configured to notify the SA and ISSO when the audit record storage volume reaches 75 percent of the storage capacity.
+Set the value of the "space_left" keyword in "/etc/audit/auditd.conf" to 25 percent of the partition size.</fixtext><fix id="F-38120r619177_fix" /><check system="C-38157r619176_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Determine if the SUSE operating system auditd is configured to notify the SA and ISSO when the audit record storage volume reaches 75 percent of the storage capacity.
 
 Check the system configuration to determine the partition to which audit records are written using the following command:
 
@@ -3490,7 +3490,7 @@ To reload the rules file, restart the audit daemon:
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38124r809558_fix" /><check system="C-38161r809476_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "unlink", "unlinkat", "rename", "renameat", and "rmdir" system calls.
+&gt; sudo augenrules --load</fixtext><fix id="F-38124r809558_fix" /><check system="C-38161r809476_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for all uses of the "unlink", "unlinkat", "rename", "renameat", and "rmdir" system calls.
 
 Check that the system calls are being audited by performing the following command:
 
@@ -3516,7 +3516,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38126r619195_fix" /><check system="C-38163r619194_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for the "/run/utmp" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38126r619195_fix" /><check system="C-38163r619194_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for the "/run/utmp" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -3541,7 +3541,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38127r619198_fix" /><check system="C-38164r619197_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for the "/var/log/wtmp" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38127r619198_fix" /><check system="C-38164r619197_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for the "/var/log/wtmp" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -3566,7 +3566,7 @@ To reload the rules file, restart the audit daemon
 
 or issue the following command:
 
-&gt; sudo augenrules --load</fixtext><fix id="F-38128r619201_fix" /><check system="C-38165r619200_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for the "/var/log/btmp" file.
+&gt; sudo augenrules --load</fixtext><fix id="F-38128r619201_fix" /><check system="C-38165r619200_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system generates an audit record for the "/var/log/btmp" file.
 
 Check that the file is being audited by performing the following command:
 
@@ -3583,7 +3583,7 @@ Off-loading is a common process in information systems with limited audit storag
 
 Uncomment the "network_failure_action" option in "/etc/audisp/audisp-remote.conf" and set it to "syslog", "single", or "halt". See the example below:
 
-network_failure_action = syslog</fixtext><fix id="F-38129r619204_fix" /><check system="C-38166r619203_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify what action the audit system takes if it cannot off-load audit records to a different system or storage media from the SUSE operating system being audited.
+network_failure_action = syslog</fixtext><fix id="F-38129r619204_fix" /><check system="C-38166r619203_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify what action the audit system takes if it cannot off-load audit records to a different system or storage media from the SUSE operating system being audited.
 
 Check the action that the audit system takes in the event of a network failure with the following command:
 
@@ -3597,14 +3597,14 @@ Off-loading is a common process in information systems with limited audit storag
 
 Add, edit, or uncomment the "disk_full_action" option in "/etc/audisp/audisp-remote.conf". Set it to "syslog", "single" or "halt" as in the example below:
 
-disk_full_action = syslog</fixtext><fix id="F-38130r619207_fix" /><check system="C-38167r619206_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the audit system off-loads audit records if the SUSE operating system storage volume becomes full.
+disk_full_action = syslog</fixtext><fix id="F-38130r619207_fix" /><check system="C-38167r619206_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the audit system off-loads audit records if the SUSE operating system storage volume becomes full.
 
 Check that the records are properly off-loaded to a remote server with the following command:
 
 &gt; sudo grep -i "disk_full_action" /etc/audisp/audisp-remote.conf
 disk_full_action = syslog
 
-If "disk_full_action" is not set to "syslog", "single", or "halt" or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-234980"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234980r622137_rule" weight="10.0" severity="low"><version>SLES-15-030810</version><title>The SUSE operating system must use a separate file system for the system audit data path.</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38131r619210_fix">Migrate the SUSE operating system audit data path onto a separate file system.</fixtext><fix id="F-38131r619210_fix" /><check system="C-38168r619209_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for the system audit data path.
+If "disk_full_action" is not set to "syslog", "single", or "halt" or the line is commented out, this is a finding.</check-content></check></Rule></Group><Group id="V-234980"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234980r622137_rule" weight="10.0" severity="low"><version>SLES-15-030810</version><title>The SUSE operating system must use a separate file system for the system audit data path.</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38131r619210_fix">Migrate the SUSE operating system audit data path onto a separate file system.</fixtext><fix id="F-38131r619210_fix" /><check system="C-38168r619209_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for the system audit data path.
 
 Check that a file system/partition has been created for the system audit data path with the following command:
 
@@ -3619,7 +3619,7 @@ If a separate file system/partition does not exist for the system audit data pat
 
 The audit daemon must be restarted for the changes to take effect.
 
-&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-38132r619213_fix" /><check system="C-38169r619212_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify syscall auditing has not been disabled:
+&gt; sudo systemctl restart auditd.service</fixtext><fix id="F-38132r619213_fix" /><check system="C-38169r619212_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify syscall auditing has not been disabled:
 
 &gt; auditctl -l | grep -i "a task,never"
 
@@ -3633,7 +3633,7 @@ If any results are returned, this is a finding.</check-content></check></Rule></
 
 Add or update the following variable in "/etc/login.defs" to match the line below ("FAIL_DELAY" must have a value of "4" or higher):
 
-FAIL_DELAY 4</fixtext><fix id="F-38133r619216_fix" /><check system="C-38170r619215_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four seconds between logon prompts following a failed logon attempt.
+FAIL_DELAY 4</fixtext><fix id="F-38133r619216_fix" /><check system="C-38170r619215_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four seconds between logon prompts following a failed logon attempt.
 
 Check that the SUSE operating system enforces a delay of at least four seconds between logon prompts following a failed logon attempt with the following command:
 
@@ -3647,14 +3647,14 @@ Edit the file "/etc/pam.d/common-auth".
 Add a parameter "pam_faildelay" and set it to:
 
 &gt; delay is in micro seconds
-auth required pam_faildelay.so delay=4000000</fixtext><fix id="F-38134r619219_fix" /><check system="C-38171r619218_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four seconds between logon prompts following a failed logon attempt.
+auth required pam_faildelay.so delay=4000000</fixtext><fix id="F-38134r619219_fix" /><check system="C-38171r619218_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system enforces a delay of at least four seconds between logon prompts following a failed logon attempt.
 
 &gt; grep pam_faildelay /etc/pam.d/common-auth
 auth required pam_faildelay.so delay=4000000
 
 If the value of "delay" is not set to "4000000", "delay" is commented out, "delay" is missing, or the "pam_faildelay" line is missing completely, this is a finding.</check-content></check></Rule></Group><Group id="V-234984"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234984r622137_rule" weight="10.0" severity="high"><version>SLES-15-040020</version><title>There must be no .shosts files on the SUSE operating system.</title><description>&lt;VulnDiscussion&gt;The .shosts files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38135r619222_fix">Remove any ".shosts" files found on the SUSE operating system.
 
-&gt; sudo rm /[path]/[to]/[file]/.shosts</fixtext><fix id="F-38135r619222_fix" /><check system="C-38172r619221_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Text: Verify there are no ".shosts" files on the SUSE operating system.
+&gt; sudo rm /[path]/[to]/[file]/.shosts</fixtext><fix id="F-38135r619222_fix" /><check system="C-38172r619221_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Text: Verify there are no ".shosts" files on the SUSE operating system.
 
 Check the system for the existence of these files with the following command:
 
@@ -3662,7 +3662,7 @@ Check the system for the existence of these files with the following command:
 
 If any ".shosts" files are found on the system, this is a finding.</check-content></check></Rule></Group><Group id="V-234985"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234985r622137_rule" weight="10.0" severity="high"><version>SLES-15-040030</version><title>There must be no shosts.equiv files on the SUSE operating system.</title><description>&lt;VulnDiscussion&gt;The shosts.equiv files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38136r619225_fix">Remove any "shosts.equiv" files found on the SUSE operating system.
 
-&gt; sudo rm /[path]/[to]/[file]/shosts.equiv</fixtext><fix id="F-38136r619225_fix" /><check system="C-38173r619224_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify there are no "shosts.equiv" files on the SUSE operating system.
+&gt; sudo rm /[path]/[to]/[file]/shosts.equiv</fixtext><fix id="F-38136r619225_fix" /><check system="C-38173r619224_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify there are no "shosts.equiv" files on the SUSE operating system.
 
 Check the system for the existence of these files with the following command:
 
@@ -3670,7 +3670,7 @@ Check the system for the existence of these files with the following command:
 
 If any "shosts.equiv" files are found on the system, this is a finding.</check-content></check></Rule></Group><Group id="V-234986"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234986r880968_rule" weight="10.0" severity="low"><version>SLES-15-040040</version><title>The SUSE operating system file integrity tool must be configured to verify Access Control Lists (ACLs).</title><description>&lt;VulnDiscussion&gt;ACLs can provide permissions beyond those permitted through the file mode and must be verified by file integrity tools.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38137r619228_fix">Configure the SUSE operating system file integrity tool to check file and directory ACLs. 
 
-If AIDE is installed, ensure the "acl" rule is present on all file and directory selection lists.</fixtext><fix id="F-38137r619228_fix" /><check system="C-38174r880968_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify extended attributes.
+If AIDE is installed, ensure the "acl" rule is present on all file and directory selection lists.</fixtext><fix id="F-38137r619228_fix" /><check system="C-38174r880968_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify extended attributes.
 
 If there is no application installed to perform integrity checks, this is a finding.
 
@@ -3684,7 +3684,7 @@ An example rule that includes the "acl" rule follows:
 
 If the "acl" rule is not being used on all selection lines in the "/etc/aide.conf" file, or extended attributes are not being checked by another file integrity tool, this is a finding.</check-content></check></Rule></Group><Group id="V-234987"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234987r880969_rule" weight="10.0" severity="low"><version>SLES-15-040050</version><title>The SUSE operating system file integrity tool must be configured to verify extended attributes.</title><description>&lt;VulnDiscussion&gt;Extended attributes in file systems are used to contain arbitrary data and file metadata with security implications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38138r619231_fix">Configure the SUSE operating system file integrity tool to check file and directory extended attributes. 
 
-If AIDE is installed, ensure the "xattrs" rule is present on all file and directory selection lists.</fixtext><fix id="F-38138r619231_fix" /><check system="C-38175r880969_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify extended attributes.
+If AIDE is installed, ensure the "xattrs" rule is present on all file and directory selection lists.</fixtext><fix id="F-38138r619231_fix" /><check system="C-38175r880969_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system file integrity tool is configured to verify extended attributes.
 
 If there is no application installed to perform integrity checks, this is a finding.
 
@@ -3704,7 +3704,7 @@ If the "xattrs" rule is not being used on all selection lines in the "/etc/aide.
 
 And reload the daemon to take effect 
 
-&gt; sudo systemctl daemon-reload</fixtext><fix id="F-38139r619234_fix" /><check system="C-38176r619233_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed.
+&gt; sudo systemctl daemon-reload</fixtext><fix id="F-38139r619234_fix" /><check system="C-38176r619233_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed.
 
 Check that the ctrl-alt-del.target is masked with the following command:
 
@@ -3741,7 +3741,7 @@ logout=['']
 
 4. Update the dconf database: 
 
-&gt; sudo dconf update</fixtext><fix id="F-38140r619237_fix" /><check system="C-38177r619236_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
+&gt; sudo dconf update</fixtext><fix id="F-38140r619237_fix" /><check system="C-38177r619236_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system is not configured to reboot the system
 when Ctrl-Alt-Delete is pressed in the graphical user interface.
@@ -3766,7 +3766,7 @@ CtrlAltDelBurstAction=none
 
 Reload the daemon for this change to take effect
 
-&gt; sudo systemctl daemon-reload</fixtext><fix id="F-38141r619240_fix" /><check system="C-38178r619239_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed seven times within two seconds with the following command:
+&gt; sudo systemctl daemon-reload</fixtext><fix id="F-38141r619240_fix" /><check system="C-38178r619239_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed seven times within two seconds with the following command:
 
 &gt; sudo grep -i ctrl /etc/systemd/system.conf
 
@@ -3776,7 +3776,7 @@ If the "CtrlAltDelBurstAction" is not set to "none", commented out, or is missin
 
 Assign a home directory to users via the usermod command:
 
-&gt; sudo usermod -d /home/smithj smithj</fixtext><fix id="F-38142r619243_fix" /><check system="C-38179r619242_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify SUSE operating system local interactive users on the system have a home directory assigned.
+&gt; sudo usermod -d /home/smithj smithj</fixtext><fix id="F-38142r619243_fix" /><check system="C-38179r619242_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify SUSE operating system local interactive users on the system have a home directory assigned.
 
 Check for missing local interactive user home directories with the following command:
 
@@ -3794,7 +3794,7 @@ Note: The example will be for the user smithj, who has a home directory of "/hom
 &gt; sudo mkdir /home/smithj 
 &gt; sudo chown smithj /home/smithj
 &gt; sudo chgrp users /home/smithj
-&gt; sudo chmod 0750 /home/smithj</fixtext><fix id="F-38143r619246_fix" /><check system="C-38180r619245_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users on the system exists.
+&gt; sudo chmod 0750 /home/smithj</fixtext><fix id="F-38143r619246_fix" /><check system="C-38180r619245_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users on the system exists.
 
 Check the home directory assignment for all local interactive non-privileged users on the system with the following command:
 
@@ -3814,7 +3814,7 @@ If any home directories referenced in "/etc/passwd" are returned as not defined,
 
 Note: The example will be for the user "smithj".
 
-&gt; sudo chmod 0750 /home/smithj</fixtext><fix id="F-38144r619249_fix" /><check system="C-38181r619248_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users has a mode of "0750" or less permissive.
+&gt; sudo chmod 0750 /home/smithj</fixtext><fix id="F-38144r619249_fix" /><check system="C-38181r619248_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users has a mode of "0750" or less permissive.
 
 Check the home directory assignment for all non-privileged users on the system with the following command:
 
@@ -3827,7 +3827,7 @@ If home directories referenced in "/etc/passwd" do not have a mode of "0750" or
 
 Note: The example will be for the user "smithj", who has a home directory of "/home/smithj", and has a primary group of users.
 
-&gt; sudo chgrp users /home/smithj</fixtext><fix id="F-38145r619252_fix" /><check system="C-38182r619251_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users is group-owned by that user's primary GID.
+&gt; sudo chgrp users /home/smithj</fixtext><fix id="F-38145r619252_fix" /><check system="C-38182r619251_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the assigned home directory of all SUSE operating system local interactive users is group-owned by that user's primary GID.
 
 Check the home directory assignment for all non-privileged users on the system with the following command:
 
@@ -3845,7 +3845,7 @@ If the user home directory referenced in "/etc/passwd" is not group-owned by tha
 
 Note: The example will be for the smithj user, who has a home directory of "/home/smithj".
 
-&gt; sudo chmod 0740 /home/smithj/.&lt;INIT_FILE&gt;</fixtext><fix id="F-38146r619255_fix" /><check system="C-38183r619254_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that all SUSE operating system local initialization files have a mode of "0740" or less permissive.
+&gt; sudo chmod 0740 /home/smithj/.&lt;INIT_FILE&gt;</fixtext><fix id="F-38146r619255_fix" /><check system="C-38183r619254_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that all SUSE operating system local initialization files have a mode of "0740" or less permissive.
 
 Check the mode on all SUSE operating system local initialization files with the following command:
 
@@ -3856,7 +3856,7 @@ Note: The example will be for the user "smithj", who has a home directory of "/h
 -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login
 -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something
 
-If any local initialization files have a mode more permissive than "0740", this is a finding.</check-content></check></Rule></Group><Group id="V-234996"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234996r793060_rule" weight="10.0" severity="medium"><version>SLES-15-040120</version><title>All SUSE operating system local interactive user initialization files executable search paths must contain only paths that resolve to the users home directory.</title><description>&lt;VulnDiscussion&gt;The executable search path (typically the PATH environment variable) contains a list of directories for the shell to search to find executables. If this path includes the current working directory (other than the user's home directory), executables in these directories may be executed instead of system commands. This variable is formatted as a colon-separated list of directories. If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is interpreted as the current working directory. If deviations from the default system search path for the local interactive user are required, they must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38147r619258_fix">Edit the SUSE operating system local interactive user initialization files to change any PATH variable statements for executables that reference directories other than their home directory. If a local interactive user requires path variables to reference a directory owned by the application, it must be documented with the ISSO.</fixtext><fix id="F-38147r619258_fix" /><check system="C-38184r793059_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that all SUSE operating system local interactive user initialization files executable search path statements do not contain statements that will reference a working directory other than the user's home directory.
+If any local initialization files have a mode more permissive than "0740", this is a finding.</check-content></check></Rule></Group><Group id="V-234996"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234996r793060_rule" weight="10.0" severity="medium"><version>SLES-15-040120</version><title>All SUSE operating system local interactive user initialization files executable search paths must contain only paths that resolve to the users home directory.</title><description>&lt;VulnDiscussion&gt;The executable search path (typically the PATH environment variable) contains a list of directories for the shell to search to find executables. If this path includes the current working directory (other than the user's home directory), executables in these directories may be executed instead of system commands. This variable is formatted as a colon-separated list of directories. If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is interpreted as the current working directory. If deviations from the default system search path for the local interactive user are required, they must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38147r619258_fix">Edit the SUSE operating system local interactive user initialization files to change any PATH variable statements for executables that reference directories other than their home directory. If a local interactive user requires path variables to reference a directory owned by the application, it must be documented with the ISSO.</fixtext><fix id="F-38147r619258_fix" /><check system="C-38184r793059_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that all SUSE operating system local interactive user initialization files executable search path statements do not contain statements that will reference a working directory other than the user's home directory.
 
 Check the executable search path statement for all operating system local interactive user initialization files in the user's home directory with the following commands:
 
@@ -3867,7 +3867,7 @@ Note: The example will be for the user "smithj", who has a home directory of "/h
 
 If any local interactive user initialization files have executable search path statements that include directories outside of their home directory, and the additional path statements are not documented with the ISSO as an operational requirement, this is a finding.</check-content></check></Rule></Group><Group id="V-234997"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234997r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040130</version><title>All SUSE operating system local initialization files must not execute world-writable programs.</title><description>&lt;VulnDiscussion&gt;If user start-up files execute world-writable programs, especially in unprotected directories, they could be maliciously modified to destroy user files or otherwise compromise the system at the user level. If the system is compromised at the user level, it is easier to elevate privileges to eventually compromise the system at the root and network level.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38148r619261_fix">Remove the references to these files in the local initialization scripts or remove the world-writable permission of files referenced by SUSE operating system local initialization scripts with the following command:
 
-&gt; sudo chmod 0755 &lt;file&gt;</fixtext><fix id="F-38148r619261_fix" /><check system="C-38185r619260_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that SUSE operating system local initialization files do not execute world-writable programs.
+&gt; sudo chmod 0755 &lt;file&gt;</fixtext><fix id="F-38148r619261_fix" /><check system="C-38185r619260_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that SUSE operating system local initialization files do not execute world-writable programs.
 
 Verify that SUSE operating system local initialization files do not
 execute world-writable programs.
@@ -3889,7 +3889,7 @@ files, this is a finding.</check-content></check></Rule></Group><Group id="V-234
 
 Re-mount the filesystems.
 
-&gt; sudo mount -o remount /home</fixtext><fix id="F-38149r619264_fix" /><check system="C-38186r619263_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that SUSE operating system file systems that contain user home directories are mounted with the "nosuid" option.
+&gt; sudo mount -o remount /home</fixtext><fix id="F-38149r619264_fix" /><check system="C-38186r619263_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that SUSE operating system file systems that contain user home directories are mounted with the "nosuid" option.
 
 Print the currently active file system mount options of the file system(s) that contain the user home directories with the following command:
 
@@ -3898,7 +3898,7 @@ Print the currently active file system mount options of the file system(s) that
 
 If a file system containing user home directories is not mounted with the FSTYPE OPTION nosuid, this is a finding.
 
-Note: If a separate file system has not been created for the user home directories (user home directories are mounted under "/"), this is not a finding as the "nosuid" option cannot be used on the "/" system.</check-content></check></Rule></Group><Group id="V-234999"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234999r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040150</version><title>SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38150r619267_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are associated with removable media.</fixtext><fix id="F-38150r619267_fix" /><check system="C-38187r619266_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify SUSE operating system file systems used for removable media are mounted with the "nosuid" option.
+Note: If a separate file system has not been created for the user home directories (user home directories are mounted under "/"), this is not a finding as the "nosuid" option cannot be used on the "/" system.</check-content></check></Rule></Group><Group id="V-234999"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-234999r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040150</version><title>SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38150r619267_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are associated with removable media.</fixtext><fix id="F-38150r619267_fix" /><check system="C-38187r619266_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify SUSE operating system file systems used for removable media are mounted with the "nosuid" option.
 
 Check the file systems that are mounted at boot time with the following command:
 
@@ -3906,7 +3906,7 @@ Check the file systems that are mounted at boot time with the following command:
 
 UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat noauto,owner,ro,nosuid 0 0
 
-If a file system found in "/etc/fstab" refers to removable media and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-235000"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235000r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040160</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38151r619270_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are being exported via NFS.</fixtext><fix id="F-38151r619270_fix" /><check system="C-38188r619269_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify SUSE operating system file systems that are being NFS exported are mounted with the "nosuid" option.
+If a file system found in "/etc/fstab" refers to removable media and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-235000"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235000r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040160</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38151r619270_fix">Configure the SUSE operating system "/etc/fstab" file to use the "nosuid" option on file systems that are being exported via NFS.</fixtext><fix id="F-38151r619270_fix" /><check system="C-38188r619269_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify SUSE operating system file systems that are being NFS exported are mounted with the "nosuid" option.
 
 Find the file system(s) that contain the directories being exported with the following command:
 
@@ -3914,7 +3914,7 @@ Find the file system(s) that contain the directories being exported with the fol
 
 UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid 0 0
 
-If a file system found in "/etc/fstab" refers to NFS and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-235001"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235001r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040170</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent binary files from being executed.</title><description>&lt;VulnDiscussion&gt;The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38152r619273_fix">Configure the SUSE operating system "/etc/fstab" file to use the "noexec" option on file systems that are being exported via NFS.</fixtext><fix id="F-38152r619273_fix" /><check system="C-38189r619272_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system file systems that are being NFS exported are mounted with the "noexec" option.
+If a file system found in "/etc/fstab" refers to NFS and it does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-235001"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235001r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040170</version><title>SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent binary files from being executed.</title><description>&lt;VulnDiscussion&gt;The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38152r619273_fix">Configure the SUSE operating system "/etc/fstab" file to use the "noexec" option on file systems that are being exported via NFS.</fixtext><fix id="F-38152r619273_fix" /><check system="C-38189r619272_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system file systems that are being NFS exported are mounted with the "noexec" option.
 
 Find the file system(s) that contain the directories being exported with the following command:
 
@@ -3926,7 +3926,7 @@ If a file system found in "/etc/fstab" refers to NFS and it does not have the "n
 
 The only authorized public directories are those temporary directories supplied with the system or those designed to be temporary file repositories. The setting is normally reserved for directories used by the system and by users for temporary file storage, (e.g., /tmp), and for directories requiring global read/write access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38153r619276_fix">Change the group of the SUSE operating system world-writable directories to root with the following command:
 
-&gt; sudo chgrp root &lt;directory&gt;</fixtext><fix id="F-38153r619276_fix" /><check system="C-38190r619275_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify all SUSE operating system world-writable directories are group-owned by root, sys, bin, or an application group.
+&gt; sudo chgrp root &lt;directory&gt;</fixtext><fix id="F-38153r619276_fix" /><check system="C-38190r619275_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system world-writable directories are group-owned by root, sys, bin, or an application group.
 
 Check the system for world-writable directories with the following command:
 
@@ -3939,7 +3939,7 @@ If any world-writable directories are not owned by root, sys, bin, or an applica
 
 &gt; sudo systemctl disable kdump.service
 
-If kernel core dumps are required, document the need with the ISSO.</fixtext><fix id="F-38154r619279_fix" /><check system="C-38191r619278_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that SUSE operating system kernel core dumps are disabled unless needed.
+If kernel core dumps are required, document the need with the ISSO.</fixtext><fix id="F-38154r619279_fix" /><check system="C-38191r619278_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that SUSE operating system kernel core dumps are disabled unless needed.
 
 Check the status of the "kdump" service with the following command:
 
@@ -3951,7 +3951,7 @@ If the "kdump" service is active, ask the System Administrator if the use of the
 
 If the service is active and is not documented, this is a finding.</check-content></check></Rule></Group><Group id="V-235004"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235004r622137_rule" weight="10.0" severity="low"><version>SLES-15-040200</version><title>A separate file system must be used for SUSE operating system user home directories (such as /home or an equivalent).</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38155r619282_fix">Create a separate file system/partition for SUSE operating system non-privileged local interactive user home directories.
 
-Migrate the non-privileged local interactive user home directories onto the separate file system/partition.</fixtext><fix id="F-38155r619282_fix" /><check system="C-38192r619281_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that a separate file system/partition has been created for SUSE operating system non-privileged local interactive user home directories.
+Migrate the non-privileged local interactive user home directories onto the separate file system/partition.</fixtext><fix id="F-38155r619282_fix" /><check system="C-38192r619281_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that a separate file system/partition has been created for SUSE operating system non-privileged local interactive user home directories.
 
 Check the home directory assignment for all non-privileged users (those with a UID greater than 1000) on the system with the following command:
 
@@ -3972,7 +3972,7 @@ UUID=333ada18 /home ext4 noatime,nobarrier,nodev 1 2
 
 If a separate entry for the file system/partition that contains the non-privileged interactive users' home directories does not exist, this is a finding.</check-content></check></Rule></Group><Group id="V-235005"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235005r622137_rule" weight="10.0" severity="low"><version>SLES-15-040210</version><title>The SUSE operating system must use a separate file system for /var.</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38156r619285_fix">Create a separate file system/partition on the SUSE operating system for "/var".
 
-Migrate "/var" onto the separate file system/partition.</fixtext><fix id="F-38156r619285_fix" /><check system="C-38193r619284_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for "/var".
+Migrate "/var" onto the separate file system/partition.</fixtext><fix id="F-38156r619285_fix" /><check system="C-38193r619284_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SUSE operating system has a separate file system/partition for "/var".
 
 Check that a file system/partition has been created for "/var" with the following command:
 
@@ -3983,7 +3983,7 @@ If a separate entry for "/var" is not in use, this is a finding.</check-content>
 
 &gt; sudo sh -c 'for X in /etc/pam.d/common-*-pc; do cp -ivp --remove-destination $X ${X:0:-3}; done'
 
-Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-38157r619288_fix" /><check system="C-38194r619287_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is configured to not overwrite PAM configuration on package changes.
+Additional information on the configuration of multifactor authentication on the SUSE operating system can be found at https://www.suse.com/communities/blog/configuring-smart-card-authentication-suse-linux-enterprise/.</fixtext><fix id="F-38157r619288_fix" /><check system="C-38194r619287_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is configured to not overwrite PAM configuration on package changes.
 
 Check that soft links between PAM configuration files are removed with the following command:
 
@@ -3993,7 +3993,7 @@ If any results are returned, this is a finding.</check-content></check></Rule></
 
 Add the following line in "/etc/ssh/sshd_config", or uncomment the line and set the value to "yes":
 
-IgnoreUserKnownHosts yes</fixtext><fix id="F-38158r619291_fix" /><check system="C-38195r619290_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to not allow authentication using "known hosts" authentication.
+IgnoreUserKnownHosts yes</fixtext><fix id="F-38158r619291_fix" /><check system="C-38195r619290_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon is configured to not allow authentication using "known hosts" authentication.
 
 To determine how the SSH daemon's "IgnoreUserKnownHosts" option is set, run the following command:
 
@@ -4007,7 +4007,7 @@ Note: SSH public key files may be found in other directories on the system depen
 
 Change the mode of public host key files under "/etc/ssh" to "0644" with the following command:
 
-&gt; sudo chmod 0644 /etc/ssh/ssh_host*key.pub</fixtext><fix id="F-38159r619294_fix" /><check system="C-38196r619293_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon public host key files have mode "0644" or less permissive.
+&gt; sudo chmod 0644 /etc/ssh/ssh_host*key.pub</fixtext><fix id="F-38159r619294_fix" /><check system="C-38196r619293_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon public host key files have mode "0644" or less permissive.
 
 Note: SSH public key files may be found in other directories on the system depending on the installation.
 
@@ -4022,7 +4022,7 @@ The following command will find all SSH public key files on the system:
 
 If any file has a mode more permissive than "0644", this is a finding.</check-content></check></Rule></Group><Group id="V-235009"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235009r880958_rule" weight="10.0" severity="medium"><version>SLES-15-040250</version><title>The SUSE operating system SSH daemon private host key files must have mode 0640 or less permissive.</title><description>&lt;VulnDiscussion&gt;If an unauthorized user obtains the private SSH host key file, the host could be impersonated.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-38160r880957_fix">Configure the mode of the SUSE operating system SSH daemon private host key files under "/etc/ssh" to "0640" with the following command:
 
-     &gt; sudo chmod 0640 /etc/ssh/ssh_host*key</fixtext><fix id="F-38160r880957_fix" /><check system="C-38197r880956_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon private host key files have mode "0640" or less permissive.
+     &gt; sudo chmod 0640 /etc/ssh/ssh_host*key</fixtext><fix id="F-38160r880957_fix" /><check system="C-38197r880956_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon private host key files have mode "0640" or less permissive.
 
 The following command will find all SSH private key files on the system:
 
@@ -4041,7 +4041,7 @@ If any file has a mode more permissive than "0640", this is a finding.</check-co
 
 Uncomment the "StrictModes" keyword in "/etc/ssh/sshd_config" and set the value to "yes":
 
-StrictModes yes</fixtext><fix id="F-38161r619300_fix" /><check system="C-38198r619299_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon performs strict mode checking of home directory configuration files.
+StrictModes yes</fixtext><fix id="F-38161r619300_fix" /><check system="C-38198r619299_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system SSH daemon performs strict mode checking of home directory configuration files.
 
 Check that the SSH daemon performs strict mode checking of home directory configuration files with the following command:
 
@@ -4055,7 +4055,7 @@ If X11 services are not required for the system's intended function, they should
 
 Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the "X11Forwarding" keyword and set its value to "no" (this file may be named differently or be in a different location if using a version of SSH that is provided by a third-party vendor):
 
-X11Forwarding no</fixtext><fix id="F-38164r619309_fix" /><check system="C-38201r619308_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Determine if X11Forwarding is disabled with the following command:
+X11Forwarding no</fixtext><fix id="F-38164r619309_fix" /><check system="C-38201r619308_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Determine if X11Forwarding is disabled with the following command:
 Verify the SUSE operating system SSH daemon remote X forwarded connections for interactive users are disabled.
 
 Check that SSH remote X forwarded connections are disabled with the following command:
@@ -4072,7 +4072,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.conf.all.accept_source_route=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38165r619312_fix" /><check system="C-38202r619311_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets.
+&gt; sudo sysctl --system</fixtext><fix id="F-38165r619312_fix" /><check system="C-38202r619311_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets.
 
 Check the value of the IPv4 accept source route variable with the following command:
 
@@ -4087,7 +4087,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.all.accept_source_route=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38166r619315_fix" /><check system="C-38203r619314_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets.
+&gt; sudo sysctl --system</fixtext><fix id="F-38166r619315_fix" /><check system="C-38203r619314_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets.
 
 Check the value of the IPv6 accept source route variable with the following command:
 
@@ -4102,7 +4102,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.conf.default.accept_source_route=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38167r619318_fix" /><check system="C-38204r619317_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets by default.
+&gt; sudo sysctl --system</fixtext><fix id="F-38167r619318_fix" /><check system="C-38204r619317_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 source-routed packets by default.
 
 Check the value of the default IPv4 accept source route variable with the following command:
 
@@ -4117,7 +4117,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.default.accept_source_route=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38168r619321_fix" /><check system="C-38205r619320_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets by default.
+&gt; sudo sysctl --system</fixtext><fix id="F-38168r619321_fix" /><check system="C-38205r619320_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 source-routed packets by default.
 
 Check the value of the default IPv6 accept source route variable with the following command:
 
@@ -4132,7 +4132,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.conf.all.accept_redirects=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38169r619324_fix" /><check system="C-38206r619323_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 ICMP redirect messages.
+&gt; sudo sysctl --system</fixtext><fix id="F-38169r619324_fix" /><check system="C-38206r619323_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 ICMP redirect messages.
 
 Check the value of the IPv4 accept_redirects variable with the following command:
 
@@ -4147,7 +4147,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.conf.default.accept_redirects=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38170r619327_fix" /><check system="C-38207r619326_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 ICMP redirect messages by default.
+&gt; sudo sysctl --system</fixtext><fix id="F-38170r619327_fix" /><check system="C-38207r619326_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv4 ICMP redirect messages by default.
 
 Check the value of the default IPv4 accept_redirects variable with the following command:
 
@@ -4162,7 +4162,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.all.accept_redirects=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38171r619330_fix" /><check system="C-38208r619329_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 ICMP redirect messages.
+&gt; sudo sysctl --system</fixtext><fix id="F-38171r619330_fix" /><check system="C-38208r619329_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not accept IPv6 ICMP redirect messages.
 
 Check the value of the IPv6 accept_redirects variable with the following command:
 
@@ -4177,7 +4177,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.default.accept_redirects=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38172r619333_fix" /><check system="C-38209r619332_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not allow IPv6 ICMP redirect messages by default.
+&gt; sudo sysctl --system</fixtext><fix id="F-38172r619333_fix" /><check system="C-38209r619332_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not allow IPv6 ICMP redirect messages by default.
 
 Check the value of the default IPv6 accept_redirects variable with the following command:
 
@@ -4192,7 +4192,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.conf.default.send_redirects=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38173r619336_fix" /><check system="C-38210r619335_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not allow interfaces to perform IPv4 ICMP redirects by default.
+&gt; sudo sysctl --system</fixtext><fix id="F-38173r619336_fix" /><check system="C-38210r619335_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not allow interfaces to perform IPv4 ICMP redirects by default.
 
 Check the value of the default IPv4 send_redirects variable with the following command:
 
@@ -4207,7 +4207,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.conf.all.send_redirects=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38174r619339_fix" /><check system="C-38211r619338_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system does not allow interfaces to perform IPv4 ICMP redirects.
+&gt; sudo sysctl --system</fixtext><fix id="F-38174r619339_fix" /><check system="C-38211r619338_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system does not allow interfaces to perform IPv4 ICMP redirects.
 
 Check the value of the IPv4 send_redirects variable with the following command:
 
@@ -4222,7 +4222,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv4.ip_forward=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38175r619342_fix" /><check system="C-38212r619341_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv4 packet forwarding, unless the system is a router.
+&gt; sudo sysctl --system</fixtext><fix id="F-38175r619342_fix" /><check system="C-38212r619341_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv4 packet forwarding, unless the system is a router.
 
 Check to see if IPv4 forwarding is disabled using the following command:
 
@@ -4237,7 +4237,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.all.forwarding=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38176r619345_fix" /><check system="C-38213r619344_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding, unless the system is a router.
+&gt; sudo sysctl --system</fixtext><fix id="F-38176r619345_fix" /><check system="C-38213r619344_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding, unless the system is a router.
 
 Check to see if IPv6 forwarding is enabled using the following command:
 
@@ -4252,7 +4252,7 @@ If "0" is not the system's default value, add or update the following line in "/
 
 &gt; sudo sh -c 'echo "net.ipv6.conf.default.forwarding=0" &gt;&gt; /etc/sysctl.d/99-stig.conf'
 
-&gt; sudo sysctl --system</fixtext><fix id="F-38177r619348_fix" /><check system="C-38214r619347_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding by default, unless the system is a router.
+&gt; sudo sysctl --system</fixtext><fix id="F-38177r619348_fix" /><check system="C-38214r619347_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system is not performing IPv6 packet forwarding by default, unless the system is a router.
 
 Check to see if IPv6 forwarding is disabled by default using the following command:
 
@@ -4265,7 +4265,7 @@ If the system is being used to perform a network troubleshooting function, the u
 
 Set the promiscuous mode of an interface to off with the following command:
 
-&gt; sudo ip link set dev &lt;devicename&gt; promisc off</fixtext><fix id="F-38178r619351_fix" /><check system="C-38215r619350_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system network interfaces are not in promiscuous mode unless approved by the ISSO and documented.
+&gt; sudo ip link set dev &lt;devicename&gt; promisc off</fixtext><fix id="F-38178r619351_fix" /><check system="C-38215r619350_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system network interfaces are not in promiscuous mode unless approved by the ISSO and documented.
 
 Check for the status with the following command:
 
@@ -4273,7 +4273,7 @@ Check for the status with the following command:
 
 If network interfaces are found on the system in promiscuous mode and their use has not been approved by the ISSO and documented, this is a finding.</check-content></check></Rule></Group><Group id="V-235028"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235028r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040400</version><title>All SUSE operating system files and directories must have a valid owner.</title><description>&lt;VulnDiscussion&gt;Unowned files and directories may be unintentionally inherited if a user is assigned the same User Identifier (UID) as the UID of the unowned files.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001230</ident><fixtext fixref="F-38179r619354_fix">Either remove all files and directories from the SUSE operating system that do not have a valid user, or assign a valid user to all unowned files and directories on the system with the "chown" command:
 
-&gt; sudo chown &lt;user&gt; &lt;file&gt;</fixtext><fix id="F-38179r619354_fix" /><check system="C-38216r619353_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that all SUSE operating system files and directories on the system have a valid owner.
+&gt; sudo chown &lt;user&gt; &lt;file&gt;</fixtext><fix id="F-38179r619354_fix" /><check system="C-38216r619353_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that all SUSE operating system files and directories on the system have a valid owner.
 
 Check the owner of all files and directories with the following command:
 
@@ -4283,7 +4283,7 @@ Note: The value after -fstype must be replaced with the filesystem type. XFS is
 
 If any files on the system do not have an assigned owner, this is a finding.</check-content></check></Rule></Group><Group id="V-235029"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-235029r622137_rule" weight="10.0" severity="medium"><version>SLES-15-040410</version><title>All SUSE operating system files and directories must have a valid group owner.</title><description>&lt;VulnDiscussion&gt;Files without a valid group owner may be unintentionally inherited if a group is assigned the same Group Identifier (GID) as the GID of the files without a valid group owner.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001230</ident><fixtext fixref="F-38180r619357_fix">Either remove all files and directories from the SUSE operating system that do not have a valid group, or assign a valid group to all files and directories on the system with the "chgrp" command:
 
-&gt; sudo chgrp &lt;group&gt; &lt;file&gt;</fixtext><fix id="F-38180r619357_fix" /><check system="C-38217r619356_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify all SUSE operating system files and directories on the system have a valid group.
+&gt; sudo chgrp &lt;group&gt; &lt;file&gt;</fixtext><fix id="F-38180r619357_fix" /><check system="C-38217r619356_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify all SUSE operating system files and directories on the system have a valid group.
 
 Check the owner of all files and directories with the following command:
 
@@ -4295,7 +4295,7 @@ If any files on the system do not have an assigned group, this is a finding.</ch
 
 Add or edit the "UMASK" parameter in the "/etc/login.defs" file to match the example below:
 
-UMASK 077</fixtext><fix id="F-38181r619360_fix" /><check system="C-38218r619359_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system defines default permissions for all authenticated users in such a way that the users can only read and modify their own files. 
+UMASK 077</fixtext><fix id="F-38181r619360_fix" /><check system="C-38218r619359_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system defines default permissions for all authenticated users in such a way that the users can only read and modify their own files. 
 
 Check the system default permissions with the following command:
 
@@ -4313,7 +4313,7 @@ Add or edit the following lines in the "/etc/sysconfig/displaymanager"
 configuration file:
 
 DISPLAYMANAGER_AUTOLOGIN=""
-DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"</fixtext><fix id="F-38182r619363_fix" /><check system="C-38219r619362_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
+DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"</fixtext><fix id="F-38182r619363_fix" /><check system="C-38219r619362_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Note: If a graphical user interface is not installed, this requirement is Not Applicable.
 
 Verify the SUSE operating system does not allow unattended or automatic logon via the GUI.
 
@@ -4334,7 +4334,7 @@ If parameter is not set to "no", this is a finding.</check-content></check></Rul
 Add or edit the following lines in the "/etc/ssh/sshd_config" file:
 
 PermitEmptyPasswords no
-PermitUserEnvironment no</fixtext><fix id="F-38183r619366_fix" /><check system="C-38220r619365_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the SUSE operating system disables unattended or automatic logon via SSH.
+PermitUserEnvironment no</fixtext><fix id="F-38183r619366_fix" /><check system="C-38220r619365_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the SUSE operating system disables unattended or automatic logon via SSH.
 
 Check that unattended or automatic logon via SSH is disabled with the following command:
 
@@ -4352,7 +4352,7 @@ Edit the /etc/sudoers file with the following command:
 &gt; sudo visudo
 
 Add or modify the following line:
-@includedir /etc/sudoers.d</fixtext><fix id="F-55114r833005_fix" /><check system="C-55160r833004_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Note: If the "include" and "includedir" directives are not present in the /etc/sudoers file, this requirement is not applicable.
+@includedir /etc/sudoers.d</fixtext><fix id="F-55114r833005_fix" /><check system="C-55160r833004_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Note: If the "include" and "includedir" directives are not present in the /etc/sudoers file, this requirement is not applicable.
 
 Verify the operating system specifies only the default "include" directory for the /etc/sudoers file with the following command:
 
@@ -4375,7 +4375,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
 Check the configuration of the "/etc/ pam.d/sudo" file with the following command:
 $ sudo vi /etc/pam.d/sudo
 
-Remove any occurrences of "pam_succeed_if" in the file.</fixtext><fix id="F-55115r854273_fix" /><check system="C-55161r854272_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the operating system is not be configured to bypass password requirements for privilege escalation.
+Remove any occurrences of "pam_succeed_if" in the file.</fixtext><fix id="F-55115r854273_fix" /><check system="C-55161r854272_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system is not be configured to bypass password requirements for privilege escalation.
 
 Check the configuration of the "/etc/pam.d/sudo" file with the following command:
 
@@ -4386,7 +4386,7 @@ If any occurrences of "pam_succeed_if" are returned from the command, this is a
 Perform a password reset:
 $ sudo passwd [username]
 Lock an account:
-$ sudo passwd -l [username]</fixtext><fix id="F-55116r809486_fix" /><check system="C-55162r809485_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Check the "/etc/shadow" file for blank passwords with the following command:
+$ sudo passwd -l [username]</fixtext><fix id="F-55116r809486_fix" /><check system="C-55162r809485_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Check the "/etc/shadow" file for blank passwords with the following command:
 
 $ sudo awk -F: '!$2 {print $1}' /etc/shadow
 
@@ -4398,7 +4398,7 @@ The system will attempt to use the first algorithm presented by the client that
 
 Restart the "sshd" service for changes to take effect:
 
-     $ sudo systemctl restart sshd</fixtext><fix id="F-59540r880960_fix" /><check system="C-59597r880959_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:
+     $ sudo systemctl restart sshd</fixtext><fix id="F-59540r880960_fix" /><check system="C-59597r880959_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:
 
      $ sudo grep -i kexalgorithms /etc/ssh/sshd_config
      KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
@@ -4419,7 +4419,7 @@ Remove any configurations that conflict with the above from the following locati
 
 Reload settings from all system configuration files with the following command:
 
-     $ sudo sysctl --system</fixtext><fix id="F-59541r880963_fix" /><check system="C-59598r880962_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:
+     $ sudo sysctl --system</fixtext><fix id="F-59541r880963_fix" /><check system="C-59598r880962_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:
 
      $ sudo sysctl kernel.dmesg_restrict
      kernel.dmesg_restrict = 1
@@ -4457,7 +4457,7 @@ Example output:
        Removed files:                1
        Changed files:                0
 
-Done.</fixtext><fix id="F-59542r880966_fix" /><check system="C-59599r880965_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.
+Done.</fixtext><fix id="F-59542r880966_fix" /><check system="C-59599r880965_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.
 
 Check that the AIDE package is installed with the following command:
      $ sudo zypper if aide | grep "Installed"
@@ -4476,7 +4476,7 @@ Temporary accounts are different from emergency accounts. Emergency accounts, al
 
 The automatic expiration of temporary accounts may be extended as needed by the circumstances but it must not be extended indefinitely. A documented permanent account should be established for privileged users who need long-term maintenance accounts.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001682</ident><fixtext fixref="F-60602r902845_fix">Configure the operating system to expire temporary accounts after 72 hours with the following command:
 
-     &gt; sudo chage -E $(date -d +3days +%Y-%m-%d) &lt;temporary_account_name&gt;</fixtext><fix id="F-60602r902845_fix" /><check system="C-60660r902844_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify temporary accounts have been provisioned with an expiration date of 72 hours.
+     &gt; sudo chage -E $(date -d +3days +%Y-%m-%d) &lt;temporary_account_name&gt;</fixtext><fix id="F-60602r902845_fix" /><check system="C-60660r902844_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify temporary accounts have been provisioned with an expiration date of 72 hours.
 
 For every existing temporary account, run the following command to obtain its account expiration information:
 
@@ -4487,7 +4487,7 @@ If any temporary accounts have no expiration date set or do not expire within 72
 
 Detecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Server 15</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Server 15</dc:subject><dc:identifier>5274</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001744</ident><fixtext fixref="F-60603r902848_fix">Install the "mailx" package on the system:
 
-     &gt; sudo zypper install mailx</fixtext><fix id="F-60603r902848_fix" /><check system="C-60661r902847_chk"><check-content-ref href="SUSE_Linux_Enterprise_Server_15_STIG.xml" name="M" /><check-content>Verify that the operating system is configured to allow sending email notifications.
+     &gt; sudo zypper install mailx</fixtext><fix id="F-60603r902848_fix" /><check system="C-60661r902847_chk"><check-content-ref href="U_SLES_15_STIG_V1R11_Manual-xccdf.xml" name="M" /><check-content>Verify that the operating system is configured to allow sending email notifications.
 
 Note: The "mailx" package provides the "mail" command that is used to send email messages.
 

From 58719906e3b49f4576c00390c12c99ca738f5941 Mon Sep 17 00:00:00 2001
From: Christian Hagenest <christian.hagenest@suse.com>
Date: Tue, 5 Dec 2023 10:26:38 +0100
Subject: [PATCH 3/3] Update DISA STIG versions in SLE STIG profiles

---
 products/sle12/profiles/stig.profile | 4 ++--
 products/sle15/profiles/stig.profile | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/products/sle12/profiles/stig.profile b/products/sle12/profiles/stig.profile
index d11e013f0af..b64161046e6 100644
--- a/products/sle12/profiles/stig.profile
+++ b/products/sle12/profiles/stig.profile
@@ -1,7 +1,7 @@
 documentation_complete: true
 
 metadata:
-    version: V2R5
+    version: V2R12
     SMEs:
         - abergmann
 
@@ -11,7 +11,7 @@ title: 'DISA STIG for SUSE Linux Enterprise 12'
 
 description: |-
     This profile contains configuration checks that align to the
-    DISA STIG for SUSE Linux Enterprise 12 V2R5.
+    DISA STIG for SUSE Linux Enterprise 12 V2R12.
 
 selections:
     - sshd_approved_macs=stig
diff --git a/products/sle15/profiles/stig.profile b/products/sle15/profiles/stig.profile
index 165121b6afc..d7ce92a59f5 100644
--- a/products/sle15/profiles/stig.profile
+++ b/products/sle15/profiles/stig.profile
@@ -1,7 +1,7 @@
 documentation_complete: true
 
 metadata:
-    version: V1R4
+    version: V1R11
     SMEs:
         - abergmann
 
@@ -11,7 +11,7 @@ title: 'DISA STIG for SUSE Linux Enterprise 15'
 
 description: |-
     This profile contains configuration checks that align to the
-    DISA STIG for SUSE Linux Enterprise 15 V1R4.
+    DISA STIG for SUSE Linux Enterprise 15 V1R11.
 
 
 selections: