From 48c8e8b199b807d9c13e9dcfb922cbf646478a72 Mon Sep 17 00:00:00 2001
From: svet-se <svetlin.boychev@suse.com>
Date: Mon, 11 May 2026 15:53:11 +0300
Subject: [PATCH 1/5] Update SLEM5 STIG version to V1R4

---
 products/slmicro5/profiles/stig.profile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/products/slmicro5/profiles/stig.profile b/products/slmicro5/profiles/stig.profile
index 33560c324eee..0f986168ec6f 100644
--- a/products/slmicro5/profiles/stig.profile
+++ b/products/slmicro5/profiles/stig.profile
@@ -1,7 +1,7 @@
 documentation_complete: true
 
 metadata:
-    version: V1R3
+    version: V1R4
     SMEs:
         - svet-se
         - rumch-se
@@ -13,7 +13,7 @@ title: 'DISA STIG for SUSE Linux Enterprise Micro (SLEM) 5'
 
 description: |-
     This profile contains configuration checks that align to the
-    DISA STIG for SUSE Linux Enterprise Micro (SLEM) 5 V1R3.
+    DISA STIG for SUSE Linux Enterprise Micro (SLEM) 5 V1R4.
 
 selections:
     - stig_slmicro5:all

From 74e238a8a1a44629e0d1247563bffcb24a4b47b4 Mon Sep 17 00:00:00 2001
From: svet-se <svetlin.boychev@suse.com>
Date: Mon, 11 May 2026 15:54:24 +0300
Subject: [PATCH 2/5] Update SLEM5 STIG manual version to V1R4

---
 ... disa-stig-slmicro5-v1r4-xccdf-manual.xml} | 372 +++++++++---------
 1 file changed, 192 insertions(+), 180 deletions(-)
 rename shared/references/{disa-stig-slmicro5-v1r3-xccdf-manual.xml => disa-stig-slmicro5-v1r4-xccdf-manual.xml} (81%)

diff --git a/shared/references/disa-stig-slmicro5-v1r3-xccdf-manual.xml b/shared/references/disa-stig-slmicro5-v1r4-xccdf-manual.xml
similarity index 81%
rename from shared/references/disa-stig-slmicro5-v1r3-xccdf-manual.xml
rename to shared/references/disa-stig-slmicro5-v1r4-xccdf-manual.xml
index d53d2389953f..c9a0f7b34df2 100644
--- a/shared/references/disa-stig-slmicro5-v1r3-xccdf-manual.xml
+++ b/shared/references/disa-stig-slmicro5-v1r4-xccdf-manual.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?><?xml-stylesheet type='text/xsl' href='STIG_unclass.xsl'?><Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="SLEM_5_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2025-11-20">accepted</status><title>SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 3 Benchmark Date: 05 Jan 2026</plain-text><plain-text id="generator">3.5.2</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>1</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261264" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Group id="V-261263"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261263r1155781_rule" weight="10.0" severity="high"><version>SLEM-05-211010</version><title>SLEM 5 must be a vendor-supported release.</title><description>&lt;VulnDiscussion&gt;A SLEM 5 release is considered supported if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
+<?xml version="1.0" encoding="utf-8"?><?xml-stylesheet type='text/xsl' href='STIG_unclass.xsl'?><Benchmark xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0 http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd" id="SLEM_5_STIG" xml:lang="en" xmlns="http://checklists.nist.gov/xccdf/1.1"><status date="2026-02-10">accepted</status><title>SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide</title><description>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</description><notice id="terms-of-use" xml:lang="en"></notice><front-matter xml:lang="en"></front-matter><rear-matter xml:lang="en"></rear-matter><reference href="https://cyber.mil"><dc:publisher>DISA</dc:publisher><dc:source>STIG.DOD.MIL</dc:source></reference><plain-text id="release-info">Release: 4 Benchmark Date: 01 Apr 2026</plain-text><plain-text id="generator">3.5.2</plain-text><plain-text id="conventionsVersion">1.10.0</plain-text><version>1</version><Profile id="MAC-1_Classified"><title>I - Mission Critical Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-1_Public"><title>I - Mission Critical Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-1_Sensitive"><title>I - Mission Critical Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-2_Classified"><title>II - Mission Support Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-2_Public"><title>II - Mission Support Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-2_Sensitive"><title>II - Mission Support Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-3_Classified"><title>III - Administrative Classified</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-3_Public"><title>III - Administrative Public</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Profile id="MAC-3_Sensitive"><title>III - Administrative Sensitive</title><description>&lt;ProfileDescription&gt;&lt;/ProfileDescription&gt;</description><select idref="V-261263" selected="true" /><select idref="V-261265" selected="true" /><select idref="V-261266" selected="true" /><select idref="V-261267" selected="true" /><select idref="V-261268" selected="true" /><select idref="V-261269" selected="true" /><select idref="V-261270" selected="true" /><select idref="V-261271" selected="true" /><select idref="V-261272" selected="true" /><select idref="V-261273" selected="true" /><select idref="V-261274" selected="true" /><select idref="V-261275" selected="true" /><select idref="V-261276" selected="true" /><select idref="V-261277" selected="true" /><select idref="V-261278" selected="true" /><select idref="V-261279" selected="true" /><select idref="V-261280" selected="true" /><select idref="V-261281" selected="true" /><select idref="V-261282" selected="true" /><select idref="V-261283" selected="true" /><select idref="V-261284" selected="true" /><select idref="V-261285" selected="true" /><select idref="V-261286" selected="true" /><select idref="V-261287" selected="true" /><select idref="V-261288" selected="true" /><select idref="V-261289" selected="true" /><select idref="V-261290" selected="true" /><select idref="V-261291" selected="true" /><select idref="V-261292" selected="true" /><select idref="V-261293" selected="true" /><select idref="V-261294" selected="true" /><select idref="V-261295" selected="true" /><select idref="V-261296" selected="true" /><select idref="V-261297" selected="true" /><select idref="V-261298" selected="true" /><select idref="V-261299" selected="true" /><select idref="V-261300" selected="true" /><select idref="V-261301" selected="true" /><select idref="V-261302" selected="true" /><select idref="V-261303" selected="true" /><select idref="V-261304" selected="true" /><select idref="V-261305" selected="true" /><select idref="V-261306" selected="true" /><select idref="V-261307" selected="true" /><select idref="V-261308" selected="true" /><select idref="V-261309" selected="true" /><select idref="V-261310" selected="true" /><select idref="V-261311" selected="true" /><select idref="V-261312" selected="true" /><select idref="V-261313" selected="true" /><select idref="V-261314" selected="true" /><select idref="V-261315" selected="true" /><select idref="V-261316" selected="true" /><select idref="V-261317" selected="true" /><select idref="V-261318" selected="true" /><select idref="V-261319" selected="true" /><select idref="V-261320" selected="true" /><select idref="V-261321" selected="true" /><select idref="V-261322" selected="true" /><select idref="V-261323" selected="true" /><select idref="V-261324" selected="true" /><select idref="V-261325" selected="true" /><select idref="V-261326" selected="true" /><select idref="V-261327" selected="true" /><select idref="V-261328" selected="true" /><select idref="V-261329" selected="true" /><select idref="V-261330" selected="true" /><select idref="V-261331" selected="true" /><select idref="V-261332" selected="true" /><select idref="V-261333" selected="true" /><select idref="V-261334" selected="true" /><select idref="V-261335" selected="true" /><select idref="V-261336" selected="true" /><select idref="V-261337" selected="true" /><select idref="V-261338" selected="true" /><select idref="V-261339" selected="true" /><select idref="V-261340" selected="true" /><select idref="V-261341" selected="true" /><select idref="V-261342" selected="true" /><select idref="V-261343" selected="true" /><select idref="V-261344" selected="true" /><select idref="V-261345" selected="true" /><select idref="V-261346" selected="true" /><select idref="V-261347" selected="true" /><select idref="V-261348" selected="true" /><select idref="V-261349" selected="true" /><select idref="V-261350" selected="true" /><select idref="V-261351" selected="true" /><select idref="V-261352" selected="true" /><select idref="V-261353" selected="true" /><select idref="V-261354" selected="true" /><select idref="V-261355" selected="true" /><select idref="V-261356" selected="true" /><select idref="V-261357" selected="true" /><select idref="V-261358" selected="true" /><select idref="V-261359" selected="true" /><select idref="V-261360" selected="true" /><select idref="V-261361" selected="true" /><select idref="V-261363" selected="true" /><select idref="V-261364" selected="true" /><select idref="V-261365" selected="true" /><select idref="V-261367" selected="true" /><select idref="V-261368" selected="true" /><select idref="V-261369" selected="true" /><select idref="V-261370" selected="true" /><select idref="V-261371" selected="true" /><select idref="V-261372" selected="true" /><select idref="V-261373" selected="true" /><select idref="V-261374" selected="true" /><select idref="V-261375" selected="true" /><select idref="V-261376" selected="true" /><select idref="V-261377" selected="true" /><select idref="V-261378" selected="true" /><select idref="V-261379" selected="true" /><select idref="V-261380" selected="true" /><select idref="V-261381" selected="true" /><select idref="V-261382" selected="true" /><select idref="V-261383" selected="true" /><select idref="V-261384" selected="true" /><select idref="V-261385" selected="true" /><select idref="V-261386" selected="true" /><select idref="V-261387" selected="true" /><select idref="V-261388" selected="true" /><select idref="V-261389" selected="true" /><select idref="V-261390" selected="true" /><select idref="V-261391" selected="true" /><select idref="V-261392" selected="true" /><select idref="V-261393" selected="true" /><select idref="V-261394" selected="true" /><select idref="V-261395" selected="true" /><select idref="V-261396" selected="true" /><select idref="V-261397" selected="true" /><select idref="V-261398" selected="true" /><select idref="V-261399" selected="true" /><select idref="V-261400" selected="true" /><select idref="V-261401" selected="true" /><select idref="V-261402" selected="true" /><select idref="V-261403" selected="true" /><select idref="V-261404" selected="true" /><select idref="V-261405" selected="true" /><select idref="V-261406" selected="true" /><select idref="V-261407" selected="true" /><select idref="V-261408" selected="true" /><select idref="V-261409" selected="true" /><select idref="V-261410" selected="true" /><select idref="V-261411" selected="true" /><select idref="V-261412" selected="true" /><select idref="V-261413" selected="true" /><select idref="V-261414" selected="true" /><select idref="V-261415" selected="true" /><select idref="V-261416" selected="true" /><select idref="V-261417" selected="true" /><select idref="V-261418" selected="true" /><select idref="V-261419" selected="true" /><select idref="V-261420" selected="true" /><select idref="V-261421" selected="true" /><select idref="V-261422" selected="true" /><select idref="V-261423" selected="true" /><select idref="V-261424" selected="true" /><select idref="V-261425" selected="true" /><select idref="V-261426" selected="true" /><select idref="V-261427" selected="true" /><select idref="V-261428" selected="true" /><select idref="V-261429" selected="true" /><select idref="V-261430" selected="true" /><select idref="V-261431" selected="true" /><select idref="V-261432" selected="true" /><select idref="V-261433" selected="true" /><select idref="V-261434" selected="true" /><select idref="V-261435" selected="true" /><select idref="V-261436" selected="true" /><select idref="V-261437" selected="true" /><select idref="V-261438" selected="true" /><select idref="V-261439" selected="true" /><select idref="V-261440" selected="true" /><select idref="V-261441" selected="true" /><select idref="V-261442" selected="true" /><select idref="V-261443" selected="true" /><select idref="V-261444" selected="true" /><select idref="V-261445" selected="true" /><select idref="V-261446" selected="true" /><select idref="V-261447" selected="true" /><select idref="V-261448" selected="true" /><select idref="V-261449" selected="true" /><select idref="V-261450" selected="true" /><select idref="V-261451" selected="true" /><select idref="V-261452" selected="true" /><select idref="V-261453" selected="true" /><select idref="V-261454" selected="true" /><select idref="V-261455" selected="true" /><select idref="V-261456" selected="true" /><select idref="V-261457" selected="true" /><select idref="V-261458" selected="true" /><select idref="V-261459" selected="true" /><select idref="V-261460" selected="true" /><select idref="V-261461" selected="true" /><select idref="V-261462" selected="true" /><select idref="V-261463" selected="true" /><select idref="V-261464" selected="true" /><select idref="V-261465" selected="true" /><select idref="V-261466" selected="true" /><select idref="V-261467" selected="true" /><select idref="V-261468" selected="true" /><select idref="V-261469" selected="true" /><select idref="V-261470" selected="true" /><select idref="V-261471" selected="true" /><select idref="V-261472" selected="true" /><select idref="V-261473" selected="true" /></Profile><Group id="V-261263"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261263r1155781_rule" weight="10.0" severity="high"><version>SLEM-05-211010</version><title>SLEM 5 must be a vendor-supported release.</title><description>&lt;VulnDiscussion&gt;A SLEM 5 release is considered supported if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
 
 End Of Life dates for SUSE Linux Micro releases are as follows:
 Service Pack Release	Release Date	General Support Ends
@@ -18,9 +18,7 @@ If the system requires Long-Term Service Pack Support (LTSS), obtain the correct
      VERSION="5.5"
      ...
 
-If the installed version of SLEM 5 is not supported, this is a finding.</check-content></check></Rule></Group><Group id="V-261264"><title>SRG-OS-000191-GPOS-00080</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261264r995659_rule" weight="10.0" severity="medium"><version>SLEM-05-211015</version><title>SLEM 5 must implement an endpoint security tool.</title><description>&lt;VulnDiscussion&gt;Adding endpoint security tools can provide the capability to automatically take actions in response to malicious behavior, which can provide additional agility in reacting to network threats. These tools also often include a reporting capability to provide network awareness of the system, which may not otherwise exist in an organization's systems management regime.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001233</ident><fixtext fixref="F-64901r995658_fix">Install and enable an endpoint security tool.</fixtext><fix id="F-64901r995658_fix" /><check system="C-64993r995657_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that SLEM 5 has implemented an endpoint security tool.
-
-If no endpoint security tool is present and enabled on the system, this is a finding.</check-content></check></Rule></Group><Group id="V-261265"><title>SRG-OS-000023-GPOS-00006</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261265r996289_rule" weight="10.0" severity="medium"><version>SLEM-05-211020</version><title>SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner before granting any local or remote connection to the system.</title><description>&lt;VulnDiscussion&gt;Display of a standardized and approved use notification before granting access to SLEM 5 ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+If the installed version of SLEM 5 is not supported, this is a finding.</check-content></check></Rule></Group><Group id="V-261265"><title>SRG-OS-000023-GPOS-00006</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261265r996289_rule" weight="10.0" severity="medium"><version>SLEM-05-211020</version><title>SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner before granting any local or remote connection to the system.</title><description>&lt;VulnDiscussion&gt;Display of a standardized and approved use notification before granting access to SLEM 5 ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
 
 System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.
 
@@ -119,9 +117,9 @@ Verify that SLEM 5 has set an encrypted root password with the following command
      &gt; sudo cat /boot/grub2/grub.cfg | grep -i password 
      password_pbkdf2 root grub.pbkdf2.sha512.10000.03255F190F0E2F7B4F0D1C3216012309162F022A7A636771
 
-If the root password entry does not begin with "password_pbkdf2", this is a finding.</check-content></check></Rule></Group><Group id="V-261268"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261268r1137691_rule" weight="10.0" severity="high"><version>SLEM-05-212015</version><title>SLEM 5 with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system allows a user to boot into single-user or maintenance mode without authentication, any user that invokes single-user or maintenance mode is granted privileged access to all system information.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-64905r996297_fix">Note: If the system does not use UEFI, this requirement is not applicable.
+If the root password entry does not begin with "password_pbkdf2", this is a finding.</check-content></check></Rule></Group><Group id="V-261268"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261268r1184366_rule" weight="10.0" severity="high"><version>SLEM-05-212015</version><title>SLEM 5 with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system allows a user to boot into single-user or maintenance mode without authentication, any user that invokes single-user or maintenance mode is granted privileged access to all system information.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-64905r1184365_fix">Note: If the system does not use UEFI, this requirement is not applicable.
 
-Configure SLEM 5 to encrypt the boot password.
+Configure SLEM 5 to encrypt the GRUB bootloader password.
 
 Generate an encrypted GRUB bootloader password for root with the following command:
 
@@ -132,21 +130,21 @@ Generate an encrypted GRUB bootloader password for root with the following comma
 
 Using the hash from the output, modify the "/etc/grub.d/40_custom" file and add the following two lines to add a boot password for the root entry:
 
-     set superusers="rooty"
+     set superusers="root"
      password_pbkdf2 root grub.pbkdf2.sha512.03255F190F0E2F7B4F0D1C3216012309162F022A7A636771
 
 Generate an updated "grub.conf" file with the new password using the following commands:
 
      &gt; sudo grub2-mkconfig --output=/tmp/grub2.cfg
 
-     &gt; sudo mv /tmp/grub2.cfg /boot/efi/EFI/BOOT/grub.cfg</fixtext><fix id="F-64905r996297_fix" /><check system="C-64997r996296_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Note: If the system does not use UEFI, this requirement is not applicable.
+     &gt; sudo mv /tmp/grub2.cfg /boot/efi/EFI/BOOT/grub.cfg</fixtext><fix id="F-64905r1184365_fix" /><check system="C-64997r1184364_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Note: If the system does not use UEFI, this requirement is not applicable.
 
-Verify that SLEM 5 has set an encrypted root password with the following command:
+Verify that SLEM 5 has set an encrypted GRUB bootloader password with the following command:
 
      &gt; sudo cat /boot/efi/EFI/BOOT/grub.cfg | grep -i password 
      password_pbkdf2 root grub.pbkdf2.sha512.10000.03255F190F0E2F7B4F0D1C3216012309162F022A7A636771
 
-If the root password entry does not begin with "password_pbkdf2", this is a finding.</check-content></check></Rule></Group><Group id="V-261269"><title>SRG-OS-000138-GPOS-00069</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261269r1137695_rule" weight="10.0" severity="medium"><version>SLEM-05-213010</version><title>SLEM 5 must restrict access to the kernel message buffer.</title><description>&lt;VulnDiscussion&gt;Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a nonprivileged user.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001090</ident><fixtext fixref="F-64906r996300_fix">Configure SLEM 5 to restrict access to the kernel message buffer.
+If the GRUB bootloader password entry does not begin with "password_pbkdf2", this is a finding.</check-content></check></Rule></Group><Group id="V-261269"><title>SRG-OS-000138-GPOS-00069</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261269r1137695_rule" weight="10.0" severity="medium"><version>SLEM-05-213010</version><title>SLEM 5 must restrict access to the kernel message buffer.</title><description>&lt;VulnDiscussion&gt;Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a nonprivileged user.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001090</ident><fixtext fixref="F-64906r996300_fix">Configure SLEM 5 to restrict access to the kernel message buffer.
 
 Set the system to the required kernel parameter by adding or modifying the following line in /etc/sysctl.conf or a config file in the /etc/sysctl.d/ directory:
 
@@ -246,20 +244,21 @@ If the patch repository data is corrupt, check that the available package securi
      2023-09-25 12:23:26 | install | cockpit-storaged | 298-150500.1.4
      2023-09-25 12:23:26 | install | cockpit-selinux | 298-150500.1.4
 
-If SLEM 5 has not been patched within the site or PMO frequency, this is a finding.</check-content></check></Rule></Group><Group id="V-261274"><title>SRG-OS-000366-GPOS-00153</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261274r996312_rule" weight="10.0" severity="high"><version>SLEM-05-214015</version><title>The SLEM 5 tool zypper must have gpgcheck enabled.</title><description>&lt;VulnDiscussion&gt;Changes to any software components can have significant effects on the overall security of SLEM 5. This requirement ensures the software has not been tampered with and has been provided by a trusted vendor.
+If SLEM 5 has not been patched within the site or PMO frequency, this is a finding.</check-content></check></Rule></Group><Group id="V-261274"><title>SRG-OS-000366-GPOS-00153</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261274r1186206_rule" weight="10.0" severity="high"><version>SLEM-05-214015</version><title>The SLEM 5 tool zypper must have gpgcheck enabled.</title><description>&lt;VulnDiscussion&gt;Changes to any software components can have significant effects on the overall security of SLEM 5. This requirement ensures the software has not been tampered with and has been provided by a trusted vendor.
 
 Accordingly, patches, service packs, device drivers, or SLEM 5 components must be signed with a certificate recognized and approved by the organization.
 
-Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. SLEM 5 should not have to verify the software again. This requirement does not mandate DOD certificates for this purpose; however, the certificate used to verify the software must be from an approved Certification Authority (CA).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001749</ident><fixtext fixref="F-64911r995688_fix">Configure that SLEM 5 tool zypper to enable gpgcheck.
+Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. SLEM 5 should not have to verify the software again. This requirement does not mandate DOD certificates for this purpose; however, the certificate used to verify the software must be from an approved Certification Authority (CA).
 
-Add or modify the following line in the "/etc/zypp/zypp.conf" file:
-
-gpgcheck = on</fixtext><fix id="F-64911r995688_fix" /><check system="C-65003r995687_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that SLEM 5 tool zypper has gpgcheck enabled with the following command: 
+For zypper on SUSE Linux Enterprise systems, GPG signature checking is enabled by default for all repositories, even if it's not explicitly set in /etc/zypp/zypp.conf or individual .repo files. The presence of the gpgcheck setting in repository files (like gpgcheck=1) or a global zypp.conf entry would override this default behavior if the user wanted to disable it (e.g., gpgcheck=0), but its absence simply means the default is in effect.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001749</ident><fixtext fixref="F-64911r1186206_fix">Configure the SLEM 5 tool zypper to enable gpgcheck.
+
+Add or modify the following line in the "/etc/zypp/zypp.conf" file or remove the line completely, ensuring the default zypper setting is enabled:
+
+gpgcheck = on</fixtext><fix id="F-64911r1186206_fix" /><check system="C-65003r1184367_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the SLEM 5 tool zypper has gpgcheck enabled with the following command: 
 
      &gt; grep -i '^gpgcheck' /etc/zypp/zypp.conf
-     gpgcheck = on
 
-If "gpgcheck" is not set to "on", is commented out, or missing, this is a finding.</check-content></check></Rule></Group><Group id="V-261275"><title>SRG-OS-000437-GPOS-00194</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261275r996314_rule" weight="10.0" severity="medium"><version>SLEM-05-214020</version><title>SLEM 5 must remove all outdated software components after updated versions have been installed.</title><description>&lt;VulnDiscussion&gt;Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002617</ident><fixtext fixref="F-64912r995691_fix">Configure SLEM 5 to remove all outdated software components after an update.
+If "gpgcheck" is set to "off", this is a finding.</check-content></check></Rule></Group><Group id="V-261275"><title>SRG-OS-000437-GPOS-00194</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261275r996314_rule" weight="10.0" severity="medium"><version>SLEM-05-214020</version><title>SLEM 5 must remove all outdated software components after updated versions have been installed.</title><description>&lt;VulnDiscussion&gt;Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-002617</ident><fixtext fixref="F-64912r995691_fix">Configure SLEM 5 to remove all outdated software components after an update.
 
 Add or modify the following line in the "/etc/zypp/zypp.conf" file:
 
@@ -295,14 +294,14 @@ Check that the telnet-server package is not installed on SLEM 5 by running the f
 
      &gt; sudo zypper se telnet-server | grep Installed
 
-If the telnet-server package is installed, this is a finding.</check-content></check></Rule></Group><Group id="V-261278"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261278r996320_rule" weight="10.0" severity="medium"><version>SLEM-05-231010</version><title>A separate file system must be used for SLEM 5 user home directories (such as /home or an equivalent).</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64915r995700_fix">Create a separate file system/partition for SLEM 5 nonprivileged local interactive user home directories.
+If the telnet-server package is installed, this is a finding.</check-content></check></Rule></Group><Group id="V-261278"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261278r1184371_rule" weight="10.0" severity="medium"><version>SLEM-05-231010</version><title>A separate file system must be used for SLEM 5 user home directories (such as /home or an equivalent).</title><description>&lt;VulnDiscussion&gt;The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64915r995700_fix">Create a separate file system/partition for SLEM 5 nonprivileged local interactive user home directories.
 
-Migrate the nonprivileged local interactive user home directories onto the separate file system/partition.</fixtext><fix id="F-64915r995700_fix" /><check system="C-65007r996319_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that a separate file system/partition has been created for SLEM 5 nonprivileged local interactive users (those with a UID greater than 1000) home directories with the following command:
+Migrate the nonprivileged local interactive user home directories onto the separate file system/partition.</fixtext><fix id="F-64915r995700_fix" /><check system="C-65007r1184370_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that a separate file system/partition has been created for SLEM 5 nonprivileged local interactive users (those with a UID greater than 1000) home directories with the following command:
 
      &gt; awk -F: '($3&gt;=1000)&amp;&amp;($7 !~ /nologin/){print $1, $3, $6, $7}' /etc/passwd
-     adamsj 1002 /home/adamsj /bin/bash
-     jacksonm 1003 /home/jacksonm /bin/bash
-     smithj 1001 /home/smithj /bin/bash
+     disauser 1002 /home/disauser /bin/bash
+     dosuser 1003 /home/dosuser /bin/bash
+     dosuser 1001 /home/dosuser /bin/bash
 
 The output of the command will give the directory/partition that contains the home directories for the nonprivileged users on the system (in this example, /home) and user's shell. All accounts with a valid shell (such as /bin/bash) are considered interactive users.
 
@@ -344,47 +343,47 @@ If a file system found in "/etc/fstab" refers to NFS and it does not have the "n
      &gt; more /etc/fstab
      UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat noauto,owner,ro,nosuid 0 0
 
-If a file system found in "/etc/fstab" refers to removable media and does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-261284"><title>SRG-OS-000185-GPOS-00079</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261284r996864_rule" weight="10.0" severity="high"><version>SLEM-05-231040</version><title>All SLEM 5 persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection.</title><description>&lt;VulnDiscussion&gt;SLEM 5 handling data requiring data-at-rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.
+If a file system found in "/etc/fstab" refers to removable media and does not have the "nosuid" option set, this is a finding.</check-content></check></Rule></Group><Group id="V-261284"><title>SRG-OS-000185-GPOS-00079</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261284r1184374_rule" weight="10.0" severity="high"><version>SLEM-05-231040</version><title>All SLEM 5 persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection.</title><description>&lt;VulnDiscussion&gt;SLEM 5 handling data requiring data-at-rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.
 
-Selection of a cryptographic mechanism is based on the need to protect the integrity of organizational information. The strength of the mechanism is commensurate with the security category and/or classification of the information. Organizations have the flexibility to either encrypt all information on storage devices (i.e., full disk encryption) or encrypt specific data structures (e.g., files, records, or fields).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001199</ident><ident system="http://cyber.mil/cci">CCI-002475</ident><ident system="http://cyber.mil/cci">CCI-002476</ident><fixtext fixref="F-64921r996332_fix">Configure SLEM 5 to prevent unauthorized modification of all information at rest by using disk encryption. 
+Selection of a cryptographic mechanism is based on the need to protect the integrity of organizational information. The strength of the mechanism is commensurate with the security category and/or classification of the information. Organizations have the flexibility to either encrypt all information on storage devices (i.e., full disk encryption) or encrypt specific data structures (e.g., files, records, or fields).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001199</ident><ident system="http://cyber.mil/cci">CCI-002475</ident><ident system="http://cyber.mil/cci">CCI-002476</ident><fixtext fixref="F-64921r1184373_fix">Configure SLEM 5 to prevent unauthorized modification of all information at rest by using disk encryption. 
 
 Encrypting a partition in an already-installed system is more difficult because of the need to resize and change existing partitions. To encrypt an entire partition, dedicate a partition for encryption in the partition layout. The standard partitioning proposal as suggested by YaST (installation and configuration tool for Linux) does not include an encrypted partition by default. Add it manually in the partitioning dialog.
 
 The following set of commands will switch SLEM 5 to work in FIPS mode:
 
-     &gt;sudo transactional-update pkg install -t pattern microos-fips
+     &gt; sudo transactional-update pkg install -t pattern microos-fips
 
-     &gt;reboot
+     &gt; reboot
 
- Add of modify the following line in the "/etc/default/grub" file to include "fips=1":
+Add or modify the following line in the "/etc/default/grub" file to include "fips=1":
 
 GRUB_CMDLINE_LINUX_DEFAULT="splash=silent swapaccount=1 apparmor=0 mitigations=auto quiet crashkernel=195M,high crashkernel=72M,low fips=1"
 
-     &gt;sudo transactional-update grub.cfg
+     &gt; sudo transactional-update grub.cfg
 
-     &gt;sudo reboot:</fixtext><fix id="F-64921r996332_fix" /><check system="C-65013r996864_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 prevents unauthorized disclosure or modification of all information requiring at-rest protection by using disk encryption. 
-
-Verify the system partitions are all encrypted with the following commands: 
-
-     &gt; sudo blkid
-     /dev/sda1:  "UUID=26d4a101-7f48-4394-b730-56dc00e65f64" TYPE="crypto_LUKS"
-     /dev/sda2:  "UUID=f5b8a790-14cb-4b82-882d-707d52f27765" TYPE="crypto_LUKS"
-     /dev/sda3:  "UUID=f2d86128-f975-478d-a5b0-25806c900eac" TYPE="crypto_LUKS"
-
-Every persistent disk partition present must be of type "crypto_LUKS". If any partitions other than the boot partition or pseudo file systems (such as /proc or /sys) or temporary file systems (that are tmpfs) are not type "crypto_LUKS", ask the administrator to indicate how the partitions are encrypted. If there is no evidence that these partitions are encrypted, this is a finding.
-
-     &gt; sudo more /etc/crypttab
-     cr_root UUID=26d4a101-7f48-4394-b730-56dc00e65f64
-     cr_home UUID=f5b8a790-14cb-4b82-882d-707d52f27765
-     cr_swap UUID=f2d86128-f975-478d-a5b0-25806c900eac
-
-Every persistent disk partition present on the system must have an entry in the /etc/crypttab file. 
-
-If any partitions other than pseudo file systems (such as /proc or /sys) are not listed or "/etc/crypttab" does not exist, this is a finding.
-
-Verify the system works in FIPS mode with the following command:
-
-     &gt; sudo sysctl - a | grep fips
+     &gt; sudo reboot</fixtext><fix id="F-64921r1184373_fix" /><check system="C-65013r1184372_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 prevents unauthorized disclosure or modification of all information requiring at-rest protection by using disk encryption. 
+
+Verify the system partitions are all encrypted with the following commands: 
+
+     &gt; sudo blkid
+     /dev/sda1:  "UUID=26d4a101-7f48-4394-b730-56dc00e65f64" TYPE="crypto_LUKS"
+     /dev/sda2:  "UUID=f5b8a790-14cb-4b82-882d-707d52f27765" TYPE="crypto_LUKS"
+     /dev/sda3:  "UUID=f2d86128-f975-478d-a5b0-25806c900eac" TYPE="crypto_LUKS"
+
+Every persistent disk partition present must be of type "crypto_LUKS". If any partitions other than the boot partition or pseudo file systems (such as /proc or /sys) or temporary file systems (that are tmpfs) are not type "crypto_LUKS", ask the administrator to indicate how the partitions are encrypted. If there is no evidence that these partitions are encrypted, this is a finding.
+
+     &gt; sudo more /etc/crypttab
+     cr_root UUID=26d4a101-7f48-4394-b730-56dc00e65f64
+     cr_home UUID=f5b8a790-14cb-4b82-882d-707d52f27765
+     cr_swap UUID=f2d86128-f975-478d-a5b0-25806c900eac
+
+Every persistent disk partition present on the system must have an entry in the /etc/crypttab file. 
+
+If any partitions other than pseudo file systems (such as /proc or /sys) are not listed or "/etc/crypttab" does not exist, this is a finding.
+
+Verify the system works in FIPS mode with the following command:
+
+     &gt; sudo sysctl -a | grep fips
      crypto.fips_enabled = 1</check-content></check></Rule></Group><Group id="V-261285"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261285r996838_rule" weight="10.0" severity="medium"><version>SLEM-05-231045</version><title>SLEM 5 file systems that contain user home directories must be mounted to prevent files with the setuid and setgid bit set from being executed.</title><description>&lt;VulnDiscussion&gt;The "nosuid" mount option causes the system to not execute setuid and setgid files with owner privileges. This option must be used for mounting any file system not containing approved setuid and setguid files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64922r995721_fix">Configure SLEM 5 "/etc/fstab" file to use the "nosuid" option on file systems that contain user home directories for interactive users.
 
 Remount the filesystems.
@@ -417,38 +416,43 @@ If it is installed, verify the automounter service is active with the following
           Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)
           Active: inactive (dead)
 
-If the "autofs" status is set to "active" this is a finding.</check-content></check></Rule></Group><Group id="V-261287"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261287r996341_rule" weight="10.0" severity="medium"><version>SLEM-05-232010</version><title>SLEM 5 must have directories that contain system commands set to a mode of 755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+If the "autofs" status is set to "active" this is a finding.</check-content></check></Rule></Group><Group id="V-261287"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261287r1184377_rule" weight="10.0" severity="medium"><version>SLEM-05-232010</version><title>SLEM 5 must have directories that contain system commands set to a mode of 755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
-This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64924r996340_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
+This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64924r1184376_fix">Configure the system command directories to be protected from unauthorized access. 
 
-     &gt; sudo find -L  /usr/local/bin /usr/local/sbin -perm /022 -type f -exec chmod 755 '{}' \;
-     &gt; sudo transactional-update shell
-     &gt; sudo find -L  /bin /sbin /usr/bin /usr/sbin -perm /022 -type f -exec chmod 755 '{}' \;
-     &gt; exit
-     &gt; sudo reboot</fixtext><fix id="F-64924r996340_fix" /><check system="C-65016r996339_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system command directories have mode "755" or less permissive with the following command:
+Run the following command, replacing "[DIRECTORY]" with any library directory with a mode more permissive than 755:
+
+&gt; sudo chmod 755 [DIRECTORY]</fixtext><fix id="F-64924r1184376_fix" /><check system="C-65016r1184375_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the system command directories have mode "755" or less permissive with the following command:
 
-     &gt; find -L  /usr/local/bin /usr/local/sbin -perm /022 -type d -exec stat -c "%n %a" '{}' \;
+     &gt; find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -type d -exec stat -c "%n %a" '{}' \;
 
-If any directories are found to be group-writable or world-writable, this is a finding.</check-content></check></Rule></Group><Group id="V-261288"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261288r996344_rule" weight="10.0" severity="medium"><version>SLEM-05-232015</version><title>SLEM 5 must have system commands set to a mode of 755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+If any directories are found to be group-writable or world-writable, this is a finding.</check-content></check></Rule></Group><Group id="V-261288"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261288r1184380_rule" weight="10.0" severity="medium"><version>SLEM-05-232015</version><title>SLEM 5 must have system commands set to a mode of 755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
-This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64925r996343_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
+This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64925r1184379_fix">Configure the system commands to be protected from unauthorized access. 
+
+If the command requiring a permissions change resides in /usr/local/bin or /usr/local/sbin run the following command:
 
      &gt; sudo find -L  /usr/local/bin /usr/local/sbin -perm /022 -type f -exec chmod 755 '{}' \;
+
+If the command requiring a permissions change resides in /bin, /sbin, /usr/bin, /or usr/sbin run the following commands:
+
      &gt; sudo transactional-update shell
      &gt; sudo find -L  /bin /sbin /usr/bin /usr/sbin -perm /022 -type f -exec chmod 755 '{}' \;
      &gt; exit
-     &gt; sudo reboot</fixtext><fix id="F-64925r996343_fix" /><check system="C-65017r996342_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system command directories have mode "755" or less permissive with the following command:
+     &gt; sudo reboot</fixtext><fix id="F-64925r1184379_fix" /><check system="C-65017r1184378_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system commands have mode "755" or less permissive with the following command:
+
+     &gt; find -L /usr/local/bin /usr/local/sbin -perm /022 -type f -exec stat -c "%n %a" '{}' \;
 
-     &gt; find -L  /usr/local/bin /usr/local/sbin -perm /022 -type d -exec stat -c "%n %a" '{}' \;
+If any files are found to be group-writable or world-writable, this is a finding.</check-content></check></Rule></Group><Group id="V-261289"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261289r1184382_rule" weight="10.0" severity="medium"><version>SLEM-05-232020</version><title>SLEM 5 library directories must have mode 755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
-If any directories are found to be group-writable or world-writable, this is a finding.</check-content></check></Rule></Group><Group id="V-261289"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261289r996347_rule" weight="10.0" severity="medium"><version>SLEM-05-232020</version><title>SLEM 5 library directories must have mode 755 or less permissive.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64926r1184381_fix">Configure the library directories to be protected from unauthorized access. 
 
-This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64926r996346_fix">Configure the library files to be protected from unauthorized access. Run the following command:
+Run the following commands:
 
      &gt; sudo transactional-update shell
-     &gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec chmod 755 '{}' \;
+     &gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec chmod 755 '{}' \;
      &gt; exit
-     &gt; sudo reboot</fixtext><fix id="F-64926r996346_fix" /><check system="C-65018r996345_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode "755" or less permissive with the following command:
+     &gt; sudo reboot</fixtext><fix id="F-64926r1184381_fix" /><check system="C-65018r996345_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" have mode "755" or less permissive with the following command:
 
      &gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec stat -c "%n %a" '{}' \;
 
@@ -465,29 +469,29 @@ Check that the systemwide shared library files have mode 0755 or less permissive
 
      &gt; sudo find /lib /lib64 /usr/lib /usr/lib64 -type f -name '*.so*' -perm /022 -exec stat -c "%n %a" {} +
 
-If any output is returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261291"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261291r996352_rule" weight="10.0" severity="medium"><version>SLEM-05-232030</version><title>All SLEM 5 local interactive user home directories must have mode 750 or less permissive.</title><description>&lt;VulnDiscussion&gt;Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64928r995739_fix">Change the mode of SLEM 5 local interactive user's home directories to "750". To change the mode of a local interactive user's home directory, use the following command:
+If any output is returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261291"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261291r1184385_rule" weight="10.0" severity="medium"><version>SLEM-05-232030</version><title>All SLEM 5 local interactive user home directories must have mode 750 or less permissive.</title><description>&lt;VulnDiscussion&gt;Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64928r1184384_fix">Change the mode of SLEM 5 local interactive user's home directories to "750". To change the mode of a local interactive user's home directory, use the following command:
 
-Note: The example will be for the user "smithj".
+Note: The example will be for the user "dosuser".
 
-     &gt; sudo chmod 750 /home/smithj</fixtext><fix id="F-64928r995739_fix" /><check system="C-65020r996351_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information.
+     &gt; sudo chmod 750 /home/dosuser</fixtext><fix id="F-64928r1184384_fix" /><check system="C-65020r1184383_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information.
 
 Verify the assigned home directory of all SLEM 5 local interactive users has a mode of "750" or less permissive with the following command:
 
      &gt; ls -ld $(awk -F: '($3&gt;=1000)&amp;&amp;($7 !~ /nologin/){print $6}' /etc/passwd)
-     -rwxr-x--- 1 smithj users 18 Mar 5 17:6 /home/smithj
+     -rwxr-x--- 1 dosuser users 18 Mar 5 17:6 /home/dosuser
 
-If home directories referenced in "/etc/passwd" do not have a mode of "750" or less permissive, this is a finding.</check-content></check></Rule></Group><Group id="V-261292"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261292r996354_rule" weight="10.0" severity="medium"><version>SLEM-05-232035</version><title>All SLEM 5 local initialization files must have mode 740 or less permissive.</title><description>&lt;VulnDiscussion&gt;Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64929r995742_fix">Set the mode of SLEM 5 local initialization files to "740" with the following command:
+If home directories referenced in "/etc/passwd" do not have a mode of "750" or less permissive, this is a finding.</check-content></check></Rule></Group><Group id="V-261292"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261292r1184388_rule" weight="10.0" severity="medium"><version>SLEM-05-232035</version><title>All SLEM 5 local initialization files must have mode 740 or less permissive.</title><description>&lt;VulnDiscussion&gt;Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64929r1184387_fix">Set the mode of SLEM 5 local initialization files to "740" with the following command:
 
-Note: The example will be for the smithj user, who has a home directory of "/home/smithj".
+Note: The example will be for the dosuser user, who has a home directory of "/home/dosuser".
 
-     &gt; sudo chmod 740 /home/smithj/.&lt;INIT_FILE&gt;</fixtext><fix id="F-64929r995742_fix" /><check system="C-65021r996353_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that all SLEM 5 local initialization files have a mode of "740" or less permissive with the following command:
+     &gt; sudo chmod 740 /home/dosuser/.&lt;INIT_FILE&gt;</fixtext><fix id="F-64929r1184387_fix" /><check system="C-65021r1184386_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that all SLEM 5 local initialization files have a mode of "740" or less permissive with the following command:
 
-Note: The example will be for the user "smithj", who has a home directory of "/home/smithj".
+Note: The example will be for the user "dosuser", who has a home directory of "/home/dosuser".
 
-     &gt; sudo ls -al /home/smithj/.* | more
-     -rw-r-x---- 1 smithj users 896 Mar 10 2011 .profile
-     -rw-r-x---- 1 smithj users 497 Jan 6 27 .login
-     -rw-r-x---- 1 smithj users 886 Jan 6 27 .something
+     &gt; sudo ls -al /home/dosuser/.* | more
+     -rw-r-x---- 1 dosuser users 896 Mar 10 2011 .profile
+     -rw-r-x---- 1 dosuser users 497 Jan 6 27 .login
+     -rw-r-x---- 1 dosuser users 886 Jan 6 27 .something
 
 If any local initialization files have a mode more permissive than "740", this is a finding.</check-content></check></Rule></Group><Group id="V-261293"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261293r996357_rule" weight="10.0" severity="medium"><version>SLEM-05-232040</version><title>SLEM 5 SSH daemon public host key files must have mode 644 or less permissive.</title><description>&lt;VulnDiscussion&gt;If a public host key file is modified by an unauthorized user, the SSH service may be compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64930r996356_fix">Configure SLEM 5 SSH daemon public host key files have mode "644" or less permissive.
 
@@ -565,49 +569,49 @@ This requirement applies to SLEM 5 with software libraries that are accessible a
 
      &gt; sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c "%n %G" '{}' \;
 
-If any system wide library directory is returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261299"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261299r996373_rule" weight="10.0" severity="medium"><version>SLEM-05-232070</version><title>SLEM 5 must have system commands owned by root.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+If any system wide library directory is returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261299"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261299r1184391_rule" weight="10.0" severity="medium"><version>SLEM-05-232070</version><title>SLEM 5 must have system commands owned by root.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
-This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64936r996372_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
+This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64936r1184390_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
 
      &gt; sudo transactional-update shell
-     &gt; sudo find -L  /bin /sbin /usr/bin /usr/sbin ! -user root -type f -exec chown root '{}' \;
+     &gt; sudo find -L  /bin /sbin /usr/bin /usr/sbin /bin /sbin /usr/bin /usr/sbin ! -user root -type f -exec chown root '{}' \;
      &gt; exit
-     &gt; sudo reboot</fixtext><fix id="F-64936r996372_fix" /><check system="C-65028r995762_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system commands are owned by root with the following command:
+     &gt; sudo reboot</fixtext><fix id="F-64936r1184390_fix" /><check system="C-65028r1184389_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system commands are owned by root with the following command:
 
-     &gt; sudo find -L  /usr/local/bin /usr/local/sbin ! -user root -type f -exec stat -c "%n %U" '{}' \;
+     &gt; sudo find -L /bin /sbin /usr/bin /usr/sbin  /usr/local/bin /usr/local/sbin ! -user root -type f -exec stat -c "%n %U" '{}' \;
 
-If any system commands are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261300"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261300r996375_rule" weight="10.0" severity="medium"><version>SLEM-05-232075</version><title>SLEM 5 must have system commands group-owned by root or a system account.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+If any system commands are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261300"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261300r1184394_rule" weight="10.0" severity="medium"><version>SLEM-05-232075</version><title>SLEM 5 must have system commands group-owned by root or a system account.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
-This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64937r996374_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
+This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64937r1184393_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
 
      &gt; sudo transactional-update shell
-     &gt; sudo find -L  /bin /sbin /usr/bin /usr/sbin ! -user root -type f -exec chown root '{}' \;
+     &gt; sudo find -L /bin /sbin /usr/bin /usr/sbin  /bin /sbin /usr/bin /usr/sbin ! -user root -type f -exec chgrp root '{}' \;
      &gt; exit
-     &gt; sudo reboot</fixtext><fix id="F-64937r996374_fix" /><check system="C-65029r995765_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system commands are group-owned by root with the following command:
+     &gt; sudo reboot</fixtext><fix id="F-64937r1184393_fix" /><check system="C-65029r1184392_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the system commands are group-owned by root with the following command:
 
-     &gt; sudo find -L  /usr/local/bin /usr/local/sbin! -group root -type f -exec stat -c "%n %G" '{}' \;
+     &gt; sudo find -L /bin /sbin /usr/bin /usr/sbin  /usr/local/bin /usr/local/sbin ! -group root -type f -exec stat -c "%n %G" '{}' \;
 
-If any system commands are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261301"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261301r996377_rule" weight="10.0" severity="medium"><version>SLEM-05-232080</version><title>SLEM 5 must have directories that contain system commands owned by root.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+If any system commands are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261301"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261301r1184397_rule" weight="10.0" severity="medium"><version>SLEM-05-232080</version><title>SLEM 5 must have directories that contain system commands owned by root.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
-This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64938r996376_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
+This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64938r1184396_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
 
      &gt; sudo transactional-update shell
-     &gt; sudo find -L  /bin /sbin /usr/bin /usr/sbin ! -user root -type d -exec chown root '{}' \;
+     &gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /bin /sbin /usr/bin /usr/sbin ! -user root -type d -exec chown root '{}' \;
      &gt; exit
-     &gt; sudo reboot</fixtext><fix id="F-64938r996376_fix" /><check system="C-65030r995768_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system command directories are owned by root with the following command:
+     &gt; sudo reboot</fixtext><fix id="F-64938r1184396_fix" /><check system="C-65030r1184395_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the system command directories are owned by root with the following command:
 
-     &gt; find -L  /usr/local/bin /usr/local/sbin ! -user root -type d -exec stat -c "%n %U" '{}' \;
+     &gt; find -L /bin /sbin /usr/bin /usr/sbin  /usr/local/bin /usr/local/sbin ! -user root -type d -exec stat -c "%n %U" '{}' \;
 
-If any system command directories are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261302"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261302r996380_rule" weight="10.0" severity="medium"><version>SLEM-05-232085</version><title>SLEM 5 must have directories that contain system commands group-owned by root.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+If any system command directories are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261302"><title>SRG-OS-000259-GPOS-00100</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261302r1184400_rule" weight="10.0" severity="medium"><version>SLEM-05-232085</version><title>SLEM 5 must have directories that contain system commands group-owned by root.</title><description>&lt;VulnDiscussion&gt;If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
 
-This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64939r996379_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
+This requirement applies to SLEM 5 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs which execute with escalated privileges. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001499</ident><fixtext fixref="F-64939r1184399_fix">Configure the system commands to be protected from unauthorized access. Run the following command:
 
      &gt; sudo transactional-update shell
-     &gt; sudo find -L  /bin /sbin /usr/bin /usr/sbin ! -group root -type d -exec chgrp root '{}' \;
+     &gt; sudo find -L /bin /sbin /usr/bin /usr/sbin /bin /sbin /usr/bin /usr/sbin ! -group root -type d -exec chgrp root '{}' \;
      &gt; exit
-     &gt; sudo reboot</fixtext><fix id="F-64939r996379_fix" /><check system="C-65031r996378_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the system command directories are group-owned by root with the following command:
+     &gt; sudo reboot</fixtext><fix id="F-64939r1184399_fix" /><check system="C-65031r1184398_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the system command directories are group-owned by root with the following command:
 
-     &gt; find -L  /usr/local/bin /usr/local/sbin ! -group root -type d -exec stat -c "%n %G" '{}' \;
+     &gt; find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -type d -exec stat -c "%n %G" '{}' \;
 
 If any system command directories are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261303"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261303r996382_rule" weight="10.0" severity="medium"><version>SLEM-05-232090</version><title>All SLEM 5 files and directories must have a valid owner.</title><description>&lt;VulnDiscussion&gt;Unowned files and directories may be unintentionally inherited if a user is assigned the same User Identifier (UID) as the UID of the unowned files.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64940r995775_fix">Either remove all files and directories from SLEM 5 that do not have a valid user or assign a valid user to all unowned files and directories on the system with the "chown" command:
 
@@ -625,21 +629,21 @@ Note: The value after -fstype must be replaced with the filesystem type. XFS is
 
      &gt; sudo find / -fstype xfs -nogroup
 
-If any files on the system do not have a valid group, this is a finding.</check-content></check></Rule></Group><Group id="V-261305"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261305r996387_rule" weight="10.0" severity="medium"><version>SLEM-05-232100</version><title>All SLEM 5 local interactive user home directories must be group-owned by the home directory owner's primary group.</title><description>&lt;VulnDiscussion&gt;If the Group Identifier (GID) of a local interactive user's home directory is not the same as the primary GID of the user, this would allow unauthorized access to the user's files, and users that share the same group may not be able to access files that they legitimately should.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64942r996386_fix">Change the group owner of a SLEM 5 local interactive user's home directory to the group found in "/etc/passwd". To change the group owner of a local interactive user's home directory, use the following command:
+If any files on the system do not have a valid group, this is a finding.</check-content></check></Rule></Group><Group id="V-261305"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261305r1184403_rule" weight="10.0" severity="medium"><version>SLEM-05-232100</version><title>All SLEM 5 local interactive user home directories must be group-owned by the home directory owner's primary group.</title><description>&lt;VulnDiscussion&gt;If the Group Identifier (GID) of a local interactive user's home directory is not the same as the primary GID of the user, this would allow unauthorized access to the user's files, and users that share the same group may not be able to access files that they legitimately should.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64942r1184402_fix">Change the group owner of a SLEM 5 local interactive user's home directory to the group found in "/etc/passwd". To change the group owner of a local interactive user's home directory, use the following command:
 
-Note: The example will be for the user "smithj", who has a home directory of "/home/smithj", and has a primary group of users.
+Note: The example will be for the user "dosuser", who has a home directory of "/home/dosuser", and has a primary group of users.
 
-     &gt; sudo chgrp users /home/smithj</fixtext><fix id="F-64942r996386_fix" /><check system="C-65034r996385_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SLEM 5 local interactive users is group-owned by that user's primary GID with the following command:
+     &gt; sudo chgrp users /home/dosuser</fixtext><fix id="F-64942r1184402_fix" /><check system="C-65034r1184401_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SLEM 5 local interactive users is group-owned by that user's primary GID with the following command:
 
-Note: This may miss local interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information. The returned directory "/home/smithj" is used as an example.
+Note: This may miss local interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information. The returned directory "/home/dosuser" is used as an example.
 
      &gt; awk -F: '($3&gt;=1000)&amp;&amp;($7 !~ /nologin/){print $4, $6}' /etc/passwd)
-     250:/home/smithj
+     250:/home/dosuser
 
 Check the user's primary group with the following command:
 
      &gt; grep users /etc/group
-     users:x:250:smithj,jonesj,jacksons
+     users:x:250:dosuser,dosuser,nsauser
 
 If the user home directory referenced in "/etc/passwd" is not group-owned by that user's primary GID, this is a finding.</check-content></check></Rule></Group><Group id="V-261306"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261306r996389_rule" weight="10.0" severity="medium"><version>SLEM-05-232105</version><title>All SLEM 5 world-writable directories must be group-owned by root, sys, bin, or an application group.</title><description>&lt;VulnDiscussion&gt;If a world-writable directory has the sticky bit set and is not group-owned by a privileged Group Identifier (GID), unauthorized users may be able to modify files created by others.
 
@@ -979,36 +983,40 @@ For the changes to take effect immediately, start the service with the following
      &gt; systemctl status sshd.service | grep -i active
      Active: active (running) since Wed 2023-11-29 09:49:45 MST; 2 months 23 days ago
 
-If "openssh.service" is not active, this is a finding.</check-content></check></Rule></Group><Group id="V-261329"><title>SRG-OS-000023-GPOS-00006</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261329r996455_rule" weight="10.0" severity="medium"><version>SLEM-05-255020</version><title>SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner before granting access via SSH.</title><description>&lt;VulnDiscussion&gt;Display of a standardized and approved use notification before granting access to SLEM 5 ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
-
-System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.
-
-The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for SLEM 5 that can accommodate banners of 1300 characters:
-
-"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
-
-By using this IS (which includes any device attached to this IS), you consent to the following conditions:
-
--The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
-
--At any time, the USG may inspect and seize data stored on this IS.
-
--Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
-
--This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
-
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000048</ident><fixtext fixref="F-64966r995853_fix">Add or modify the following line in the "/etc/ssh/sshd_config" file: 
+If "openssh.service" is not active, this is a finding.</check-content></check></Rule></Group><Group id="V-261329"><title>SRG-OS-000023-GPOS-00006</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261329r1186207_rule" weight="10.0" severity="medium"><version>SLEM-05-255020</version><title>SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner before granting access via SSH.</title><description>&lt;VulnDiscussion&gt;Display of a standardized and approved use notification before granting access to SLEM 5 ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+
+System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.
+
+Because SLEM 5 employs an immutable architecture and "/etc/issue" is a system file, the banner must be stored in a different location. In this example, the location is "/etc/ssh/dod_banner", but any nonsystem location is acceptable.
+
+The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for SLEM 5 that can accommodate banners of 1300 characters:
+
+"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
+
+-At any time, the USG may inspect and seize data stored on this IS.
+
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
+
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
+
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000048</ident><fixtext fixref="F-64966r1184405_fix">Add or modify the following line in the "/etc/ssh/sshd_config" file: 
 
-Banner /etc/issue/
+Banner /etc/ssh/dod_banner
 
-Restart the "sshd.service":
+Restart the "sshd.service" to use the new file location:
 
-     &gt; sudo systemctl restart sshd.service</fixtext><fix id="F-64966r995853_fix" /><check system="C-65058r996454_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 displays the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via SSH with the following command:
+     &gt; sudo systemctl restart sshd.service</fixtext><fix id="F-64966r1184405_fix" /><check system="C-65058r1184404_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 displays the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via SSH with the following command:
 
      &gt; sudo /usr/sbin/sshd -dd 2&gt;&amp;1 | awk '/filename/ {print $4}' | tr -d '\r' | tr '\n' ' ' | xargs sudo grep -iH '^\s*banner'
-     /etc/ssh/sshd_config:Banner /etc/issue
+     /etc/ssh/sshd_config:Banner /etc/ssh/dod_banner
+
+If "Banner" is commented out or missing, or if the location returned will be overridden by package updates, this is a finding.
 
-If "Banner" is not set to "/etc/issue", is commented out, missing, or conflicting results are returned, this is a finding.</check-content></check></Rule></Group><Group id="V-261330"><title>SRG-OS-000480-GPOS-00229</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261330r996457_rule" weight="10.0" severity="high"><version>SLEM-05-255025</version><title>SLEM 5 must not allow unattended or automatic logon via SSH.</title><description>&lt;VulnDiscussion&gt;Failure to restrict system access via SSH to authenticated users negatively impacts SLEM 5 security.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64967r995856_fix">Configure SLEM 5 disables unattended or automatic logon via SSH.
+Note: The file /etc/issue is overridden by package updates and will not maintain the banner text as it does in other Linux distributions.</check-content></check></Rule></Group><Group id="V-261330"><title>SRG-OS-000480-GPOS-00229</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261330r996457_rule" weight="10.0" severity="high"><version>SLEM-05-255025</version><title>SLEM 5 must not allow unattended or automatic logon via SSH.</title><description>&lt;VulnDiscussion&gt;Failure to restrict system access via SSH to authenticated users negatively impacts SLEM 5 security.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64967r995856_fix">Configure SLEM 5 disables unattended or automatic logon via SSH.
 
 Add or modify the following lines in the "/etc/ssh/sshd_config" file:
 
@@ -1228,35 +1236,35 @@ Check that unattended or automatic login is disabled with the following commands
      &gt; grep -i ^DISPLAYMANAGER_PASSWORD_LESS_LOGIN /etc/sysconfig/displaymanager
      DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"
 
-If the "DISPLAYMANAGER_AUTOLOGIN" parameter includes a username or the "DISPLAYMANAGER_PASSWORD_LESS_LOGIN" is not set to "no", this is a finding.</check-content></check></Rule></Group><Group id="V-261346"><title>SRG-OS-000299-GPOS-00117</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261346r996496_rule" weight="10.0" severity="medium"><version>SLEM-05-291010</version><title>SLEM 5 wireless network adapters must be disabled unless approved and documented.</title><description>&lt;VulnDiscussion&gt;Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise SLEM 5.
+If the "DISPLAYMANAGER_AUTOLOGIN" parameter includes a username or the "DISPLAYMANAGER_PASSWORD_LESS_LOGIN" is not set to "no", this is a finding.</check-content></check></Rule></Group><Group id="V-261346"><title>SRG-OS-000299-GPOS-00117</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261346r1184409_rule" weight="10.0" severity="medium"><version>SLEM-05-291010</version><title>SLEM 5 wireless network adapters must be disabled unless approved and documented.</title><description>&lt;VulnDiscussion&gt;Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise SLEM 5.
 
 This requirement applies to wireless peripheral technologies (e.g., wireless mice, keyboards, displays, etc.) used with a SLEM 5. Wireless peripherals (e.g., Wi-Fi/Bluetooth/IR keyboards, mice, pointing devices, and Near Field Communications [NFC]) present a unique challenge by creating an open, unsecured port on a computer. Wireless peripherals must meet DOD requirements for wireless data transmission and be approved for use by the AO. Even though some wireless peripherals, such as mice and pointing devices, do not ordinarily carry information that need to be protected, modification of communications with these wireless peripherals may be used to compromise SLEM 5. Communication paths outside the physical protection of a controlled boundary are exposed to the possibility of interception and modification.
 
-Protecting the confidentiality and integrity of communications with wireless peripherals can be accomplished by physical means (e.g., employing physical barriers to wireless radio frequencies) or by logical means (e.g., employing cryptographic techniques). If physical means of protection are employed, then logical means (cryptography) do not have to be employed, and vice versa. If the wireless peripheral is only passing telemetry data, encryption of the data may not be required.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001444</ident><ident system="http://cyber.mil/cci">CCI-001443</ident><ident system="http://cyber.mil/cci">CCI-002418</ident><fixtext fixref="F-64983r996495_fix">Configure SLEM 5 to disable all wireless network interfaces with the following command:
+Protecting the confidentiality and integrity of communications with wireless peripherals can be accomplished by physical means (e.g., employing physical barriers to wireless radio frequencies) or by logical means (e.g., employing cryptographic techniques). If physical means of protection are employed, then logical means (cryptography) do not have to be employed, and vice versa. If the wireless peripheral is only passing telemetry data, encryption of the data may not be required.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001444</ident><ident system="http://cyber.mil/cci">CCI-001443</ident><ident system="http://cyber.mil/cci">CCI-002418</ident><fixtext fixref="F-64983r1184408_fix">Configure SLEM 5 to disable all wireless network interfaces.
 
-For each interface of type wireless, bring the interface into "down" state:
+Run "nmcli device status" and note the device name from the DEVICE column for any wireless devices (e.g., wlan0).
 
-     &gt; sudo wicked ifdown wlan0
+Set the device to unmanaged using the device name:
+    &gt; sudo nmcli device set wlan0 managed no
 
-For each interface of type wireless with a configuration type of "compat:suse:", remove the associated file:
+Set the software switches to "off" with the following commands:
+    &gt; sudo nmcli radio wwan off
+    &gt; sudo nmcli radio wifi off</fixtext><fix id="F-64983r1184408_fix" /><check system="C-65075r1184407_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 has no wireless network adapters enabled.
 
-     &gt; sudo rm /etc/sysconfig/network/ifcfg-wlan0
+Check the status of all network devices with this command:
+    &gt; nmcli device status
+    DEVICE  TYPE      STATE      CONNECTION
+    eth0    ethernet  connected  Wired connection 1
+    lo      loopback  unmanaged  --
 
-For each interface of type wireless, for each configuration of type "wicked:xml:", remove the associated file or remove the interface configuration from the file.
+If there is a device listed with a type of "wifi", and it is not documented and approved as an operational requirement with the authorizing official (AO), this is a finding.
 
-     &gt; sudo rm /etc/wicked/ifconfig/wlan0.xml</fixtext><fix id="F-64983r996495_fix" /><check system="C-65075r996494_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that SLEM 5 has no wireless network adapters enabled with the following command:
+Check the status of the software switches with the following command:
+    &gt; nmcli radio
+    WIFI-HW  WIFI      WWAN-HW  WWAN
+    missing  disabled  missing  disabled
 
-     &gt; sudo wicked show all
-     ...
-     wlan0 up
-     link: #3, state up, mtu 1500
-     type: wireless, hwaddr 06:00:00:00:00:02
-     config: wicked:xml:/etc/wicked/ifconfig/wlan0.xml
-     leases: ipv4 dhcp granted
-     addr: ipv4 10.0.0.101/16 [dhcp]
-     route: ipv4 default via 10.0.0.1 proto dhcp
-
-If a wireless interface is configured and has not been documented and approved by the AO, this is a finding.</check-content></check></Rule></Group><Group id="V-261347"><title>SRG-OS-000378-GPOS-00163</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261347r996498_rule" weight="10.0" severity="medium"><version>SLEM-05-291015</version><title>SLEM 5 must disable the USB mass storage kernel module.</title><description>&lt;VulnDiscussion&gt;Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
+If any wireless devices are "enabled" that are not documented and approved as an operational requirement with the AO, this is a finding.</check-content></check></Rule></Group><Group id="V-261347"><title>SRG-OS-000378-GPOS-00163</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261347r996498_rule" weight="10.0" severity="medium"><version>SLEM-05-291015</version><title>SLEM 5 must disable the USB mass storage kernel module.</title><description>&lt;VulnDiscussion&gt;Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
 
 Peripherals include but are not limited to such devices as flash drives, external storage, and printers.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-001958</ident><fixtext fixref="F-64984r995907_fix">Configure SLEM 5 to prevent USB mass storage devices from automounting when connected to the host.
 
@@ -1296,47 +1304,47 @@ FAIL_DELAY 5</fixtext><fix id="F-64987r995916_fix" /><check system="C-65079r9965
      &gt; grep -i fail_delay /etc/login.defs
      FAIL_DELAY 5
 
-If the value of "FAIL_DELAY" is not set to "5" or greater, the line is commented out, or the line is missing, this is a finding.</check-content></check></Rule></Group><Group id="V-261351"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261351r996506_rule" weight="10.0" severity="medium"><version>SLEM-05-411025</version><title>All SLEM 5 local interactive users must have a home directory assigned in the /etc/passwd file.</title><description>&lt;VulnDiscussion&gt;If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64988r995919_fix">Assign home directories to all SLEM 5 local interactive users that currently do not have a home directory assigned.
+If the value of "FAIL_DELAY" is not set to "5" or greater, the line is commented out, or the line is missing, this is a finding.</check-content></check></Rule></Group><Group id="V-261351"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261351r1184412_rule" weight="10.0" severity="medium"><version>SLEM-05-411025</version><title>All SLEM 5 local interactive users must have a home directory assigned in the /etc/passwd file.</title><description>&lt;VulnDiscussion&gt;If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64988r1184411_fix">Assign home directories to all SLEM 5 local interactive users that currently do not have a home directory assigned.
 
 Assign a home directory to users via the usermod command:
 
-     &gt; sudo usermod -d /home/smithj smithj</fixtext><fix id="F-64988r995919_fix" /><check system="C-65080r996505_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 local interactive users on the system have a home directory assigned with the following command:
+     &gt; sudo usermod -d /home/dosuser dosuser</fixtext><fix id="F-64988r1184411_fix" /><check system="C-65080r1184410_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 local interactive users on the system have a home directory assigned with the following command:
 
      &gt; sudo pwck -r
-     user 'smithj': directory '/home/smithj' does not exist
+     user 'dosuser': directory '/home/dosuser' does not exist
 
 Ask the system administrator (SA) if any users found without home directories are local interactive users. If the SA is unable to provide a response, check for users with a User Identifier (UID) of 1000 or greater with the following command:
 
      &gt; awk -F: '($3&gt;=1000)&amp;&amp;($1!="nobody"){print $1 ":" $3}' /etc/passwd
 
-If any interactive users do not have a home directory assigned, this is a finding.</check-content></check></Rule></Group><Group id="V-261352"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261352r996862_rule" weight="10.0" severity="medium"><version>SLEM-05-411030</version><title>All SLEM 5 local interactive user home directories defined in the /etc/passwd file must exist.</title><description>&lt;VulnDiscussion&gt;If a local interactive user has a home directory defined that does not exist, the user may be given access to the / directory as the current working directory upon logon. This could create a denial of service (DoS) because the user would not be able to access their logon configuration files, and it may give them visibility to system files they normally would not be able to access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64989r996508_fix">Create home directories to all SLEM 5 local interactive users that currently do not have a home directory assigned. Use the following commands to create the user home directory assigned in "/etc/ passwd":
+If any interactive users do not have a home directory assigned, this is a finding.</check-content></check></Rule></Group><Group id="V-261352"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261352r1184415_rule" weight="10.0" severity="medium"><version>SLEM-05-411030</version><title>All SLEM 5 local interactive user home directories defined in the /etc/passwd file must exist.</title><description>&lt;VulnDiscussion&gt;If a local interactive user has a home directory defined that does not exist, the user may be given access to the / directory as the current working directory upon logon. This could create a denial of service (DoS) because the user would not be able to access their logon configuration files, and it may give them visibility to system files they normally would not be able to access.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64989r1184414_fix">Create home directories to all SLEM 5 local interactive users that currently do not have a home directory assigned. Use the following commands to create the user home directory assigned in "/etc/ passwd":
 
-Note: The example will be for the user smithj, who has a home directory of "/home/smithj", a UID of "smithj", and a Group Identifier (GID) of "users assigned" in "/etc/passwd".
+Note: The example will be for the user dosuser, who has a home directory of "/home/dosuser", a UID of "dosuser", and a Group Identifier (GID) of "users assigned" in "/etc/passwd".
 
-     &gt; sudo mkdir /home/smithj 
-     &gt; sudo chown smithj /home/smithj
-     &gt; sudo chgrp users /home/smithj
-     &gt; sudo chmod 0750 /home/smithj</fixtext><fix id="F-64989r996508_fix" /><check system="C-65081r996507_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SLEM 5 local interactive users on the system exists.
+     &gt; sudo mkdir /home/dosuser 
+     &gt; sudo chown dosuser /home/dosuser
+     &gt; sudo chgrp users /home/dosuser
+     &gt; sudo chmod 0750 /home/dosuser</fixtext><fix id="F-64989r1184414_fix" /><check system="C-65081r1184413_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify the assigned home directory of all SLEM 5 local interactive users on the system exists.
 
 Check the home directory assignment for all local interactive nonprivileged users on the system with the following command:
 
      &gt; awk -F: '($3&gt;=1000)&amp;&amp;($7 !~ /nologin/){print $1, $6}' /etc/passwd
-     smithj /home/smithj
+     dosuser /home/dosuser
 
 Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information.
 
 Check that all referenced home directories exist with the following command:
 
      &gt; sudo pwck -r
-     user 'smithj': directory '/home/smithj' does not exist
+     user 'dosuser': directory '/home/dosuser' does not exist
 
-If any home directories referenced in "/etc/passwd" are returned as not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-261353"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261353r996512_rule" weight="10.0" severity="medium"><version>SLEM-05-411035</version><title>All SLEM 5 local interactive user initialization files executable search paths must contain only paths that resolve to the users' home directory.</title><description>&lt;VulnDiscussion&gt;The executable search path (typically the PATH environment variable) contains a list of directories for the shell to search to find executables. If this path includes the current working directory (other than the user's home directory), executables in these directories may be executed instead of system commands. This variable is formatted as a colon-separated list of directories. If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is interpreted as the current working directory. If deviations from the default system search path for the local interactive user are required, they must be documented with the information system security officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64990r996511_fix">Edit SLEM 5 local interactive user initialization files to change any PATH variable statements for executables that reference directories other than their home directory. If a local interactive user requires path variables to reference a directory owned by the application, it must be documented with the ISSO.</fixtext><fix id="F-64990r996511_fix" /><check system="C-65082r996510_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that all SLEM 5 local interactive user initialization files executable search path statements do not contain statements that will reference a working directory other than the user's home directory with the following command:
+If any home directories referenced in "/etc/passwd" are returned as not defined, this is a finding.</check-content></check></Rule></Group><Group id="V-261353"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261353r1184417_rule" weight="10.0" severity="medium"><version>SLEM-05-411035</version><title>All SLEM 5 local interactive user initialization files executable search paths must contain only paths that resolve to the users' home directory.</title><description>&lt;VulnDiscussion&gt;The executable search path (typically the PATH environment variable) contains a list of directories for the shell to search to find executables. If this path includes the current working directory (other than the user's home directory), executables in these directories may be executed instead of system commands. This variable is formatted as a colon-separated list of directories. If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is interpreted as the current working directory. If deviations from the default system search path for the local interactive user are required, they must be documented with the information system security officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64990r996511_fix">Edit SLEM 5 local interactive user initialization files to change any PATH variable statements for executables that reference directories other than their home directory. If a local interactive user requires path variables to reference a directory owned by the application, it must be documented with the ISSO.</fixtext><fix id="F-64990r996511_fix" /><check system="C-65082r1184416_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that all SLEM 5 local interactive user initialization files executable search path statements do not contain statements that will reference a working directory other than the user's home directory with the following command:
 
-Note: The example will be for the user "smithj", who has a home directory of "/home/smithj".
+Note: The example will be for the user "dosuser", who has a home directory of "/home/dosuser".
 
-     &gt; sudo grep -i path= /home/smithj/.*
+     &gt; sudo grep -i path= /home/dosuser/.*
 
-/home/smithj/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin
+/home/dosuser/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin
 
 If any local interactive user initialization files have executable search path statements that include directories outside of their home directory, and the additional path statements are not documented with the ISSO as an operational requirement, this is a finding.</check-content></check></Rule></Group><Group id="V-261354"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261354r996514_rule" weight="10.0" severity="medium"><version>SLEM-05-411040</version><title>All SLEM 5 local initialization files must not execute world-writable programs.</title><description>&lt;VulnDiscussion&gt;If user start-up files execute world-writable programs, especially in unprotected directories, they could be maliciously modified to destroy user files or otherwise compromise the system at the user level. If the system is compromised at the user level, it is easier to elevate privileges to eventually compromise the system at the root and network level.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-64991r995928_fix">Remove the references to these files in the local initialization scripts or remove the world-writable permission of files referenced by SLEM 5 local initialization scripts with the following command:
 
@@ -1578,18 +1586,22 @@ All administrators must be mapped to the "sysadm_u", "staff_u", or an appropriat
 
 All authorized nonadministrative users must be mapped to the "user_u" role.
 
-If any interactive users are not mapped in this way, this is a finding.</check-content></check></Rule></Group><Group id="V-261372"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261372r996556_rule" weight="10.0" severity="medium"><version>SLEM-05-432010</version><title>SLEM 5 must use the invoking user's password for privilege escalation when using "sudo".</title><description>&lt;VulnDiscussion&gt;The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.
+If any interactive users are not mapped in this way, this is a finding.</check-content></check></Rule></Group><Group id="V-261372"><title>SRG-OS-000480-GPOS-00227</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261372r1184420_rule" weight="10.0" severity="medium"><version>SLEM-05-432010</version><title>SLEM 5 must use the invoking user's password for privilege escalation when using "sudo".</title><description>&lt;VulnDiscussion&gt;The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.
+
+For more information on each of the listed configurations, reference the sudoers(5) manual page.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-65009r1184419_fix">Configure the sudoers security policy to use the invoking user's password for privilege escalation.
+
+Define the defaults in a configuration file in the /etc/sudoers.d/ directory with the following command and entries:
 
-For more information on each of the listed configurations, reference the sudoers(5) manual page.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000366</ident><fixtext fixref="F-65009r995982_fix">Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:
+    &gt; sudo visudo -f /etc/sudoers.d/hardening_defaults
 
 Defaults !targetpw
 Defaults !rootpw
-Defaults !runaspw</fixtext><fix id="F-65009r995982_fix" /><check system="C-65101r996555_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation with the following command:
+Defaults !runaspw</fixtext><fix id="F-65009r1184419_fix" /><check system="C-65101r1184418_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation with the following command:
 
-     &gt; sudo egrep -ir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'
-     /etc/sudoers:Defaults !targetpw
-     /etc/sudoers:Defaults !rootpw
-     /etc/sudoers:Defaults !runaspw
+    &gt; sudo egrep -ir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'
+    /etc/sudoers.d/hardening_defaults:Defaults !targetpw
+    /etc/sudoers.d/hardening_defaults:Defaults !rootpw
+    /etc/sudoers.d/hardening_defaults:Defaults !runaspw
 
 If "Defaults" types are not defined for "!targetpw", "!rootpw", and "!runaspw", there are conflicting results between files, this is a finding.</check-content></check></Rule></Group><Group id="V-261373"><title>SRG-OS-000373-GPOS-00156</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261373r1050789_rule" weight="10.0" severity="medium"><version>SLEM-05-432015</version><title>SLEM 5 must reauthenticate users when changing authenticators, roles, or escalating privileges.</title><description>&lt;VulnDiscussion&gt;Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
 
@@ -1730,14 +1742,14 @@ Lock the account:
 
      &gt; sudo awk -F: '!$2 {print $1}' /etc/shadow
 
-If the command returns any results, this is a finding.</check-content></check></Rule></Group><Group id="V-261388"><title>SRG-OS-000075-GPOS-00043</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261388r996591_rule" weight="10.0" severity="medium"><version>SLEM-05-611065</version><title>SLEM 5 must employ user passwords with a minimum lifetime of 24 hours (one day).</title><description>&lt;VulnDiscussion&gt;Enforcing a minimum password lifetime helps prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000198</ident><fixtext fixref="F-65025r996590_fix">Configure SLEM 5 to enforce 24 hours/one day or greater as the minimum password age for user accounts.
+If the command returns any results, this is a finding.</check-content></check></Rule></Group><Group id="V-261388"><title>SRG-OS-000075-GPOS-00043</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261388r1184422_rule" weight="10.0" severity="medium"><version>SLEM-05-611065</version><title>SLEM 5 must employ user passwords with a minimum lifetime of 24 hours (one day).</title><description>&lt;VulnDiscussion&gt;Enforcing a minimum password lifetime helps prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000198</ident><fixtext fixref="F-65025r996590_fix">Configure SLEM 5 to enforce 24 hours/one day or greater as the minimum password age for user accounts.
 
 Change the minimum time period between password changes for each &lt;username&gt; account to "1" day with the command, replacing &lt;username&gt; with the user account that must be changed:
 
-     &gt; sudo passwd -n 1 &lt;username&gt;</fixtext><fix id="F-65025r996590_fix" /><check system="C-65117r996589_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 enforces a minimum time period between password changes for each user account of one day or greater with the following command:
+     &gt; sudo passwd -n 1 &lt;username&gt;</fixtext><fix id="F-65025r996590_fix" /><check system="C-65117r1184421_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 enforces a minimum time period between password changes for each user account of one day or greater with the following command:
 
      &gt; sudo awk -F: '$4 &lt; 1 {print $1 ":" $4}' /etc/shadow
-     smithj:1
+     dosuser:1
 
 If any results are returned that are not associated with a system account, this is a finding.</check-content></check></Rule></Group><Group id="V-261389"><title>SRG-OS-000076-GPOS-00044</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261389r1038967_rule" weight="10.0" severity="medium"><version>SLEM-05-611070</version><title>SLEM 5 must employ user passwords with a maximum lifetime of 60 days.</title><description>&lt;VulnDiscussion&gt;Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If SLEM 5 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that SLEM 5 passwords could be compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000199</ident><fixtext fixref="F-65026r996033_fix">Configure SLEM 5 to enforce a maximum password age of each &lt;username&gt; account to 60 days. The command in the check text will give a list of users that need to be updated to be in compliance:
 
@@ -1774,21 +1786,21 @@ Lock all interactive user accounts not using SHA512 hashing until the passwords
 
 Password hashes "!" or "*" indicate inactive accounts not available for logon and are not evaluated.
 
-If any interactive user password hash does not begin with "$6", this is a finding.</check-content></check></Rule></Group><Group id="V-261392"><title>SRG-OS-000073-GPOS-00041</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261392r996600_rule" weight="10.0" severity="high"><version>SLEM-05-611085</version><title>SLEM 5 shadow password suite must be configured to use a sufficient number of hashing rounds.</title><description>&lt;VulnDiscussion&gt;The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
+If any interactive user password hash does not begin with "$6", this is a finding.</check-content></check></Rule></Group><Group id="V-261392"><title>SRG-OS-000073-GPOS-00041</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261392r1184425_rule" weight="10.0" severity="high"><version>SLEM-05-611085</version><title>SLEM 5 shadow password suite must be configured to use a sufficient number of hashing rounds.</title><description>&lt;VulnDiscussion&gt;The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
 
-Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000196</ident><ident system="http://cyber.mil/cci">CCI-000803</ident><fixtext fixref="F-65029r996042_fix">Configure SLEM 5 shadow password suite is configured to encrypt passwords using sufficient number of hashing rounds.
+Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target SUSE Linux Enterprise Micro (SLEM) 5</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>SUSE Linux Enterprise Micro (SLEM) 5</dc:subject><dc:identifier>5596</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000196</ident><ident system="http://cyber.mil/cci">CCI-000803</ident><fixtext fixref="F-65029r1184424_fix">Configure SLEM 5 shadow password suite to encrypt passwords using sufficient number of hashing rounds.
 
 Add or modify the following line in the "/etc/login.defs" file:
 
-SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-65029r996042_fix" /><check system="C-65121r996599_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 shadow password suite is configured to encrypt passwords using sufficient number of hashing rounds.
+SHA_CRYPT_MIN_ROUNDS 100000</fixtext><fix id="F-65029r1184424_fix" /><check system="C-65121r1184423_chk"><check-content-ref href="SUSE_Linux_Enterprise_Micro_(SLEM)_5_STIG.xml" name="M" /><check-content>Verify SLEM 5 shadow password suite is configured to encrypt passwords using sufficient number of hashing rounds.
 
      &gt; egrep "^SHA_CRYPT_" /etc/login.defs
-     SHA_CRYPT_MIN_ROUNDS 5000
-     SHA_CRYPT_MAX_ROUNDS 5000
+     SHA_CRYPT_MIN_ROUNDS 100000
+     SHA_CRYPT_MAX_ROUNDS 100000
 
-If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
+If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "100000", this is a finding.
 
-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-261393"><title>SRG-OS-000120-GPOS-00061</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261393r996602_rule" weight="10.0" severity="medium"><version>SLEM-05-611090</version><title>SLEM 5 must employ FIPS 140-2/140-3 approved cryptographic hashing algorithm for system authentication (login.defs).</title><description>&lt;VulnDiscussion&gt;Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied on to provide confidentiality or integrity, and DOD data may be compromised.
+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-261393"><title>SRG-OS-000120-GPOS-00061</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-261393r996602_rule" weight="10.0" severity="medium"><version>SLEM-05-611090</version><title>SLEM 5 must employ FIPS 140-2/140-3 approved cryptographic hashing algorithm for system authentication (login.defs).</title><description>&lt;VulnDiscussion&gt;Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied on to provide confidentiality or integrity, and DOD data may be compromised.
 
 SLEM 5 using encryption are required to use FIPS 140-2/140-3 compliant mechanisms for authenticating to cryptographic modules.
 

From ef19f992209ed5d487f6d8f0cdf941192bee2e71 Mon Sep 17 00:00:00 2001
From: svet-se <svetlin.boychev@suse.com>
Date: Mon, 11 May 2026 15:58:54 +0300
Subject: [PATCH 3/5] Removed requirement SLEM-05-211015

---
 controls/stig_slmicro5.yml | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/controls/stig_slmicro5.yml b/controls/stig_slmicro5.yml
index 7a5790f3310b..84f6914c4d55 100644
--- a/controls/stig_slmicro5.yml
+++ b/controls/stig_slmicro5.yml
@@ -21,13 +21,6 @@ controls:
           - installed_OS_is_vendor_supported
       status: automated
 
-    - id: SLEM-05-211015
-      levels:
-          - medium
-      title: SLEM 5 must implement an endpoint security tool.
-      rules: []
-      status: manual
-
     - id: SLEM-05-211020
       levels:
           - medium

From d2058a7fea5962cb9410d5eda3b5a8c392810ca4 Mon Sep 17 00:00:00 2001
From: svet-se <svetlin.boychev@suse.com>
Date: Mon, 11 May 2026 16:10:02 +0300
Subject: [PATCH 4/5] Update requirement SLEM-05-611085

---
 controls/stig_slmicro5.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/controls/stig_slmicro5.yml b/controls/stig_slmicro5.yml
index 84f6914c4d55..32ef6ff9d465 100644
--- a/controls/stig_slmicro5.yml
+++ b/controls/stig_slmicro5.yml
@@ -1098,6 +1098,7 @@ controls:
       title: SLEM 5 shadow password suite must be configured to use a sufficient number of hashing rounds.
       rules:
           - set_password_hashing_min_rounds_logindefs
+          - var_password_hashing_min_rounds_login_defs=100000
       status: automated
 
     - id: SLEM-05-611090

From 2b025795404b4a8df912bf9148da02a2bcbbbacc Mon Sep 17 00:00:00 2001
From: svet-se <svetlin.boychev@suse.com>
Date: Mon, 11 May 2026 16:22:21 +0300
Subject: [PATCH 5/5] Fix lint

---
 controls/stig_slmicro5.yml | 3627 ++++++++++++++++++------------------
 1 file changed, 1851 insertions(+), 1776 deletions(-)

diff --git a/controls/stig_slmicro5.yml b/controls/stig_slmicro5.yml
index 32ef6ff9d465..32861fe776d3 100644
--- a/controls/stig_slmicro5.yml
+++ b/controls/stig_slmicro5.yml
@@ -8,1781 +8,1856 @@ reference_type: stigid
 product: slmicro5
 
 levels:
-    - id: high
-    - id: medium
-    - id: low
+  - id: high
+  - id: medium
+  - id: low
 
 controls:
-    - id: SLEM-05-211010
-      levels:
-          - high
-      title: SLEM 5 must be a vendor-supported release.
-      rules:
-          - installed_OS_is_vendor_supported
-      status: automated
-
-    - id: SLEM-05-211020
-      levels:
-          - medium
-      title: SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner before granting
-          any local or remote connection to the system.
-      rules:
-          - banner_etc_issue
-          - login_banner_text=dod_banners
-          - login_banner_contents=dod_default
-      status: automated
-
-    - id: SLEM-05-211025
-      levels:
-          - high
-      title: SLEM 5 must disable the x86 Ctrl-Alt-Delete key sequence.
-      rules:
-          - disable_ctrlaltdel_reboot
-      status: automated
-
-    - id: SLEM-05-212010
-      levels:
-          - high
-      title: SLEM 5 with a basic input/output system (BIOS) must require authentication upon booting
-          into single-user and maintenance modes.
-      rules:
-          - grub2_password
-      status: automated
-
-    - id: SLEM-05-212015
-      levels:
-          - high
-      title: SLEM 5 with Unified Extensible Firmware Interface (UEFI) implemented must require authentication
-          upon booting into single-user mode and maintenance.
-      rules:
-          - grub2_uefi_password
-      status: automated
-
-    - id: SLEM-05-213010
-      levels:
-          - medium
-      title: SLEM 5 must restrict access to the kernel message buffer.
-      rules:
-          - sysctl_kernel_dmesg_restrict
-      status: automated
-
-    - id: SLEM-05-213015
-      levels:
-          - medium
-      title: SLEM 5 kernel core dumps must be disabled unless needed.
-      rules:
-          - service_kdump_disabled
-      status: automated
-
-    - id: SLEM-05-213020
-      levels:
-          - medium
-      title: Address space layout randomization (ASLR) must be implemented by SLEM 5 to protect memory
-          from unauthorized code execution.
-      rules:
-          - sysctl_kernel_randomize_va_space
-      status: automated
-
-    - id: SLEM-05-213025
-      levels:
-          - medium
-      title: SLEM 5 must implement kptr-restrict to prevent the leaking of internal kernel addresses.
-      rules:
-          - sysctl_kernel_kptr_restrict
-      status: automated
-
-    - id: SLEM-05-214010
-      levels:
-          - medium
-      title: Vendor-packaged SLEM 5 security patches and updates must be installed and up to date.
-      rules:
-          - security_patches_up_to_date
-      status: automated
-
-    - id: SLEM-05-214015
-      levels:
-          - high
-      title: The SLEM 5 tool zypper must have gpgcheck enabled.
-      rules:
-          - ensure_gpgcheck_globally_activated
-      status: automated
-
-    - id: SLEM-05-214020
-      levels:
-          - medium
-      title: SLEM 5 must remove all outdated software components after updated versions have been installed.
-      rules:
-          - clean_components_post_updating
-      status: automated
-
-    - id: SLEM-05-215010
-      levels:
-          - medium
-      title: SLEM 5 must use vlock to allow for session locking.
-      rules:
-          - vlock_installed
-      status: automated
-
-    - id: SLEM-05-215015
-      levels:
-          - high
-      title: SLEM 5 must not have the telnet-server package installed.
-      rules:
-          - package_telnet-server_removed
-      status: automated
-
-    - id: SLEM-05-231010
-      levels:
-          - medium
-      title: A separate file system must be used for SLEM 5 user home directories (such as /home or an
-          equivalent).
-      rules:
-          - partition_for_home
-      status: automated
-
-    - id: SLEM-05-231015
-      levels:
-          - medium
-      title: SLEM 5 must use a separate file system for /var.
-      rules:
-          - partition_for_var
-      status: automated
-
-    - id: SLEM-05-231020
-      levels:
-          - medium
-      title: SLEM 5 must use a separate file system for the system audit data path.
-      rules:
-          - partition_for_var_log_audit
-      status: automated
-
-    - id: SLEM-05-231025
-      levels:
-          - medium
-      title: SLEM 5 file systems that are being imported via Network File System (NFS) must be mounted
-          to prevent files with the setuid and setgid bit set from being executed.
-      rules:
-          - mount_option_nosuid_remote_filesystems
-      status: automated
-
-    - id: SLEM-05-231030
-      levels:
-          - medium
-      title: SLEM 5 file systems that are being imported via Network File System (NFS) must be mounted
-          to prevent binary files from being executed.
-      rules:
-          - mount_option_noexec_remote_filesystems
-      status: automated
-
-    - id: SLEM-05-231035
-      levels:
-          - medium
-      title: SLEM 5 file systems that are used with removable media must be mounted to prevent files
-          with the setuid and setgid bit set from being executed.
-      rules:
-          - mount_option_nosuid_removable_partitions
-      status: automated
-
-    - id: SLEM-05-231040
-      levels:
-          - high
-      title: All SLEM 5 persistent disk partitions must implement cryptographic mechanisms to prevent
-          unauthorized disclosure or modification of all information that requires at-rest protection.
-      rules:
-          - encrypt_partitions
-      status: automated
-
-    - id: SLEM-05-231045
-      levels:
-          - medium
-      title: SLEM 5 file systems that contain user home directories must be mounted to prevent files
-          with the setuid and setgid bit set from being executed.
-      rules:
-          - mount_option_home_nosuid
-      status: automated
-
-    - id: SLEM-05-231050
-      levels:
-          - medium
-      title: SLEM 5 must disable the file system automounter unless required.
-      rules:
-          - service_autofs_disabled
-      status: automated
-
-    - id: SLEM-05-232010
-      levels:
-          - medium
-      title: SLEM 5 must have directories that contain system commands set to a mode of 755 or less permissive.
-      rules:
-          - dir_permissions_binary_dirs
-      status: automated
-
-    - id: SLEM-05-232015
-      levels:
-          - medium
-      title: SLEM 5 must have system commands set to a mode of 755 or less permissive.
-      rules:
-          - file_permissions_binary_dirs
-      status: automated
-
-    - id: SLEM-05-232020
-      levels:
-          - medium
-      title: SLEM 5 library directories must have mode 755 or less permissive.
-      rules:
-          - dir_permissions_library_dirs
-      status: automated
-
-    - id: SLEM-05-232025
-      levels:
-          - medium
-      title: SLEM 5 library files must have mode 755 or less permissive.
-      rules:
-          - file_permissions_library_dirs
-      status: automated
-
-    - id: SLEM-05-232030
-      levels:
-          - medium
-      title: All SLEM 5 local interactive user home directories must have mode 750 or less permissive.
-      rules:
-          - file_permissions_home_directories
-      status: automated
-
-    - id: SLEM-05-232035
-      levels:
-          - medium
-      title: All SLEM 5 local initialization files must have mode 740 or less permissive.
-      rules:
-          - file_permission_user_init_files
-      status: automated
-
-    - id: SLEM-05-232040
-      levels:
-          - medium
-      title: SLEM 5 SSH daemon public host key files must have mode 644 or less permissive.
-      rules:
-          - file_permissions_sshd_pub_key
-      status: automated
-
-    - id: SLEM-05-232045
-      levels:
-          - medium
-      title: SLEM 5 SSH daemon private host key files must have mode 640 or less permissive.
-      rules:
-          - file_permissions_sshd_private_key
-      status: automated
-
-    - id: SLEM-05-232050
-      levels:
-          - medium
-      title: SLEM 5 library files must be owned by root.
-      rules:
-          - file_ownership_library_dirs
-      status: automated
-
-    - id: SLEM-05-232055
-      levels:
-          - medium
-      title: SLEM 5 library files must be group-owned by root.
-      rules:
-          - root_permissions_syslibrary_files
-      status: automated
-
-    - id: SLEM-05-232060
-      levels:
-          - medium
-      title: SLEM 5 library directories must be owned by root.
-      rules:
-          - dir_ownership_library_dirs
-      status: automated
-
-    - id: SLEM-05-232065
-      levels:
-          - medium
-      title: SLEM 5 library directories must be group-owned by root.
-      rules:
-          - dir_group_ownership_library_dirs
-      status: automated
-
-    - id: SLEM-05-232070
-      levels:
-          - medium
-      title: SLEM 5 must have system commands owned by root.
-      rules:
-          - file_ownership_binary_dirs
-      status: automated
-
-    - id: SLEM-05-232075
-      levels:
-          - medium
-      title: SLEM 5 must have system commands group-owned by root or a system account.
-      rules:
-          - file_groupownership_system_commands_dirs
-      status: automated
-
-    - id: SLEM-05-232080
-      levels:
-          - medium
-      title: SLEM 5 must have directories that contain system commands owned by root.
-      rules:
-          - dir_system_commands_root_owned
-      status: automated
-
-    - id: SLEM-05-232085
-      levels:
-          - medium
-      title: SLEM 5 must have directories that contain system commands group-owned by root.
-      rules:
-          - dir_system_commands_group_root_owned
-      status: automated
-
-    - id: SLEM-05-232090
-      levels:
-          - medium
-      title: All SLEM 5 files and directories must have a valid owner.
-      rules:
-          - no_files_unowned_by_user
-      status: automated
-
-    - id: SLEM-05-232095
-      levels:
-          - medium
-      title: All SLEM 5 files and directories must have a valid group owner.
-      rules:
-          - file_permissions_ungroupowned
-      status: automated
-
-    - id: SLEM-05-232100
-      levels:
-          - medium
-      title: All SLEM 5 local interactive user home directories must be group-owned by the home directory
-          owner's primary group.
-      rules:
-          - file_groupownership_home_directories
-      status: automated
-
-    - id: SLEM-05-232105
-      levels:
-          - medium
-      title: All SLEM 5 world-writable directories must be group-owned by root, sys, bin, or an application
-          group.
-      rules:
-          - dir_perms_world_writable_system_owned_group
-      status: automated
-
-    - id: SLEM-05-232110
-      levels:
-          - medium
-      title: The sticky bit must be set on all SLEM 5 world-writable directories.
-      rules:
-          - dir_perms_world_writable_sticky_bits
-      status: automated
-
-    - id: SLEM-05-232115
-      levels:
-          - medium
-      title: SLEM 5 must prevent unauthorized users from accessing system error messages.
-      rules:
-          - file_permissions_local_var_log_messages
-      status: automated
-
-    - id: SLEM-05-232120
-      levels:
-          - medium
-      title: SLEM 5 must generate error messages that provide information necessary for corrective actions
-          without revealing information that could be exploited by adversaries.
-      rules:
-          - permissions_local_var_log
-      status: automated
-
-    - id: SLEM-05-251010
-      levels:
-          - medium
-      title: SLEM 5 must be configured to prohibit or restrict the use of functions, ports, protocols,
-          and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category
-          Assignments List (CAL) and vulnerability assessments.
-      rules:
-          - service_firewalld_enabled
-      status: automated
-
-    - id: SLEM-05-252010
-      levels:
-          - medium
-      title: SLEM 5 clock must, for networked systems, be synchronized to an authoritative DOD time source
-          at least every 24 hours.
-      rules:
-          - chronyd_or_ntpd_set_maxpoll
-          - chronyd_specify_remote_server
-          - var_multiple_time_servers=stig
-          - var_time_service_set_maxpoll=18_hours
-      status: automated
-
-    - id: SLEM-05-252015
-      levels:
-          - medium
-      title: SLEM 5 must not have network interfaces in promiscuous mode unless approved and documented.
-      rules:
-          - network_sniffer_disabled
-      status: automated
-
-    - id: SLEM-05-253010
-      levels:
-          - medium
-      title: SLEM 5 must not forward Internet Protocol version 4 (IPv4) source-routed packets.
-      rules:
-          - sysctl_net_ipv4_conf_all_accept_source_route
-      status: automated
-
-    - id: SLEM-05-253015
-      levels:
-          - medium
-      title: SLEM 5 must not forward Internet Protocol version 4 (IPv4) source-routed packets by default.
-      rules:
-          - sysctl_net_ipv4_conf_default_accept_source_route
-      status: automated
-
-    - id: SLEM-05-253020
-      levels:
-          - medium
-      title: SLEM 5 must prevent Internet Protocol version 4 (IPv4) Internet Control Message Protocol
-          (ICMP) redirect messages from being accepted.
-      rules:
-          - sysctl_net_ipv4_conf_all_accept_redirects
-      status: automated
-
-    - id: SLEM-05-253025
-      levels:
-          - medium
-      title: SLEM 5 must not allow interfaces to accept Internet Protocol version 4 (IPv4) Internet Control
-          Message Protocol (ICMP) redirect messages by default.
-      rules:
-          - sysctl_net_ipv4_conf_default_accept_redirects
-      status: automated
-
-    - id: SLEM-05-253030
-      levels:
-          - medium
-      title: SLEM 5 must not send Internet Protocol version 4 (IPv4) Internet Control Message Protocol
-          (ICMP) redirects.
-      rules:
-          - sysctl_net_ipv4_conf_all_send_redirects
-      status: automated
-
-    - id: SLEM-05-253035
-      levels:
-          - medium
-      title: SLEM 5 must not allow interfaces to send Internet Protocol version 4 (IPv4) Internet Control
-          Message Protocol (ICMP) redirect messages by default.
-      rules:
-          - sysctl_net_ipv4_conf_default_send_redirects
-      status: automated
-
-    - id: SLEM-05-253040
-      levels:
-          - medium
-      title: SLEM 5 must not be performing Internet Protocol version 4 (IPv4) packet forwarding unless
-          the system is a router.
-      rules:
-          - sysctl_net_ipv4_ip_forward
-      status: automated
-
-    - id: SLEM-05-253045
-      levels:
-          - medium
-      title: SLEM 5 must be configured to use TCP syncookies.
-      rules:
-          - sysctl_net_ipv4_tcp_syncookies
-      status: automated
-
-    - id: SLEM-05-254010
-      levels:
-          - medium
-      title: SLEM 5 must not forward Internet Protocol version 6 (IPv6) source-routed packets.
-      rules:
-          - sysctl_net_ipv6_conf_all_accept_source_route
-      status: automated
-
-    - id: SLEM-05-254015
-      levels:
-          - medium
-      title: SLEM 5 must not forward Internet Protocol version 6 (IPv6) source-routed packets by default.
-      rules:
-          - sysctl_net_ipv6_conf_default_accept_source_route
-      status: automated
-
-    - id: SLEM-05-254020
-      levels:
-          - medium
-      title: SLEM 5 must prevent Internet Protocol version 6 (IPv6) Internet Control Message Protocol
-          (ICMP) redirect messages from being accepted.
-      rules:
-          - sysctl_net_ipv6_conf_all_accept_redirects
-      status: automated
-
-    - id: SLEM-05-254025
-      levels:
-          - medium
-      title: SLEM 5 must not allow interfaces to accept Internet Protocol version 6 (IPv6) Internet Control
-          Message Protocol (ICMP) redirect messages by default.
-      rules:
-          - sysctl_net_ipv6_conf_default_accept_redirects
-      status: automated
-
-    - id: SLEM-05-254030
-      levels:
-          - medium
-      title: SLEM 5 must not be performing Internet Protocol version 6 (IPv6) packet forwarding unless
-          the system is a router.
-      rules:
-          - sysctl_net_ipv6_conf_all_forwarding
-      status: automated
-
-    - id: SLEM-05-254035
-      levels:
-          - medium
-      title: SLEM 5 must not be performing Internet Protocol version 6 (IPv6) packet forwarding by default
-          unless the system is a router.
-      rules:
-          - sysctl_net_ipv6_conf_default_forwarding
-      status: automated
-
-    - id: SLEM-05-255010
-      levels:
-          - high
-      title: SLEM 5 must have SSH installed to protect the confidentiality and integrity of transmitted
-          information.
-      rules:
-          - package_openssh-server_installed
-      status: automated
-
-    - id: SLEM-05-255015
-      levels:
-          - high
-      title: SLEM 5 must use SSH to protect the confidentiality and integrity of transmitted information.
-      rules:
-          - service_sshd_enabled
-      status: automated
-
-    - id: SLEM-05-255020
-      levels:
-          - medium
-      title: SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner before granting
-          access via SSH.
-      rules:
-          - sshd_enable_warning_banner
-      status: automated
-
-    - id: SLEM-05-255025
-      levels:
-          - high
-      title: SLEM 5 must not allow unattended or automatic logon via SSH.
-      rules:
-          - sshd_disable_empty_passwords
-          - sshd_do_not_permit_user_env
-      status: automated
-
-    - id: SLEM-05-255030
-      levels:
-          - medium
-      title: SLEM 5 must be configured so that all network connections associated with SSH traffic terminate
-          after becoming unresponsive.
-      rules:
-          - sshd_set_keepalive
-          - var_sshd_set_keepalive=1
-      status: automated
-
-    - id: SLEM-05-255035
-      levels:
-          - medium
-      title: SLEM 5 must be configured so that all network connections associated with SSH traffic are
-          terminated after 10 minutes of becoming unresponsive.
-      rules:
-          - sshd_set_idle_timeout
-          - sshd_idle_timeout_value=10_minutes
-      status: automated
-
-    - id: SLEM-05-255040
-      levels:
-          - medium
-      title: SLEM 5 SSH daemon must disable forwarded remote X connections for interactive users, unless
-          to fulfill documented and validated mission requirements.
-      rules:
-          - sshd_disable_x11_forwarding
-      status: automated
-
-    - id: SLEM-05-255045
-      levels:
-          - high
-      title: SLEM 5 must implement DOD-approved encryption to protect the confidentiality of SSH remote
-          connections.
-      rules:
-          - sshd_use_approved_ciphers_ordered_stig
-          - sshd_use_approved_ciphers
-      status: automated
-
-    - id: SLEM-05-255050
-      levels:
-          - high
-      title: SLEM 5 SSH daemon must be configured to only use Message Authentication Codes (MACs) employing
-          FIPS 140-2/140-3 approved cryptographic hash algorithms.
-      rules:
-          - sshd_use_approved_macs_ordered_stig
-          - sshd_use_approved_macs
-      status: automated
-
-    - id: SLEM-05-255055
-      levels:
-          - high
-      title: SLEM 5 SSH server must be configured to use only FIPS 140-2/140-3 validated key exchange
-          algorithms.
-      rules:
-          - sshd_use_approved_kex_ordered_stig
-      status: automated
-
-    - id: SLEM-05-255060
-      levels:
-          - medium
-      title: SLEM 5 must deny direct logons to the root account using remote access via SSH.
-      rules:
-          - sshd_disable_root_login
-      status: automated
-
-    - id: SLEM-05-255065
-      levels:
-          - medium
-      title: SLEM 5 must log SSH connection attempts and failures to the server.
-      rules:
-          - sshd_set_loglevel_verbose
-      status: automated
-
-    - id: SLEM-05-255070
-      levels:
-          - medium
-      title: SLEM 5 must display the date and time of the last successful account logon upon an SSH logon.
-      rules:
-          - sshd_print_last_log
-      status: automated
-
-    - id: SLEM-05-255075
-      levels:
-          - medium
-      title: SLEM 5 SSH daemon must be configured to not allow authentication using known hosts authentication.
-      rules:
-          - sshd_disable_user_known_hosts
-      status: automated
-
-    - id: SLEM-05-255080
-      levels:
-          - medium
-      title: SLEM 5 SSH daemon must perform strict mode checking of home directory configuration files.
-      rules:
-          - sshd_enable_strictmodes
-      status: automated
-
-    - id: SLEM-05-255085
-      levels:
-          - medium
-      title: SLEM 5, for PKI-based authentication, must enforce authorized access to the corresponding
-          private key.
-      rules:
-          - ssh_private_keys_have_passcode
-      status: manual
-
-    - id: SLEM-05-255090
-      levels:
-          - high
-      title: There must be no .shosts files on SLEM 5.
-      rules:
-          - no_user_host_based_files
-      status: automated
-
-    - id: SLEM-05-255095
-      levels:
-          - high
-      title: There must be no shosts.equiv files on SLEM 5.
-      rules:
-          - no_host_based_files
-      status: automated
-
-    - id: SLEM-05-272010
-      levels:
-          - high
-      title: SLEM 5 must not allow unattended or automatic logon via the graphical user interface (GUI).
-      rules:
-          - gnome_gdm_disable_unattended_automatic_login
-      status: automated
-
-    - id: SLEM-05-291010
-      levels:
-          - medium
-      title: SLEM 5 wireless network adapters must be disabled unless approved and documented.
-      rules:
-          - wireless_disable_interfaces
-      status: automated
-
-    - id: SLEM-05-291015
-      levels:
-          - medium
-      title: SLEM 5 must disable the USB mass storage kernel module.
-      rules:
-          - kernel_module_usb-storage_disabled
-      status: automated
-
-    - id: SLEM-05-411010
-      levels:
-          - medium
-      title: All SLEM 5 local interactive user accounts, upon creation, must be assigned a home directory.
-      rules:
-          - accounts_have_homedir_login_defs
-      status: automated
-
-    - id: SLEM-05-411015
-      levels:
-          - medium
-      title: SLEM 5 default permissions must be defined in such a way that all authenticated users can
-          only read and modify their own files.
-      rules:
-          - accounts_umask_etc_login_defs
-      status: automated
-
-    - id: SLEM-05-411020
-      levels:
-          - medium
-      title: SLEM 5 shadow password suite must be configured to enforce a delay of at least five seconds
-          between logon prompts following a failed logon attempt.
-      rules:
-          - accounts_logon_fail_delay
-          - var_accounts_fail_delay=5
-      status: automated
-
-    - id: SLEM-05-411025
-      levels:
-          - medium
-      title: All SLEM 5 local interactive users must have a home directory assigned in the /etc/passwd
-          file.
-      rules:
-          - accounts_user_interactive_home_directory_defined
-      status: automated
-
-    - id: SLEM-05-411030
-      levels:
-          - medium
-      title: All SLEM 5 local interactive user home directories defined in the /etc/passwd file must
-          exist.
-      rules:
-          - accounts_user_interactive_home_directory_exists
-      status: automated
-
-    - id: SLEM-05-411035
-      levels:
-          - medium
-      title: All SLEM 5 local interactive user initialization files executable search paths must contain
-          only paths that resolve to the users' home directory.
-      rules:
-          - accounts_user_home_paths_only
-      status: automated
-
-    - id: SLEM-05-411040
-      levels:
-          - medium
-      title: All SLEM 5 local initialization files must not execute world-writable programs.
-      rules:
-          - accounts_user_dot_no_world_writable_programs
-      status: automated
-
-    - id: SLEM-05-411045
-      levels:
-          - medium
-      title: SLEM 5 must automatically expire temporary accounts within 72 hours.
-      rules:
-          - account_temp_expire_date
-      status: automated
-
-    - id: SLEM-05-411050
-      levels:
-          - medium
-      title: SLEM 5 must never automatically remove or disable emergency administrator accounts.
-      rules:
-          - account_emergency_admin
-      status: automated
-
-    - id: SLEM-05-411055
-      levels:
-          - medium
-      title: SLEM 5 must not have unnecessary accounts.
-      rules:
-          - accounts_authorized_local_users
-          - var_accounts_authorized_local_users_regex=slmicro5
-      status: automated
-
-    - id: SLEM-05-411060
-      levels:
-          - medium
-      title: SLEM 5 must not have unnecessary account capabilities.
-      rules:
-          - no_shelllogin_for_systemaccounts
-      status: automated
-
-    - id: SLEM-05-411065
-      levels:
-          - high
-      title: SLEM 5 root account must be the only account with unrestricted access to the system.
-      rules:
-          - accounts_no_uid_except_zero
-      status: automated
-
-    - id: SLEM-05-411070
-      levels:
-          - medium
-      title: SLEM 5 must disable account identifiers (individuals, groups, roles, and devices) after
-          35 days of inactivity after password expiration.
-      rules:
-          - account_disable_post_pw_expiration
-      status: automated
-
-    - id: SLEM-05-411075
-      levels:
-          - medium
-      title: SLEM 5 must not have duplicate User IDs (UIDs) for interactive users.
-      rules:
-          - account_unique_id
-      status: automated
-
-    - id: SLEM-05-412015
-      levels:
-          - medium
-      title: SLEM 5 must initiate a session lock after a 15-minute period of inactivity.
-      rules:
-          - accounts_tmout
-          - var_accounts_tmout=15_min
-      status: automated
-
-    - id: SLEM-05-412020
-      levels:
-          - medium
-      title: SLEM 5 must lock an account after three consecutive invalid access attempts.
-      rules:
-          - accounts_passwords_pam_tally2
-          - var_password_pam_tally2=3
-      status: automated
-
-    - id: SLEM-05-412025
-      levels:
-          - medium
-      title: SLEM 5 must enforce a delay of at least five seconds between logon prompts following a failed
-          logon attempt via pluggable authentication modules (PAM).
-      rules:
-          - accounts_passwords_pam_faildelay_delay
-          - var_password_pam_delay=4000000
-      status: automated
-
-    - id: SLEM-05-412035
-      levels:
-          - low
-      title: SLEM 5 must limit the number of concurrent sessions to 10 for all accounts and/or account
-          types.
-      rules:
-          - accounts_max_concurrent_login_sessions
-          - var_accounts_max_concurrent_login_sessions=10
-      status: automated
-
-    - id: SLEM-05-431010
-      levels:
-          - low
-      title: SLEM 5 must have policycoreutils package installed.
-      rules:
-          - package_policycoreutils_installed
-      status: automated
-
-    - id: SLEM-05-431015
-      levels:
-          - high
-      title: SLEM 5 must use a Linux Security Module configured to enforce limits on system services.
-      rules:
-          - selinux_state
-          - var_selinux_state=enforcing
-      status: automated
-
-    - id: SLEM-05-431020
-      levels:
-          - medium
-      title: SLEM 5 must enable the SELinux targeted policy.
-      rules:
-          - selinux_policytype
-          - var_selinux_policy_name=targeted
-      status: automated
-
-    - id: SLEM-05-431025
-      levels:
-          - medium
-      title: SLEM 5 must prevent nonprivileged users from executing privileged functions, including disabling,
-          circumventing, or altering implemented security safeguards/countermeasures.
-      rules:
-          - selinux_user_login_roles
-      status: manual
-
-    - id: SLEM-05-432010
-      levels:
-          - medium
-      title: SLEM 5 must use the invoking user's password for privilege escalation when using "sudo".
-      rules:
-          - sudoers_validate_passwd
-      status: automated
-
-    - id: SLEM-05-432015
-      levels:
-          - medium
-      title: SLEM 5 must reauthenticate users when changing authenticators, roles, or escalating privileges.
-      rules:
-          - sudo_require_authentication
-          - sudo_remove_nopasswd
-          - sudo_remove_no_authenticate
-      status: automated
-
-    - id: SLEM-05-432020
-      levels:
-          - medium
-      title: SLEM 5 must require reauthentication when using the "sudo" command.
-      rules:
-          - sudo_require_reauthentication
-      status: automated
-
-    - id: SLEM-05-432025
-      levels:
-          - medium
-      title: SLEM 5 must restrict privilege elevation to authorized personnel.
-      rules:
-          - sudo_restrict_privilege_elevation_to_authorized
-      status: automated
-
-    - id: SLEM-05-432030
-      levels:
-          - medium
-      title: SLEM 5 must specify the default "include" directory for the /etc/sudoers file.
-      rules:
-          - sudoers_default_includedir
-      status: automated
-
-    - id: SLEM-05-611010
-      levels:
-          - medium
-      title: SLEM 5 must enforce passwords that contain at least one uppercase character.
-      rules:
-          - cracklib_accounts_password_pam_ucredit
-      status: automated
-
-    - id: SLEM-05-611015
-      levels:
-          - medium
-      title: SLEM 5 must enforce passwords that contain at least one lowercase character.
-      rules:
-          - cracklib_accounts_password_pam_lcredit
-      status: automated
-
-    - id: SLEM-05-611020
-      levels:
-          - medium
-      title: SLEM 5 must enforce passwords that contain at least one numeric character.
-      rules:
-          - cracklib_accounts_password_pam_dcredit
-      status: automated
-
-    - id: SLEM-05-611025
-      levels:
-          - medium
-      title: SLEM 5 must enforce passwords that contain at least one special character.
-      rules:
-          - cracklib_accounts_password_pam_ocredit
-      status: automated
-
-    - id: SLEM-05-611030
-      levels:
-          - medium
-      title: SLEM 5 must prevent the use of dictionary words for passwords.
-      rules:
-          - cracklib_accounts_password_pam_retry
-          - var_password_pam_retry=3
-      status: automated
-
-    - id: SLEM-05-611035
-      levels:
-          - medium
-      title: SLEM 5 must employ passwords with a minimum of 15 characters.
-      rules:
-          - cracklib_accounts_password_pam_minlen
-      status: automated
-
-    - id: SLEM-05-611040
-      levels:
-          - medium
-      title: SLEM 5 must require the change of at least eight of the total number of characters when
-          passwords are changed.
-      rules:
-          - cracklib_accounts_password_pam_difok
-      status: automated
-
-    - id: SLEM-05-611045
-      levels:
-          - medium
-      title: SLEM 5 must not allow passwords to be reused for a minimum of five generations.
-      rules:
-          - accounts_password_pam_pwhistory_remember
-          - var_password_pam_remember_control_flag=requisite
-          - var_password_pam_remember=5
-      status: automated
-
-    - id: SLEM-05-611050
-      levels:
-          - medium
-      title: SLEM 5 must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted
-          representations of passwords.
-      rules:
-          - set_password_hashing_algorithm_systemauth
-      status: automated
-
-    - id: SLEM-05-611055
-      levels:
-          - high
-      title: SLEM 5 must not be configured to allow blank or null passwords.
-      rules:
-          - no_empty_passwords
-      status: automated
-
-    - id: SLEM-05-611060
-      levels:
-          - high
-      title: SLEM 5 must not have accounts configured with blank or null passwords.
-      rules:
-          - no_empty_passwords_etc_shadow
-      status: automated
-
-    - id: SLEM-05-611065
-      levels:
-          - medium
-      title: SLEM 5 must employ user passwords with a minimum lifetime of 24 hours (one day).
-      rules:
-          - accounts_password_set_min_life_existing
-          - var_accounts_minimum_age_login_defs=1
-      status: automated
-
-    - id: SLEM-05-611070
-      levels:
-          - medium
-      title: SLEM 5 must employ user passwords with a maximum lifetime of 60 days.
-      rules:
-          - accounts_password_set_max_life_existing
-          - var_accounts_maximum_age_login_defs=60
-      status: automated
-
-    - id: SLEM-05-611075
-      levels:
-          - medium
-      title: SLEM 5 must employ a password history file.
-      rules:
-          - file_etc_security_opasswd
-      status: automated
-
-    - id: SLEM-05-611080
-      levels:
-          - high
-      title: SLEM 5 must employ FIPS 140-2/140-3-approved cryptographic hashing algorithms for system
-          authentication.
-      rules:
-          - accounts_password_all_shadowed_sha512
-      status: automated
-
-    - id: SLEM-05-611085
-      levels:
-          - high
-      title: SLEM 5 shadow password suite must be configured to use a sufficient number of hashing rounds.
-      rules:
-          - set_password_hashing_min_rounds_logindefs
-          - var_password_hashing_min_rounds_login_defs=100000
-      status: automated
-
-    - id: SLEM-05-611090
-      levels:
-          - medium
-      title: SLEM 5 must employ FIPS 140-2/140-3 approved cryptographic hashing algorithm for system
-          authentication (login.defs).
-      rules:
-          - set_password_hashing_algorithm_logindefs
-          - var_password_hashing_algorithm=SHA512
-      status: automated
-
-    - id: SLEM-05-611095
-      levels:
-          - medium
-      title: SLEM 5 must be configured to create or update passwords with a minimum lifetime of 24 hours
-          (one day).
-      rules:
-          - accounts_minimum_age_login_defs
-      status: automated
-
-    - id: SLEM-05-611100
-      levels:
-          - medium
-      title: SLEM 5 must be configured to create or update passwords with a maximum lifetime of 60 days.
-      rules:
-          - accounts_maximum_age_login_defs
-      status: automated
-
-    - id: SLEM-05-612010
-      levels:
-          - medium
-      title: SLEM 5 must have the packages required for multifactor authentication to be installed.
-      rules:
-          - install_smartcard_packages
-      status: automated
-
-    - id: SLEM-05-612015
-      levels:
-          - medium
-      title: SLEM 5 must implement multifactor authentication for access to privileged accounts via pluggable
-          authentication modules (PAM).
-      rules:
-          - smartcard_pam_enabled
-      status: automated
-
-    - id: SLEM-05-612020
-      levels:
-          - medium
-      title: SLEM 5 must implement certificate status checking for multifactor authentication.
-      rules:
-          - smartcard_configure_cert_checking
-      status: automated
-
-    - id: SLEM-05-631010
-      levels:
-          - medium
-      title: If Network Security Services (NSS) is being used by SLEM 5 it must prohibit the use of cached
-          authentications after one day.
-      rules:
-          - sssd_memcache_timeout
-          - var_sssd_memcache_timeout=1_day
-      status: automated
-
-    - id: SLEM-05-631015
-      levels:
-          - medium
-      title: SLEM 5 must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use
-          of cached offline authentications after one day.
-      rules:
-          - sssd_offline_cred_expiration
-      status: automated
-
-    - id: SLEM-05-631020
-      levels:
-          - medium
-      title: SLEM 5, for PKI-based authentication, must validate certificates by constructing a certification
-          path (which includes status information) to an accepted trust anchor.
-      rules:
-          - smartcard_configure_ca
-      status: automated
-
-    - id: SLEM-05-631025
-      levels:
-          - medium
-      title: SLEM 5 must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration
-          on package changes.
-      rules:
-          - pam_disable_automatic_configuration
-      status: automated
-
-    - id: SLEM-05-651010
-      levels:
-          - medium
-      title: SLEM 5 must use a file integrity tool to verify correct operation of all security functions.
-      rules:
-          - package_aide_installed
-          - aide_build_database
-      status: automated
-
-    - id: SLEM-05-651015
-      levels:
-          - medium
-      title: SLEM 5 file integrity tool must be configured to verify Access Control Lists (ACLs).
-      rules:
-          - aide_verify_acls
-      status: automated
-
-    - id: SLEM-05-651020
-      levels:
-          - medium
-      title: SLEM 5 file integrity tool must be configured to verify extended attributes.
-      rules:
-          - aide_verify_ext_attributes
-      status: automated
-
-    - id: SLEM-05-651025
-      levels:
-          - medium
-      title: SLEM 5 file integrity tool must be configured to protect the integrity of the audit tools.
-      rules:
-          - aide_check_audit_tools
-      status: automated
-
-    - id: SLEM-05-651030
-      levels:
-          - medium
-      title: Advanced Intrusion Detection Environment (AIDE) must verify the baseline SLEM 5 configuration
-          at least weekly.
-      rules:
-          - aide_periodic_checking_systemd_timer
-      status: automated
-
-    - id: SLEM-05-651035
-      levels:
-          - medium
-      title: SLEM 5 must notify the system administrator (SA) when Advanced Intrusion Detection Environment
-          (AIDE) discovers anomalies in the operation of any security functions.
-      rules:
-          - aide_scan_notification
-      status: automated
-
-    - id: SLEM-05-652010
-      levels:
-          - medium
-      title: SLEM 5 must offload rsyslog messages for networked systems in real time and offload standalone
-          systems at least weekly.
-      rules:
-          - package_systemd-journal-remote_installed
-          - service_systemd-journal-upload_enabled
-          - systemd_journal_upload_url
-          - systemd_journal_upload_server_tls
-      status: manual  # do not assume anything set external variables before use
-
-    - id: SLEM-05-653010
-      levels:
-          - medium
-      title: SLEM 5 must have the auditing package installed.
-      rules:
-          - package_audit_installed
-      status: automated
-
-    - id: SLEM-05-653015
-      levels:
-          - medium
-      title: SLEM 5 audit records must contain information to establish what type of events occurred,
-          the source of events, where events occurred, and the outcome of events.
-      rules:
-          - service_auditd_enabled
-      status: automated
-
-    - id: SLEM-05-653020
-      levels:
-          - medium
-      title: The audit-audispd-plugins package must be installed on SLEM 5.
-      rules:
-          - package_audit-audispd-plugins_installed
-      status: automated
-
-    - id: SLEM-05-653025
-      levels:
-          - medium
-      title: SLEM 5 must allocate audit record storage capacity to store at least one week of audit records
-          when audit records are not immediately sent to a central audit record storage facility.
-      rules:
-          - auditd_audispd_configure_sufficiently_large_partition
-      status: automated
-
-    - id: SLEM-05-653030
-      levels:
-          - medium
-      title: SLEM 5 auditd service must notify the system administrator (SA) and information system security
-          officer (ISSO) immediately when audit storage capacity is 75 percent full.
-      rules:
-          - auditd_data_retention_space_left_percentage
-          - var_auditd_space_left_percentage=25pc
-          - auditd_data_retention_space_left_action
-          - var_auditd_space_left_action=email
-      status: automated
-
-    - id: SLEM-05-653035
-      levels:
-          - medium
-      title: SLEM 5 audit system must take appropriate action when the audit storage volume is full.
-      rules:
-          - auditd_data_disk_full_action
-      status: automated
-
-    - id: SLEM-05-653040
-      levels:
-          - medium
-      title: SLEM 5 must offload audit records onto a different system or media from the system being
-          audited.
-      rules:
-          - auditd_audispd_network_failure_action
-      status: automated
-
-    - id: SLEM-05-653045
-      levels:
-          - medium
-      title: Audispd must take appropriate action when SLEM 5 audit storage is full.
-      rules:
-          - auditd_audispd_disk_full_action
-      status: automated
-
-    - id: SLEM-05-653050
-      levels:
-          - medium
-      title: SLEM 5 must protect audit rules from unauthorized modification.
-      rules:
-          - permissions_local_var_log_audit
-      status: automated
-
-    - id: SLEM-05-653055
-      levels:
-          - medium
-      title: SLEM 5 audit tools must have the proper permissions configured to protect against unauthorized
-          access.
-      rules:
-          - permissions_local_audit_binaries
-      status: automated
-
-    - id: SLEM-05-653060
-      levels:
-          - medium
-      title: SLEM 5 audit tools must have the proper permissions applied to protect against unauthorized
-          access.
-      rules: []
-      status: manual
-
-    - id: SLEM-05-653065
-      levels:
-          - low
-      title: SLEM 5 audit event multiplexor must be configured to use Kerberos.
-      rules:
-          - auditd_audispd_encrypt_sent_records
-      status: automated
-
-    - id: SLEM-05-653070
-      levels:
-          - medium
-      title: Audispd must offload audit records onto a different system or media from SLEM 5 being audited.
-      rules:
-          - auditd_audispd_configure_remote_server
-      status: automated
-
-    - id: SLEM-05-653075
-      levels:
-          - medium
-      title: The information system security officer (ISSO) and system administrator (SA), at a minimum,
-          must have mail aliases to be notified of a SLEM 5 audit processing failure.
-      rules:
-          - postfix_client_configure_mail_alias
-      status: automated
-
-    - id: SLEM-05-653080
-      levels:
-          - medium
-      title: The information system security officer (ISSO) and system administrator (SA), at a minimum,
-          must be alerted of a SLEM 5 audit processing failure event.
-      rules:
-          - auditd_data_retention_action_mail_acct
-      status: automated
-
-    - id: SLEM-05-654010
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "chacl" command.
-      rules:
-          - audit_rules_execution_chacl
-      status: automated
-
-    - id: SLEM-05-654015
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "chage" command.
-      rules:
-          - audit_rules_privileged_commands_chage
-      status: automated
-
-    - id: SLEM-05-654020
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "chcon" command.
-      rules:
-          - audit_rules_execution_chcon
-      status: automated
-
-    - id: SLEM-05-654025
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "chfn" command.
-      rules:
-          - audit_rules_privileged_commands_chfn
-      status: automated
-
-    - id: SLEM-05-654030
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "chmod" command.
-      rules:
-          - audit_rules_execution_chmod
-      status: automated
-
-    - id: SLEM-05-654035
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for a uses of the "chsh" command.
-      rules:
-          - audit_rules_privileged_commands_chsh
-      status: automated
-
-    - id: SLEM-05-654040
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "crontab" command.
-      rules:
-          - audit_rules_privileged_commands_crontab
-      status: automated
-
-    - id: SLEM-05-654045
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "gpasswd" command.
-      rules:
-          - audit_rules_privileged_commands_gpasswd
-      status: automated
-
-    - id: SLEM-05-654050
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "insmod" command.
-      rules:
-          - audit_rules_privileged_commands_insmod
-      status: automated
-
-    - id: SLEM-05-654055
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "kmod" command.
-      rules:
-          - audit_rules_privileged_commands_kmod
-      status: automated
-
-    - id: SLEM-05-654060
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "modprobe" command.
-      rules:
-          - audit_rules_privileged_commands_modprobe
-      status: automated
-
-    - id: SLEM-05-654065
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "newgrp" command.
-      rules:
-          - audit_rules_privileged_commands_newgrp
-      status: automated
-
-    - id: SLEM-05-654070
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "pam_timestamp_check" command.
-      rules:
-          - audit_rules_privileged_commands_pam_timestamp_check
-      status: automated
-
-    - id: SLEM-05-654075
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "passwd" command.
-      rules:
-          - audit_rules_privileged_commands_passwd
-      status: automated
-
-    - id: SLEM-05-654080
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "rm" command.
-      rules:
-          - audit_rules_execution_rm
-      status: automated
-
-    - id: SLEM-05-654085
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "rmmod" command.
-      rules:
-          - audit_rules_privileged_commands_rmmod
-      status: automated
-
-    - id: SLEM-05-654090
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "setfacl" command.
-      rules:
-          - audit_rules_execution_setfacl
-      status: automated
-
-    - id: SLEM-05-654095
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "ssh-agent" command.
-      rules:
-          - audit_rules_privileged_commands_ssh_agent
-      status: automated
-
-    - id: SLEM-05-654100
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "ssh-keysign" command.
-      rules:
-          - audit_rules_privileged_commands_ssh_keysign
-      status: automated
-
-    - id: SLEM-05-654105
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "su" command.
-      rules:
-          - audit_rules_privileged_commands_su
-      status: automated
-
-    - id: SLEM-05-654110
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "sudo" command.
-      rules:
-          - audit_rules_privileged_commands_sudo
-      status: automated
-
-    - id: SLEM-05-654115
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "sudoedit" command.
-      rules:
-          - audit_rules_privileged_commands_sudoedit
-      status: automated
-
-    - id: SLEM-05-654120
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "unix_chkpwd" or "unix2_chkpwd" commands.
-      rules:
-          - audit_rules_privileged_commands_unix_chkpwd
-      status: automated
-
-    - id: SLEM-05-654125
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "usermod" command.
-      rules:
-          - audit_rules_privileged_commands_usermod
-      status: automated
-
-    - id: SLEM-05-654130
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all account creations, modifications, disabling,
-          and termination events that affect /etc/group.
-      rules:
-          - audit_rules_usergroup_modification_group
-      status: automated
-
-    - id: SLEM-05-654135
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all account creations, modifications, disabling,
-          and termination events that affect /etc/security/opasswd.
-      rules:
-          - audit_rules_usergroup_modification_opasswd
-      status: automated
-
-    - id: SLEM-05-654140
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all account creations, modifications, disabling,
-          and termination events that affect /etc/passwd.
-      rules:
-          - audit_rules_usergroup_modification_passwd
-      status: automated
-
-    - id: SLEM-05-654145
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all account creations, modifications, disabling,
-          and termination events that affect /etc/shadow.
-      rules:
-          - audit_rules_usergroup_modification_shadow
-      status: automated
-
-    - id: SLEM-05-654150
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "chmod", "fchmod" and "fchmodat"
-          system calls.
-      rules:
-          - audit_rules_dac_modification_fchmod
-      status: automated
-
-    - id: SLEM-05-654155
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "chown", "fchown", "fchownat", and
-          "lchown" system calls.
-      rules:
-          - audit_rules_dac_modification_lchown
-      status: automated
-
-    - id: SLEM-05-654160
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "creat", "open", "openat", "open_by_handle_at",
-          "truncate", and "ftruncate" system calls.
-      rules:
-          - audit_rules_unsuccessful_file_modification_open
-      status: automated
-
-    - id: SLEM-05-654165
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "delete_module" system call.
-      rules:
-          - audit_rules_kernel_module_loading_delete
-      status: automated
-
-    - id: SLEM-05-654170
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "init_module" and "finit_module"
-          system calls.
-      rules:
-          - audit_rules_kernel_module_loading_finit
-      status: automated
-
-    - id: SLEM-05-654175
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "mount" system call.
-      rules:
-          - audit_rules_media_export
-      status: automated
-
-    - id: SLEM-05-654180
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "setxattr", "fsetxattr", "lsetxattr",
-          "removexattr", "fremovexattr", and "lremovexattr" system calls.
-      rules:
-          - audit_rules_dac_modification_fremovexattr
-      status: automated
-
-    - id: SLEM-05-654185
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "umount" system call.
-      rules:
-          - audit_rules_dac_modification_umount2
-      status: automated
-
-    - id: SLEM-05-654190
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of the "unlink", "unlinkat", "rename", "renameat",
-          and "rmdir" system calls.
-      rules:
-          - audit_rules_unsuccessful_file_modification_rename
-      status: automated
-
-    - id: SLEM-05-654195
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all uses of privileged functions.
-      rules:
-          - audit_rules_suid_privilege_function
-      status: automated
-
-    - id: SLEM-05-654200
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all modifications to the "lastlog" file.
-      rules:
-          - audit_rules_login_events_lastlog
-      status: automated
-
-    - id: SLEM-05-654205
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for all modifications to the "tallylog" file must generate
-          an audit record.
-      rules:
-          - audit_rules_login_events_tallylog
-      status: automated
-
-    - id: SLEM-05-654210
-      levels:
-          - medium
-      title: SLEM 5 must audit all uses of the sudoers file and all files in the "/etc/sudoers.d/" directory.
-      rules:
-          - audit_rules_sysadmin_actions
-      status: automated
-
-    - id: SLEM-05-654215
-      levels:
-          - medium
-      title: Successful/unsuccessful uses of "setfiles" in SLEM 5 must generate an audit record.
-      rules:
-          - audit_rules_execution_setfiles
-      status: automated
-
-    - id: SLEM-05-654220
-      levels:
-          - medium
-      title: Successful/unsuccessful uses of "semanage" in SLEM 5 must generate an audit record.
-      rules:
-          - package_policycoreutils-python-utils_installed
-          - audit_rules_execution_semanage
-      status: automated
-
-    - id: SLEM-05-654225
-      levels:
-          - medium
-      title: Successful/unsuccessful uses of "setsebool" in SLEM 5 must generate an audit record.
-      rules:
-          - audit_rules_execution_setsebool
-      status: automated
-
-    - id: SLEM-05-654230
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for the "/run/utmp file".
-      rules:
-          - audit_rules_session_events_utmp
-      status: automated
-
-    - id: SLEM-05-654235
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for the "/var/log/btmp" file.
-      rules:
-          - audit_rules_session_events_btmp
-      status: automated
-
-    - id: SLEM-05-654240
-      levels:
-          - medium
-      title: SLEM 5 must generate audit records for the "/var/log/wtmp" file.
-      rules:
-          - audit_rules_session_events_wtmp
-      status: automated
-
-    - id: SLEM-05-654245
-      levels:
-          - medium
-      title: SLEM 5 must not disable syscall auditing.
-      rules:
-          - audit_rules_enable_syscall_auditing
-      status: automated
-
-    - id: SLEM-05-671010
-      levels:
-          - high
-      title: FIPS 140-2/140-3 mode must be enabled on SLEM 5.
-      rules:
-          - is_fips_mode_enabled
-      status: automated
+  - id: SLEM-05-211010
+    levels:
+      - high
+    title: SLEM 5 must be a vendor-supported release.
+    rules:
+      - installed_OS_is_vendor_supported
+    status: automated
+
+  - id: SLEM-05-211020
+    levels:
+      - medium
+    title: SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner
+      before granting any local or remote connection to the system.
+    rules:
+      - banner_etc_issue
+      - login_banner_text=dod_banners
+      - login_banner_contents=dod_default
+    status: automated
+
+  - id: SLEM-05-211025
+    levels:
+      - high
+    title: SLEM 5 must disable the x86 Ctrl-Alt-Delete key sequence.
+    rules:
+      - disable_ctrlaltdel_reboot
+    status: automated
+
+  - id: SLEM-05-212010
+    levels:
+      - high
+    title: SLEM 5 with a basic input/output system (BIOS) must require
+      authentication upon booting into single-user and maintenance modes.
+    rules:
+      - grub2_password
+    status: automated
+
+  - id: SLEM-05-212015
+    levels:
+      - high
+    title: SLEM 5 with Unified Extensible Firmware Interface (UEFI) implemented must
+      require authentication upon booting into single-user mode and maintenance.
+    rules:
+      - grub2_uefi_password
+    status: automated
+
+  - id: SLEM-05-213010
+    levels:
+      - medium
+    title: SLEM 5 must restrict access to the kernel message buffer.
+    rules:
+      - sysctl_kernel_dmesg_restrict
+    status: automated
+
+  - id: SLEM-05-213015
+    levels:
+      - medium
+    title: SLEM 5 kernel core dumps must be disabled unless needed.
+    rules:
+      - service_kdump_disabled
+    status: automated
+
+  - id: SLEM-05-213020
+    levels:
+      - medium
+    title: Address space layout randomization (ASLR) must be implemented by SLEM 5
+      to protect memory from unauthorized code execution.
+    rules:
+      - sysctl_kernel_randomize_va_space
+    status: automated
+
+  - id: SLEM-05-213025
+    levels:
+      - medium
+    title: SLEM 5 must implement kptr-restrict to prevent the leaking of internal
+      kernel addresses.
+    rules:
+      - sysctl_kernel_kptr_restrict
+    status: automated
+
+  - id: SLEM-05-214010
+    levels:
+      - medium
+    title: Vendor-packaged SLEM 5 security patches and updates must be installed and
+      up to date.
+    rules:
+      - security_patches_up_to_date
+    status: automated
+
+  - id: SLEM-05-214015
+    levels:
+      - high
+    title: The SLEM 5 tool zypper must have gpgcheck enabled.
+    rules:
+      - ensure_gpgcheck_globally_activated
+    status: automated
+
+  - id: SLEM-05-214020
+    levels:
+      - medium
+    title: SLEM 5 must remove all outdated software components after updated
+      versions have been installed.
+    rules:
+      - clean_components_post_updating
+    status: automated
+
+  - id: SLEM-05-215010
+    levels:
+      - medium
+    title: SLEM 5 must use vlock to allow for session locking.
+    rules:
+      - vlock_installed
+    status: automated
+
+  - id: SLEM-05-215015
+    levels:
+      - high
+    title: SLEM 5 must not have the telnet-server package installed.
+    rules:
+      - package_telnet-server_removed
+    status: automated
+
+  - id: SLEM-05-231010
+    levels:
+      - medium
+    title: A separate file system must be used for SLEM 5 user home directories
+      (such as /home or an equivalent).
+    rules:
+      - partition_for_home
+    status: automated
+
+  - id: SLEM-05-231015
+    levels:
+      - medium
+    title: SLEM 5 must use a separate file system for /var.
+    rules:
+      - partition_for_var
+    status: automated
+
+  - id: SLEM-05-231020
+    levels:
+      - medium
+    title: SLEM 5 must use a separate file system for the system audit data path.
+    rules:
+      - partition_for_var_log_audit
+    status: automated
+
+  - id: SLEM-05-231025
+    levels:
+      - medium
+    title: SLEM 5 file systems that are being imported via Network File System (NFS)
+      must be mounted to prevent files with the setuid and setgid bit set from
+      being executed.
+    rules:
+      - mount_option_nosuid_remote_filesystems
+    status: automated
+
+  - id: SLEM-05-231030
+    levels:
+      - medium
+    title: SLEM 5 file systems that are being imported via Network File System (NFS)
+      must be mounted to prevent binary files from being executed.
+    rules:
+      - mount_option_noexec_remote_filesystems
+    status: automated
+
+  - id: SLEM-05-231035
+    levels:
+      - medium
+    title: SLEM 5 file systems that are used with removable media must be mounted to
+      prevent files with the setuid and setgid bit set from being executed.
+    rules:
+      - mount_option_nosuid_removable_partitions
+    status: automated
+
+  - id: SLEM-05-231040
+    levels:
+      - high
+    title: All SLEM 5 persistent disk partitions must implement cryptographic
+      mechanisms to prevent unauthorized disclosure or modification of all
+      information that requires at-rest protection.
+    rules:
+      - encrypt_partitions
+    status: automated
+
+  - id: SLEM-05-231045
+    levels:
+      - medium
+    title: SLEM 5 file systems that contain user home directories must be mounted to
+      prevent files with the setuid and setgid bit set from being executed.
+    rules:
+      - mount_option_home_nosuid
+    status: automated
+
+  - id: SLEM-05-231050
+    levels:
+      - medium
+    title: SLEM 5 must disable the file system automounter unless required.
+    rules:
+      - service_autofs_disabled
+    status: automated
+
+  - id: SLEM-05-232010
+    levels:
+      - medium
+    title: SLEM 5 must have directories that contain system commands set to a mode
+      of 755 or less permissive.
+    rules:
+      - dir_permissions_binary_dirs
+    status: automated
+
+  - id: SLEM-05-232015
+    levels:
+      - medium
+    title: SLEM 5 must have system commands set to a mode of 755 or less permissive.
+    rules:
+      - file_permissions_binary_dirs
+    status: automated
+
+  - id: SLEM-05-232020
+    levels:
+      - medium
+    title: SLEM 5 library directories must have mode 755 or less permissive.
+    rules:
+      - dir_permissions_library_dirs
+    status: automated
+
+  - id: SLEM-05-232025
+    levels:
+      - medium
+    title: SLEM 5 library files must have mode 755 or less permissive.
+    rules:
+      - file_permissions_library_dirs
+    status: automated
+
+  - id: SLEM-05-232030
+    levels:
+      - medium
+    title: All SLEM 5 local interactive user home directories must have mode 750 or
+      less permissive.
+    rules:
+      - file_permissions_home_directories
+    status: automated
+
+  - id: SLEM-05-232035
+    levels:
+      - medium
+    title: All SLEM 5 local initialization files must have mode 740 or less
+      permissive.
+    rules:
+      - file_permission_user_init_files
+    status: automated
+
+  - id: SLEM-05-232040
+    levels:
+      - medium
+    title: SLEM 5 SSH daemon public host key files must have mode 644 or less
+      permissive.
+    rules:
+      - file_permissions_sshd_pub_key
+    status: automated
+
+  - id: SLEM-05-232045
+    levels:
+      - medium
+    title: SLEM 5 SSH daemon private host key files must have mode 640 or less
+      permissive.
+    rules:
+      - file_permissions_sshd_private_key
+    status: automated
+
+  - id: SLEM-05-232050
+    levels:
+      - medium
+    title: SLEM 5 library files must be owned by root.
+    rules:
+      - file_ownership_library_dirs
+    status: automated
+
+  - id: SLEM-05-232055
+    levels:
+      - medium
+    title: SLEM 5 library files must be group-owned by root.
+    rules:
+      - root_permissions_syslibrary_files
+    status: automated
+
+  - id: SLEM-05-232060
+    levels:
+      - medium
+    title: SLEM 5 library directories must be owned by root.
+    rules:
+      - dir_ownership_library_dirs
+    status: automated
+
+  - id: SLEM-05-232065
+    levels:
+      - medium
+    title: SLEM 5 library directories must be group-owned by root.
+    rules:
+      - dir_group_ownership_library_dirs
+    status: automated
+
+  - id: SLEM-05-232070
+    levels:
+      - medium
+    title: SLEM 5 must have system commands owned by root.
+    rules:
+      - file_ownership_binary_dirs
+    status: automated
+
+  - id: SLEM-05-232075
+    levels:
+      - medium
+    title: SLEM 5 must have system commands group-owned by root or a system account.
+    rules:
+      - file_groupownership_system_commands_dirs
+    status: automated
+
+  - id: SLEM-05-232080
+    levels:
+      - medium
+    title: SLEM 5 must have directories that contain system commands owned by root.
+    rules:
+      - dir_system_commands_root_owned
+    status: automated
+
+  - id: SLEM-05-232085
+    levels:
+      - medium
+    title: SLEM 5 must have directories that contain system commands group-owned by
+      root.
+    rules:
+      - dir_system_commands_group_root_owned
+    status: automated
+
+  - id: SLEM-05-232090
+    levels:
+      - medium
+    title: All SLEM 5 files and directories must have a valid owner.
+    rules:
+      - no_files_unowned_by_user
+    status: automated
+
+  - id: SLEM-05-232095
+    levels:
+      - medium
+    title: All SLEM 5 files and directories must have a valid group owner.
+    rules:
+      - file_permissions_ungroupowned
+    status: automated
+
+  - id: SLEM-05-232100
+    levels:
+      - medium
+    title: All SLEM 5 local interactive user home directories must be group-owned by
+      the home directory owner's primary group.
+    rules:
+      - file_groupownership_home_directories
+    status: automated
+
+  - id: SLEM-05-232105
+    levels:
+      - medium
+    title: All SLEM 5 world-writable directories must be group-owned by root, sys,
+      bin, or an application group.
+    rules:
+      - dir_perms_world_writable_system_owned_group
+    status: automated
+
+  - id: SLEM-05-232110
+    levels:
+      - medium
+    title: The sticky bit must be set on all SLEM 5 world-writable directories.
+    rules:
+      - dir_perms_world_writable_sticky_bits
+    status: automated
+
+  - id: SLEM-05-232115
+    levels:
+      - medium
+    title: SLEM 5 must prevent unauthorized users from accessing system error
+      messages.
+    rules:
+      - file_permissions_local_var_log_messages
+    status: automated
+
+  - id: SLEM-05-232120
+    levels:
+      - medium
+    title: SLEM 5 must generate error messages that provide information necessary
+      for corrective actions without revealing information that could be
+      exploited by adversaries.
+    rules:
+      - permissions_local_var_log
+    status: automated
+
+  - id: SLEM-05-251010
+    levels:
+      - medium
+    title: SLEM 5 must be configured to prohibit or restrict the use of functions,
+      ports, protocols, and/or services as defined in the Ports, Protocols, and
+      Services Management (PPSM) Category Assignments List (CAL) and
+      vulnerability assessments.
+    rules:
+      - service_firewalld_enabled
+    status: automated
+
+  - id: SLEM-05-252010
+    levels:
+      - medium
+    title: SLEM 5 clock must, for networked systems, be synchronized to an
+      authoritative DOD time source at least every 24 hours.
+    rules:
+      - chronyd_or_ntpd_set_maxpoll
+      - chronyd_specify_remote_server
+      - var_multiple_time_servers=stig
+      - var_time_service_set_maxpoll=18_hours
+    status: automated
+
+  - id: SLEM-05-252015
+    levels:
+      - medium
+    title: SLEM 5 must not have network interfaces in promiscuous mode unless
+      approved and documented.
+    rules:
+      - network_sniffer_disabled
+    status: automated
+
+  - id: SLEM-05-253010
+    levels:
+      - medium
+    title: SLEM 5 must not forward Internet Protocol version 4 (IPv4) source-routed
+      packets.
+    rules:
+      - sysctl_net_ipv4_conf_all_accept_source_route
+    status: automated
+
+  - id: SLEM-05-253015
+    levels:
+      - medium
+    title: SLEM 5 must not forward Internet Protocol version 4 (IPv4) source-routed
+      packets by default.
+    rules:
+      - sysctl_net_ipv4_conf_default_accept_source_route
+    status: automated
+
+  - id: SLEM-05-253020
+    levels:
+      - medium
+    title: SLEM 5 must prevent Internet Protocol version 4 (IPv4) Internet Control
+      Message Protocol (ICMP) redirect messages from being accepted.
+    rules:
+      - sysctl_net_ipv4_conf_all_accept_redirects
+    status: automated
+
+  - id: SLEM-05-253025
+    levels:
+      - medium
+    title: SLEM 5 must not allow interfaces to accept Internet Protocol version 4
+      (IPv4) Internet Control Message Protocol (ICMP) redirect messages by
+      default.
+    rules:
+      - sysctl_net_ipv4_conf_default_accept_redirects
+    status: automated
+
+  - id: SLEM-05-253030
+    levels:
+      - medium
+    title: SLEM 5 must not send Internet Protocol version 4 (IPv4) Internet Control
+      Message Protocol (ICMP) redirects.
+    rules:
+      - sysctl_net_ipv4_conf_all_send_redirects
+    status: automated
+
+  - id: SLEM-05-253035
+    levels:
+      - medium
+    title: SLEM 5 must not allow interfaces to send Internet Protocol version 4
+      (IPv4) Internet Control Message Protocol (ICMP) redirect messages by
+      default.
+    rules:
+      - sysctl_net_ipv4_conf_default_send_redirects
+    status: automated
+
+  - id: SLEM-05-253040
+    levels:
+      - medium
+    title: SLEM 5 must not be performing Internet Protocol version 4 (IPv4) packet
+      forwarding unless the system is a router.
+    rules:
+      - sysctl_net_ipv4_ip_forward
+    status: automated
+
+  - id: SLEM-05-253045
+    levels:
+      - medium
+    title: SLEM 5 must be configured to use TCP syncookies.
+    rules:
+      - sysctl_net_ipv4_tcp_syncookies
+    status: automated
+
+  - id: SLEM-05-254010
+    levels:
+      - medium
+    title: SLEM 5 must not forward Internet Protocol version 6 (IPv6) source-routed
+      packets.
+    rules:
+      - sysctl_net_ipv6_conf_all_accept_source_route
+    status: automated
+
+  - id: SLEM-05-254015
+    levels:
+      - medium
+    title: SLEM 5 must not forward Internet Protocol version 6 (IPv6) source-routed
+      packets by default.
+    rules:
+      - sysctl_net_ipv6_conf_default_accept_source_route
+    status: automated
+
+  - id: SLEM-05-254020
+    levels:
+      - medium
+    title: SLEM 5 must prevent Internet Protocol version 6 (IPv6) Internet Control
+      Message Protocol (ICMP) redirect messages from being accepted.
+    rules:
+      - sysctl_net_ipv6_conf_all_accept_redirects
+    status: automated
+
+  - id: SLEM-05-254025
+    levels:
+      - medium
+    title: SLEM 5 must not allow interfaces to accept Internet Protocol version 6
+      (IPv6) Internet Control Message Protocol (ICMP) redirect messages by
+      default.
+    rules:
+      - sysctl_net_ipv6_conf_default_accept_redirects
+    status: automated
+
+  - id: SLEM-05-254030
+    levels:
+      - medium
+    title: SLEM 5 must not be performing Internet Protocol version 6 (IPv6) packet
+      forwarding unless the system is a router.
+    rules:
+      - sysctl_net_ipv6_conf_all_forwarding
+    status: automated
+
+  - id: SLEM-05-254035
+    levels:
+      - medium
+    title: SLEM 5 must not be performing Internet Protocol version 6 (IPv6) packet
+      forwarding by default unless the system is a router.
+    rules:
+      - sysctl_net_ipv6_conf_default_forwarding
+    status: automated
+
+  - id: SLEM-05-255010
+    levels:
+      - high
+    title: SLEM 5 must have SSH installed to protect the confidentiality and
+      integrity of transmitted information.
+    rules:
+      - package_openssh-server_installed
+    status: automated
+
+  - id: SLEM-05-255015
+    levels:
+      - high
+    title: SLEM 5 must use SSH to protect the confidentiality and integrity of
+      transmitted information.
+    rules:
+      - service_sshd_enabled
+    status: automated
+
+  - id: SLEM-05-255020
+    levels:
+      - medium
+    title: SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner
+      before granting access via SSH.
+    rules:
+      - sshd_enable_warning_banner
+    status: automated
+
+  - id: SLEM-05-255025
+    levels:
+      - high
+    title: SLEM 5 must not allow unattended or automatic logon via SSH.
+    rules:
+      - sshd_disable_empty_passwords
+      - sshd_do_not_permit_user_env
+    status: automated
+
+  - id: SLEM-05-255030
+    levels:
+      - medium
+    title: SLEM 5 must be configured so that all network connections associated with
+      SSH traffic terminate after becoming unresponsive.
+    rules:
+      - sshd_set_keepalive
+      - var_sshd_set_keepalive=1
+    status: automated
+
+  - id: SLEM-05-255035
+    levels:
+      - medium
+    title: SLEM 5 must be configured so that all network connections associated with
+      SSH traffic are terminated after 10 minutes of becoming unresponsive.
+    rules:
+      - sshd_set_idle_timeout
+      - sshd_idle_timeout_value=10_minutes
+    status: automated
+
+  - id: SLEM-05-255040
+    levels:
+      - medium
+    title: SLEM 5 SSH daemon must disable forwarded remote X connections for
+      interactive users, unless to fulfill documented and validated mission
+      requirements.
+    rules:
+      - sshd_disable_x11_forwarding
+    status: automated
+
+  - id: SLEM-05-255045
+    levels:
+      - high
+    title: SLEM 5 must implement DOD-approved encryption to protect the
+      confidentiality of SSH remote connections.
+    rules:
+      - sshd_use_approved_ciphers_ordered_stig
+      - sshd_use_approved_ciphers
+    status: automated
+
+  - id: SLEM-05-255050
+    levels:
+      - high
+    title: SLEM 5 SSH daemon must be configured to only use Message Authentication
+      Codes (MACs) employing FIPS 140-2/140-3 approved cryptographic hash
+      algorithms.
+    rules:
+      - sshd_use_approved_macs_ordered_stig
+      - sshd_use_approved_macs
+    status: automated
+
+  - id: SLEM-05-255055
+    levels:
+      - high
+    title: SLEM 5 SSH server must be configured to use only FIPS 140-2/140-3
+      validated key exchange algorithms.
+    rules:
+      - sshd_use_approved_kex_ordered_stig
+    status: automated
+
+  - id: SLEM-05-255060
+    levels:
+      - medium
+    title: SLEM 5 must deny direct logons to the root account using remote access
+      via SSH.
+    rules:
+      - sshd_disable_root_login
+    status: automated
+
+  - id: SLEM-05-255065
+    levels:
+      - medium
+    title: SLEM 5 must log SSH connection attempts and failures to the server.
+    rules:
+      - sshd_set_loglevel_verbose
+    status: automated
+
+  - id: SLEM-05-255070
+    levels:
+      - medium
+    title: SLEM 5 must display the date and time of the last successful account
+      logon upon an SSH logon.
+    rules:
+      - sshd_print_last_log
+    status: automated
+
+  - id: SLEM-05-255075
+    levels:
+      - medium
+    title: SLEM 5 SSH daemon must be configured to not allow authentication using
+      known hosts authentication.
+    rules:
+      - sshd_disable_user_known_hosts
+    status: automated
+
+  - id: SLEM-05-255080
+    levels:
+      - medium
+    title: SLEM 5 SSH daemon must perform strict mode checking of home directory
+      configuration files.
+    rules:
+      - sshd_enable_strictmodes
+    status: automated
+
+  - id: SLEM-05-255085
+    levels:
+      - medium
+    title: SLEM 5, for PKI-based authentication, must enforce authorized access to
+      the corresponding private key.
+    rules:
+      - ssh_private_keys_have_passcode
+    status: manual
+
+  - id: SLEM-05-255090
+    levels:
+      - high
+    title: There must be no .shosts files on SLEM 5.
+    rules:
+      - no_user_host_based_files
+    status: automated
+
+  - id: SLEM-05-255095
+    levels:
+      - high
+    title: There must be no shosts.equiv files on SLEM 5.
+    rules:
+      - no_host_based_files
+    status: automated
+
+  - id: SLEM-05-272010
+    levels:
+      - high
+    title: SLEM 5 must not allow unattended or automatic logon via the graphical
+      user interface (GUI).
+    rules:
+      - gnome_gdm_disable_unattended_automatic_login
+    status: automated
+
+  - id: SLEM-05-291010
+    levels:
+      - medium
+    title: SLEM 5 wireless network adapters must be disabled unless approved and
+      documented.
+    rules:
+      - wireless_disable_interfaces
+    status: automated
+
+  - id: SLEM-05-291015
+    levels:
+      - medium
+    title: SLEM 5 must disable the USB mass storage kernel module.
+    rules:
+      - kernel_module_usb-storage_disabled
+    status: automated
+
+  - id: SLEM-05-411010
+    levels:
+      - medium
+    title: All SLEM 5 local interactive user accounts, upon creation, must be
+      assigned a home directory.
+    rules:
+      - accounts_have_homedir_login_defs
+    status: automated
+
+  - id: SLEM-05-411015
+    levels:
+      - medium
+    title: SLEM 5 default permissions must be defined in such a way that all
+      authenticated users can only read and modify their own files.
+    rules:
+      - accounts_umask_etc_login_defs
+    status: automated
+
+  - id: SLEM-05-411020
+    levels:
+      - medium
+    title: SLEM 5 shadow password suite must be configured to enforce a delay of at
+      least five seconds between logon prompts following a failed logon attempt.
+    rules:
+      - accounts_logon_fail_delay
+      - var_accounts_fail_delay=5
+    status: automated
+
+  - id: SLEM-05-411025
+    levels:
+      - medium
+    title: All SLEM 5 local interactive users must have a home directory assigned in
+      the /etc/passwd file.
+    rules:
+      - accounts_user_interactive_home_directory_defined
+    status: automated
+
+  - id: SLEM-05-411030
+    levels:
+      - medium
+    title: All SLEM 5 local interactive user home directories defined in the
+      /etc/passwd file must exist.
+    rules:
+      - accounts_user_interactive_home_directory_exists
+    status: automated
+
+  - id: SLEM-05-411035
+    levels:
+      - medium
+    title: All SLEM 5 local interactive user initialization files executable search
+      paths must contain only paths that resolve to the users' home directory.
+    rules:
+      - accounts_user_home_paths_only
+    status: automated
+
+  - id: SLEM-05-411040
+    levels:
+      - medium
+    title: All SLEM 5 local initialization files must not execute world-writable
+      programs.
+    rules:
+      - accounts_user_dot_no_world_writable_programs
+    status: automated
+
+  - id: SLEM-05-411045
+    levels:
+      - medium
+    title: SLEM 5 must automatically expire temporary accounts within 72 hours.
+    rules:
+      - account_temp_expire_date
+    status: automated
+
+  - id: SLEM-05-411050
+    levels:
+      - medium
+    title: SLEM 5 must never automatically remove or disable emergency administrator
+      accounts.
+    rules:
+      - account_emergency_admin
+    status: automated
+
+  - id: SLEM-05-411055
+    levels:
+      - medium
+    title: SLEM 5 must not have unnecessary accounts.
+    rules:
+      - accounts_authorized_local_users
+      - var_accounts_authorized_local_users_regex=slmicro5
+    status: automated
+
+  - id: SLEM-05-411060
+    levels:
+      - medium
+    title: SLEM 5 must not have unnecessary account capabilities.
+    rules:
+      - no_shelllogin_for_systemaccounts
+    status: automated
+
+  - id: SLEM-05-411065
+    levels:
+      - high
+    title: SLEM 5 root account must be the only account with unrestricted access to
+      the system.
+    rules:
+      - accounts_no_uid_except_zero
+    status: automated
+
+  - id: SLEM-05-411070
+    levels:
+      - medium
+    title: SLEM 5 must disable account identifiers (individuals, groups, roles, and
+      devices) after 35 days of inactivity after password expiration.
+    rules:
+      - account_disable_post_pw_expiration
+    status: automated
+
+  - id: SLEM-05-411075
+    levels:
+      - medium
+    title: SLEM 5 must not have duplicate User IDs (UIDs) for interactive users.
+    rules:
+      - account_unique_id
+    status: automated
+
+  - id: SLEM-05-412015
+    levels:
+      - medium
+    title: SLEM 5 must initiate a session lock after a 15-minute period of inactivity.
+    rules:
+      - accounts_tmout
+      - var_accounts_tmout=15_min
+    status: automated
+
+  - id: SLEM-05-412020
+    levels:
+      - medium
+    title: SLEM 5 must lock an account after three consecutive invalid access
+      attempts.
+    rules:
+      - accounts_passwords_pam_tally2
+      - var_password_pam_tally2=3
+    status: automated
+
+  - id: SLEM-05-412025
+    levels:
+      - medium
+    title: SLEM 5 must enforce a delay of at least five seconds between logon
+      prompts following a failed logon attempt via pluggable authentication
+      modules (PAM).
+    rules:
+      - accounts_passwords_pam_faildelay_delay
+      - var_password_pam_delay=4000000
+    status: automated
+
+  - id: SLEM-05-412035
+    levels:
+      - low
+    title: SLEM 5 must limit the number of concurrent sessions to 10 for all
+      accounts and/or account types.
+    rules:
+      - accounts_max_concurrent_login_sessions
+      - var_accounts_max_concurrent_login_sessions=10
+    status: automated
+
+  - id: SLEM-05-431010
+    levels:
+      - low
+    title: SLEM 5 must have policycoreutils package installed.
+    rules:
+      - package_policycoreutils_installed
+    status: automated
+
+  - id: SLEM-05-431015
+    levels:
+      - high
+    title: SLEM 5 must use a Linux Security Module configured to enforce limits on
+      system services.
+    rules:
+      - selinux_state
+      - var_selinux_state=enforcing
+    status: automated
+
+  - id: SLEM-05-431020
+    levels:
+      - medium
+    title: SLEM 5 must enable the SELinux targeted policy.
+    rules:
+      - selinux_policytype
+      - var_selinux_policy_name=targeted
+    status: automated
+
+  - id: SLEM-05-431025
+    levels:
+      - medium
+    title: SLEM 5 must prevent nonprivileged users from executing privileged
+      functions, including disabling, circumventing, or altering implemented
+      security safeguards/countermeasures.
+    rules:
+      - selinux_user_login_roles
+    status: manual
+
+  - id: SLEM-05-432010
+    levels:
+      - medium
+    title: SLEM 5 must use the invoking user's password for privilege escalation
+      when using "sudo".
+    rules:
+      - sudoers_validate_passwd
+    status: automated
+
+  - id: SLEM-05-432015
+    levels:
+      - medium
+    title: SLEM 5 must reauthenticate users when changing authenticators, roles, or
+      escalating privileges.
+    rules:
+      - sudo_require_authentication
+      - sudo_remove_nopasswd
+      - sudo_remove_no_authenticate
+    status: automated
+
+  - id: SLEM-05-432020
+    levels:
+      - medium
+    title: SLEM 5 must require reauthentication when using the "sudo" command.
+    rules:
+      - sudo_require_reauthentication
+    status: automated
+
+  - id: SLEM-05-432025
+    levels:
+      - medium
+    title: SLEM 5 must restrict privilege elevation to authorized personnel.
+    rules:
+      - sudo_restrict_privilege_elevation_to_authorized
+    status: automated
+
+  - id: SLEM-05-432030
+    levels:
+      - medium
+    title: SLEM 5 must specify the default "include" directory for the /etc/sudoers
+      file.
+    rules:
+      - sudoers_default_includedir
+    status: automated
+
+  - id: SLEM-05-611010
+    levels:
+      - medium
+    title: SLEM 5 must enforce passwords that contain at least one uppercase
+      character.
+    rules:
+      - cracklib_accounts_password_pam_ucredit
+    status: automated
+
+  - id: SLEM-05-611015
+    levels:
+      - medium
+    title: SLEM 5 must enforce passwords that contain at least one lowercase
+      character.
+    rules:
+      - cracklib_accounts_password_pam_lcredit
+    status: automated
+
+  - id: SLEM-05-611020
+    levels:
+      - medium
+    title: SLEM 5 must enforce passwords that contain at least one numeric character.
+    rules:
+      - cracklib_accounts_password_pam_dcredit
+    status: automated
+
+  - id: SLEM-05-611025
+    levels:
+      - medium
+    title: SLEM 5 must enforce passwords that contain at least one special character.
+    rules:
+      - cracklib_accounts_password_pam_ocredit
+    status: automated
+
+  - id: SLEM-05-611030
+    levels:
+      - medium
+    title: SLEM 5 must prevent the use of dictionary words for passwords.
+    rules:
+      - cracklib_accounts_password_pam_retry
+      - var_password_pam_retry=3
+    status: automated
+
+  - id: SLEM-05-611035
+    levels:
+      - medium
+    title: SLEM 5 must employ passwords with a minimum of 15 characters.
+    rules:
+      - cracklib_accounts_password_pam_minlen
+    status: automated
+
+  - id: SLEM-05-611040
+    levels:
+      - medium
+    title: SLEM 5 must require the change of at least eight of the total number of
+      characters when passwords are changed.
+    rules:
+      - cracklib_accounts_password_pam_difok
+    status: automated
+
+  - id: SLEM-05-611045
+    levels:
+      - medium
+    title: SLEM 5 must not allow passwords to be reused for a minimum of five
+      generations.
+    rules:
+      - accounts_password_pam_pwhistory_remember
+      - var_password_pam_remember_control_flag=requisite
+      - var_password_pam_remember=5
+    status: automated
+
+  - id: SLEM-05-611050
+    levels:
+      - medium
+    title: SLEM 5 must configure the Linux Pluggable Authentication Modules (PAM) to
+      only store encrypted representations of passwords.
+    rules:
+      - set_password_hashing_algorithm_systemauth
+    status: automated
+
+  - id: SLEM-05-611055
+    levels:
+      - high
+    title: SLEM 5 must not be configured to allow blank or null passwords.
+    rules:
+      - no_empty_passwords
+    status: automated
+
+  - id: SLEM-05-611060
+    levels:
+      - high
+    title: SLEM 5 must not have accounts configured with blank or null passwords.
+    rules:
+      - no_empty_passwords_etc_shadow
+    status: automated
+
+  - id: SLEM-05-611065
+    levels:
+      - medium
+    title: SLEM 5 must employ user passwords with a minimum lifetime of 24 hours
+      (one day).
+    rules:
+      - accounts_password_set_min_life_existing
+      - var_accounts_minimum_age_login_defs=1
+    status: automated
+
+  - id: SLEM-05-611070
+    levels:
+      - medium
+    title: SLEM 5 must employ user passwords with a maximum lifetime of 60 days.
+    rules:
+      - accounts_password_set_max_life_existing
+      - var_accounts_maximum_age_login_defs=60
+    status: automated
+
+  - id: SLEM-05-611075
+    levels:
+      - medium
+    title: SLEM 5 must employ a password history file.
+    rules:
+      - file_etc_security_opasswd
+    status: automated
+
+  - id: SLEM-05-611080
+    levels:
+      - high
+    title: SLEM 5 must employ FIPS 140-2/140-3-approved cryptographic hashing
+      algorithms for system authentication.
+    rules:
+      - accounts_password_all_shadowed_sha512
+    status: automated
+
+  - id: SLEM-05-611085
+    levels:
+      - high
+    title: SLEM 5 shadow password suite must be configured to use a sufficient
+      number of hashing rounds.
+    rules:
+      - set_password_hashing_min_rounds_logindefs
+      - var_password_hashing_min_rounds_login_defs=100000
+    status: automated
+
+  - id: SLEM-05-611090
+    levels:
+      - medium
+    title: SLEM 5 must employ FIPS 140-2/140-3 approved cryptographic hashing
+      algorithm for system authentication (login.defs).
+    rules:
+      - set_password_hashing_algorithm_logindefs
+      - var_password_hashing_algorithm=SHA512
+    status: automated
+
+  - id: SLEM-05-611095
+    levels:
+      - medium
+    title: SLEM 5 must be configured to create or update passwords with a minimum
+      lifetime of 24 hours (one day).
+    rules:
+      - accounts_minimum_age_login_defs
+    status: automated
+
+  - id: SLEM-05-611100
+    levels:
+      - medium
+    title: SLEM 5 must be configured to create or update passwords with a maximum
+      lifetime of 60 days.
+    rules:
+      - accounts_maximum_age_login_defs
+    status: automated
+
+  - id: SLEM-05-612010
+    levels:
+      - medium
+    title: SLEM 5 must have the packages required for multifactor authentication to
+      be installed.
+    rules:
+      - install_smartcard_packages
+    status: automated
+
+  - id: SLEM-05-612015
+    levels:
+      - medium
+    title: SLEM 5 must implement multifactor authentication for access to privileged
+      accounts via pluggable authentication modules (PAM).
+    rules:
+      - smartcard_pam_enabled
+    status: automated
+
+  - id: SLEM-05-612020
+    levels:
+      - medium
+    title: SLEM 5 must implement certificate status checking for multifactor
+      authentication.
+    rules:
+      - smartcard_configure_cert_checking
+    status: automated
+
+  - id: SLEM-05-631010
+    levels:
+      - medium
+    title: If Network Security Services (NSS) is being used by SLEM 5 it must
+      prohibit the use of cached authentications after one day.
+    rules:
+      - sssd_memcache_timeout
+      - var_sssd_memcache_timeout=1_day
+    status: automated
+
+  - id: SLEM-05-631015
+    levels:
+      - medium
+    title: SLEM 5 must configure the Linux Pluggable Authentication Modules (PAM) to
+      prohibit the use of cached offline authentications after one day.
+    rules:
+      - sssd_offline_cred_expiration
+    status: automated
+
+  - id: SLEM-05-631020
+    levels:
+      - medium
+    title: SLEM 5, for PKI-based authentication, must validate certificates by
+      constructing a certification path (which includes status information) to
+      an accepted trust anchor.
+    rules:
+      - smartcard_configure_ca
+    status: automated
+
+  - id: SLEM-05-631025
+    levels:
+      - medium
+    title: SLEM 5 must be configured to not overwrite Pluggable Authentication
+      Modules (PAM) configuration on package changes.
+    rules:
+      - pam_disable_automatic_configuration
+    status: automated
+
+  - id: SLEM-05-651010
+    levels:
+      - medium
+    title: SLEM 5 must use a file integrity tool to verify correct operation of all
+      security functions.
+    rules:
+      - package_aide_installed
+      - aide_build_database
+    status: automated
+
+  - id: SLEM-05-651015
+    levels:
+      - medium
+    title: SLEM 5 file integrity tool must be configured to verify Access Control
+      Lists (ACLs).
+    rules:
+      - aide_verify_acls
+    status: automated
+
+  - id: SLEM-05-651020
+    levels:
+      - medium
+    title: SLEM 5 file integrity tool must be configured to verify extended
+      attributes.
+    rules:
+      - aide_verify_ext_attributes
+    status: automated
+
+  - id: SLEM-05-651025
+    levels:
+      - medium
+    title: SLEM 5 file integrity tool must be configured to protect the integrity of
+      the audit tools.
+    rules:
+      - aide_check_audit_tools
+    status: automated
+
+  - id: SLEM-05-651030
+    levels:
+      - medium
+    title: Advanced Intrusion Detection Environment (AIDE) must verify the baseline
+      SLEM 5 configuration at least weekly.
+    rules:
+      - aide_periodic_checking_systemd_timer
+    status: automated
+
+  - id: SLEM-05-651035
+    levels:
+      - medium
+    title: SLEM 5 must notify the system administrator (SA) when Advanced Intrusion
+      Detection Environment (AIDE) discovers anomalies in the operation of any
+      security functions.
+    rules:
+      - aide_scan_notification
+    status: automated
+
+  - id: SLEM-05-652010
+    levels:
+      - medium
+    title: SLEM 5 must offload rsyslog messages for networked systems in real time
+      and offload standalone systems at least weekly.
+    rules:
+      - package_systemd-journal-remote_installed
+      - service_systemd-journal-upload_enabled
+      - systemd_journal_upload_url
+      - systemd_journal_upload_server_tls
+    status: manual # do not assume anything set external variables before use
+
+  - id: SLEM-05-653010
+    levels:
+      - medium
+    title: SLEM 5 must have the auditing package installed.
+    rules:
+      - package_audit_installed
+    status: automated
+
+  - id: SLEM-05-653015
+    levels:
+      - medium
+    title: SLEM 5 audit records must contain information to establish what type of
+      events occurred, the source of events, where events occurred, and the
+      outcome of events.
+    rules:
+      - service_auditd_enabled
+    status: automated
+
+  - id: SLEM-05-653020
+    levels:
+      - medium
+    title: The audit-audispd-plugins package must be installed on SLEM 5.
+    rules:
+      - package_audit-audispd-plugins_installed
+    status: automated
+
+  - id: SLEM-05-653025
+    levels:
+      - medium
+    title: SLEM 5 must allocate audit record storage capacity to store at least one
+      week of audit records when audit records are not immediately sent to a
+      central audit record storage facility.
+    rules:
+      - auditd_audispd_configure_sufficiently_large_partition
+    status: automated
+
+  - id: SLEM-05-653030
+    levels:
+      - medium
+    title: SLEM 5 auditd service must notify the system administrator (SA) and
+      information system security officer (ISSO) immediately when audit storage
+      capacity is 75 percent full.
+    rules:
+      - auditd_data_retention_space_left_percentage
+      - var_auditd_space_left_percentage=25pc
+      - auditd_data_retention_space_left_action
+      - var_auditd_space_left_action=email
+    status: automated
+
+  - id: SLEM-05-653035
+    levels:
+      - medium
+    title: SLEM 5 audit system must take appropriate action when the audit storage
+      volume is full.
+    rules:
+      - auditd_data_disk_full_action
+    status: automated
+
+  - id: SLEM-05-653040
+    levels:
+      - medium
+    title: SLEM 5 must offload audit records onto a different system or media from
+      the system being audited.
+    rules:
+      - auditd_audispd_network_failure_action
+    status: automated
+
+  - id: SLEM-05-653045
+    levels:
+      - medium
+    title: Audispd must take appropriate action when SLEM 5 audit storage is full.
+    rules:
+      - auditd_audispd_disk_full_action
+    status: automated
+
+  - id: SLEM-05-653050
+    levels:
+      - medium
+    title: SLEM 5 must protect audit rules from unauthorized modification.
+    rules:
+      - permissions_local_var_log_audit
+    status: automated
+
+  - id: SLEM-05-653055
+    levels:
+      - medium
+    title: SLEM 5 audit tools must have the proper permissions configured to protect
+      against unauthorized access.
+    rules:
+      - permissions_local_audit_binaries
+    status: automated
+
+  - id: SLEM-05-653060
+    levels:
+      - medium
+    title: SLEM 5 audit tools must have the proper permissions applied to protect
+      against unauthorized access.
+    rules: []
+    status: manual
+
+  - id: SLEM-05-653065
+    levels:
+      - low
+    title: SLEM 5 audit event multiplexor must be configured to use Kerberos.
+    rules:
+      - auditd_audispd_encrypt_sent_records
+    status: automated
+
+  - id: SLEM-05-653070
+    levels:
+      - medium
+    title: Audispd must offload audit records onto a different system or media from
+      SLEM 5 being audited.
+    rules:
+      - auditd_audispd_configure_remote_server
+    status: automated
+
+  - id: SLEM-05-653075
+    levels:
+      - medium
+    title: The information system security officer (ISSO) and system administrator
+      (SA), at a minimum, must have mail aliases to be notified of a SLEM 5
+      audit processing failure.
+    rules:
+      - postfix_client_configure_mail_alias
+    status: automated
+
+  - id: SLEM-05-653080
+    levels:
+      - medium
+    title: The information system security officer (ISSO) and system administrator
+      (SA), at a minimum, must be alerted of a SLEM 5 audit processing failure
+      event.
+    rules:
+      - auditd_data_retention_action_mail_acct
+    status: automated
+
+  - id: SLEM-05-654010
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "chacl" command.
+    rules:
+      - audit_rules_execution_chacl
+    status: automated
+
+  - id: SLEM-05-654015
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "chage" command.
+    rules:
+      - audit_rules_privileged_commands_chage
+    status: automated
+
+  - id: SLEM-05-654020
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "chcon" command.
+    rules:
+      - audit_rules_execution_chcon
+    status: automated
+
+  - id: SLEM-05-654025
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "chfn" command.
+    rules:
+      - audit_rules_privileged_commands_chfn
+    status: automated
+
+  - id: SLEM-05-654030
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "chmod" command.
+    rules:
+      - audit_rules_execution_chmod
+    status: automated
+
+  - id: SLEM-05-654035
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for a uses of the "chsh" command.
+    rules:
+      - audit_rules_privileged_commands_chsh
+    status: automated
+
+  - id: SLEM-05-654040
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "crontab" command.
+    rules:
+      - audit_rules_privileged_commands_crontab
+    status: automated
+
+  - id: SLEM-05-654045
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "gpasswd" command.
+    rules:
+      - audit_rules_privileged_commands_gpasswd
+    status: automated
+
+  - id: SLEM-05-654050
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "insmod" command.
+    rules:
+      - audit_rules_privileged_commands_insmod
+    status: automated
+
+  - id: SLEM-05-654055
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "kmod" command.
+    rules:
+      - audit_rules_privileged_commands_kmod
+    status: automated
+
+  - id: SLEM-05-654060
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "modprobe" command.
+    rules:
+      - audit_rules_privileged_commands_modprobe
+    status: automated
+
+  - id: SLEM-05-654065
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "newgrp" command.
+    rules:
+      - audit_rules_privileged_commands_newgrp
+    status: automated
+
+  - id: SLEM-05-654070
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the
+      "pam_timestamp_check" command.
+    rules:
+      - audit_rules_privileged_commands_pam_timestamp_check
+    status: automated
+
+  - id: SLEM-05-654075
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "passwd" command.
+    rules:
+      - audit_rules_privileged_commands_passwd
+    status: automated
+
+  - id: SLEM-05-654080
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "rm" command.
+    rules:
+      - audit_rules_execution_rm
+    status: automated
+
+  - id: SLEM-05-654085
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "rmmod" command.
+    rules:
+      - audit_rules_privileged_commands_rmmod
+    status: automated
+
+  - id: SLEM-05-654090
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "setfacl" command.
+    rules:
+      - audit_rules_execution_setfacl
+    status: automated
+
+  - id: SLEM-05-654095
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "ssh-agent" command.
+    rules:
+      - audit_rules_privileged_commands_ssh_agent
+    status: automated
+
+  - id: SLEM-05-654100
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "ssh-keysign"
+      command.
+    rules:
+      - audit_rules_privileged_commands_ssh_keysign
+    status: automated
+
+  - id: SLEM-05-654105
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "su" command.
+    rules:
+      - audit_rules_privileged_commands_su
+    status: automated
+
+  - id: SLEM-05-654110
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "sudo" command.
+    rules:
+      - audit_rules_privileged_commands_sudo
+    status: automated
+
+  - id: SLEM-05-654115
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "sudoedit" command.
+    rules:
+      - audit_rules_privileged_commands_sudoedit
+    status: automated
+
+  - id: SLEM-05-654120
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "unix_chkpwd" or
+      "unix2_chkpwd" commands.
+    rules:
+      - audit_rules_privileged_commands_unix_chkpwd
+    status: automated
+
+  - id: SLEM-05-654125
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "usermod" command.
+    rules:
+      - audit_rules_privileged_commands_usermod
+    status: automated
+
+  - id: SLEM-05-654130
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all account creations,
+      modifications, disabling, and termination events that affect /etc/group.
+    rules:
+      - audit_rules_usergroup_modification_group
+    status: automated
+
+  - id: SLEM-05-654135
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all account creations,
+      modifications, disabling, and termination events that affect
+      /etc/security/opasswd.
+    rules:
+      - audit_rules_usergroup_modification_opasswd
+    status: automated
+
+  - id: SLEM-05-654140
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all account creations,
+      modifications, disabling, and termination events that affect /etc/passwd.
+    rules:
+      - audit_rules_usergroup_modification_passwd
+    status: automated
+
+  - id: SLEM-05-654145
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all account creations,
+      modifications, disabling, and termination events that affect /etc/shadow.
+    rules:
+      - audit_rules_usergroup_modification_shadow
+    status: automated
+
+  - id: SLEM-05-654150
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "chmod", "fchmod"
+      and "fchmodat" system calls.
+    rules:
+      - audit_rules_dac_modification_fchmod
+    status: automated
+
+  - id: SLEM-05-654155
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "chown", "fchown",
+      "fchownat", and "lchown" system calls.
+    rules:
+      - audit_rules_dac_modification_lchown
+    status: automated
+
+  - id: SLEM-05-654160
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "creat", "open",
+      "openat", "open_by_handle_at", "truncate", and "ftruncate" system calls.
+    rules:
+      - audit_rules_unsuccessful_file_modification_open
+    status: automated
+
+  - id: SLEM-05-654165
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "delete_module"
+      system call.
+    rules:
+      - audit_rules_kernel_module_loading_delete
+    status: automated
+
+  - id: SLEM-05-654170
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "init_module" and
+      "finit_module" system calls.
+    rules:
+      - audit_rules_kernel_module_loading_finit
+    status: automated
+
+  - id: SLEM-05-654175
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "mount" system call.
+    rules:
+      - audit_rules_media_export
+    status: automated
+
+  - id: SLEM-05-654180
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "setxattr",
+      "fsetxattr", "lsetxattr", "removexattr", "fremovexattr", and
+      "lremovexattr" system calls.
+    rules:
+      - audit_rules_dac_modification_fremovexattr
+    status: automated
+
+  - id: SLEM-05-654185
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "umount" system
+      call.
+    rules:
+      - audit_rules_dac_modification_umount2
+    status: automated
+
+  - id: SLEM-05-654190
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of the "unlink",
+      "unlinkat", "rename", "renameat", and "rmdir" system calls.
+    rules:
+      - audit_rules_unsuccessful_file_modification_rename
+    status: automated
+
+  - id: SLEM-05-654195
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all uses of privileged functions.
+    rules:
+      - audit_rules_suid_privilege_function
+    status: automated
+
+  - id: SLEM-05-654200
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all modifications to the "lastlog"
+      file.
+    rules:
+      - audit_rules_login_events_lastlog
+    status: automated
+
+  - id: SLEM-05-654205
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for all modifications to the
+      "tallylog" file must generate an audit record.
+    rules:
+      - audit_rules_login_events_tallylog
+    status: automated
+
+  - id: SLEM-05-654210
+    levels:
+      - medium
+    title: SLEM 5 must audit all uses of the sudoers file and all files in the
+      "/etc/sudoers.d/" directory.
+    rules:
+      - audit_rules_sysadmin_actions
+    status: automated
+
+  - id: SLEM-05-654215
+    levels:
+      - medium
+    title: Successful/unsuccessful uses of "setfiles" in SLEM 5 must generate an
+      audit record.
+    rules:
+      - audit_rules_execution_setfiles
+    status: automated
+
+  - id: SLEM-05-654220
+    levels:
+      - medium
+    title: Successful/unsuccessful uses of "semanage" in SLEM 5 must generate an
+      audit record.
+    rules:
+      - package_policycoreutils-python-utils_installed
+      - audit_rules_execution_semanage
+    status: automated
+
+  - id: SLEM-05-654225
+    levels:
+      - medium
+    title: Successful/unsuccessful uses of "setsebool" in SLEM 5 must generate an
+      audit record.
+    rules:
+      - audit_rules_execution_setsebool
+    status: automated
+
+  - id: SLEM-05-654230
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for the "/run/utmp file".
+    rules:
+      - audit_rules_session_events_utmp
+    status: automated
+
+  - id: SLEM-05-654235
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for the "/var/log/btmp" file.
+    rules:
+      - audit_rules_session_events_btmp
+    status: automated
+
+  - id: SLEM-05-654240
+    levels:
+      - medium
+    title: SLEM 5 must generate audit records for the "/var/log/wtmp" file.
+    rules:
+      - audit_rules_session_events_wtmp
+    status: automated
+
+  - id: SLEM-05-654245
+    levels:
+      - medium
+    title: SLEM 5 must not disable syscall auditing.
+    rules:
+      - audit_rules_enable_syscall_auditing
+    status: automated
+
+  - id: SLEM-05-671010
+    levels:
+      - high
+    title: FIPS 140-2/140-3 mode must be enabled on SLEM 5.
+    rules:
+      - is_fips_mode_enabled
+    status: automated