![]() Starting in version 2006, bootable media can download cloud-based content. For example, add a password to the media. To make sure that the package contents are secured from unauthorized users, take appropriate security measures. The packages on bootable media aren't encrypted. It retrieves the following content from the site:īecause the task sequence isn't on the media, you can change the task sequence or content without having to recreate the media. ![]() The following process occurs when you boot to bootable media: Replace an existing computer and transfer settings Install a new version of Windows on a new computer (bare metal) Use bootable media for the following OS deployment scenarios: If the output does not match the example, this is a finding.Ĭonfigure the graphical user interface to disable the ability to automount devices.Ĭreate or edit the /etc/dconf/db/local.d/00-No-Automount file and add the following:Ĭreate or edit the /etc/dconf/db/local.Applies to: Configuration Manager (current branch)īootable media in Configuration Manager contains the boot image, optional prestart commands and associated files, and Configuration Manager files. org/gnome/desktop/media-handling/autorun-never org/gnome/desktop/media-handling/automount-open org/gnome/desktop/media-handling/automount # cat /etc/dconf/db/local.d/locks/00-No-Automount If the output does not match the example above, this is a finding. # cat /etc/dconf/db/local.d/00-No-Automount This path must be modified if a database other than "local" is being used.Ĭheck to see if automounter service is disabled with the following commands: ![]() Note: The example below is using the database "local" for the system, so the path is "/etc/dconf/db/local.d". Verify the operating system disables the ability to automount devices in a graphical user interface. Note: If the operating system does not have a graphical user interface installed, this requirement is Not Applicable. Red Hat Enterprise Linux 7 Security Technical Implementation Guideĭetails Check Text ( C-36354r602662_chk ) Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |