CCI-000085 requires monitoring for unauthorized connections of mobile devices. The
referenced rule disables the USB storage driver on the system.
Signed-off-by: Willy Santos <wsantos(a)redhat.com>
---
rhel6/src/input/system/permissions/mounting.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/system/permissions/mounting.xml
b/rhel6/src/input/system/permissions/mounting.xml
index 569fd7a..ed270ed 100644
--- a/rhel6/src/input/system/permissions/mounting.xml
+++ b/rhel6/src/input/system/permissions/mounting.xml
@@ -57,7 +57,7 @@ software and other vulnerabilities. Support for these devices should be
disabled
the devices themselves should be tightly controlled.</rationale>
<ident cce="4187-1" />
<oval id="kernel_module_usb-storage_disabled" />
-<ref nist="CM-6, CM-7" disa="1250" />
+<ref nist="CM-6, CM-7" disa="1250,85" />
</Rule>
<Rule id="kernel_module_usb-storage_removed">
--
1.7.7.6