Back

Configure the "lockd service" setting to organizational standards.


CONTROL ID
04934
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880

This Control has the following implementation support Control(s):
  • Configure the lockd service to use a static port or a dynamic portmapper port for User Datagram Protocol as appropriate., CC ID: 05980


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • The lockd service should be enabled or disabled as appropriate Technical Mechanisms: via RC scripts Parameters: enabled/disabled References: 10.8.10.5.4.1.5 (1) (CCE-5882-6, Common Configuration Enumeration List, Combined XML: AIX 5.3, 5.20130214)
  • The lockd service should be enabled or disabled as appropriate Technical Mechanisms: via RC scripts Parameters: enabled/disabled References: 10.8.10.5.4.1.5 (1) (CCE-6069-9, Common Configuration Enumeration List, Combined XML: HP-UX 11.23, 5.20130214)
  • The lockd service should be enabled or disabled as appropriate Technical Mechanisms: via RC scripts Parameters: enabled/disabled References: 10.8.10.5.4.1.5 (1) (CCE-6303-2, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 4, 5.20130214)
  • The lockd service should be configured to use a static port or a dynamic portmapper port for TCP as appropriate Technical Mechanisms: via /etc/sysconfig/nfs Parameters: static / dynamic References: Section: 3.13.2.3, Value: static (CCE-4559-1, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 5, 5.20130214)
  • The lockd service should be enabled or disabled as appropriate Technical Mechanisms: via RC scripts Parameters: enabled/disabled References: 10.8.10.5.4.1.5 (1) (CCE-6345-3, Common Configuration Enumeration List, Combined XML: Sun Solaris 8, 5.20130214)
  • The lockd service should be enabled or disabled as appropriate Technical Mechanisms: via RC scripts Parameters: enabled/disabled References: 10.8.10.5.4.1.5 (1) (CCE-7031-8, Common Configuration Enumeration List, Combined XML: Sun Solaris 9, 5.20130214)