STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must disable the x86 Ctrl-Alt-Delete key sequence.

DISA Rule

SV-238380r654315_rule

Vulnerability Number

V-238380

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

UBTU-20-010460

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the system to disable the Ctrl-Alt-Delete sequence for the command line with the following command:

# sudo systemctl mask ctrl-alt-del.target

Reload the daemon to take effect:

# sudo systemctl daemon-reload

Check Contents

Verify the Ubuntu operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed.

Check that the "ctrl-alt-del.target" (otherwise also known as reboot.target) is not active with the following command:

# systemctl status ctrl-alt-del.target
reboot.target - Reboot
Loaded: loaded (/usr/lib/systemd/system/reboot.target; disabled)
Active: inactive (dead)
Docs: man:systemd.special(7)

If the "ctrl-alt-del.target" is active, this is a finding.

Vulnerability Number

V-238380

Documentable

False

Rule Version

UBTU-20-010460

Severity Override Guidance

Verify the Ubuntu operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed.

Check that the "ctrl-alt-del.target" (otherwise also known as reboot.target) is not active with the following command:

# systemctl status ctrl-alt-del.target
reboot.target - Reboot
Loaded: loaded (/usr/lib/systemd/system/reboot.target; disabled)
Active: inactive (dead)
Docs: man:systemd.special(7)

If the "ctrl-alt-del.target" is active, this is a finding.

Check Content Reference

M

Target Key

5318

Comments