Cumplimiento del Esquema Nacional de Seguridad en servidores CentOS 7 con OpenSCAP

Fandiño Calvo, José Carlos

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/107667

Title:	Cumplimiento del Esquema Nacional de Seguridad en servidores CentOS 7 con OpenSCAP
Author:	Fandiño Calvo, José Carlos
Director:	Garcia-Font, Victor
Tutor:	Canto Rodrigo, Pau del
Abstract:	SCAP protocol provides automation of security procedures, vulnerability assessment, automatic hardening and configuration of systems and other related security procedures. For this reason, is very appropriate to implement security policies. OpenSCAP project provides set of open and free inter-operable tools for SCAP content. Centro Criptológico Nacional (CCN) is responsible of the Information Security policies for the government and public sector in Spain. CCN-STIC series contains a set of security policies and related procedures. CCN-STIC-619 contains official hardening instructions and security policy for client systems based on CentOS7. This publication implements the recommendations of CCN-STIC-619 using SCAP content (XCCDF rules and OVAL checks), providing automatic capabilities to check and configure target systems. Also, a set of remediation scripts is developed, to modify the system configuration to conform with the rules when required. The implementation is verified checking a clean install of CentOS7. Remediation scripts are applied to adapt the target system to the requirements.
Keywords:	information security computer security SCAP XCCDF OVAL OpenSCAP CentOS7 CCN-STIC-619 security policy secure configuration
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	28-Dec-2019
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.