STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide

V-282497

CAT II (Medium)

TOSS 5 file system automount function must be disabled unless required.

Rule ID

SV-282497r1200471_rule

STIG

Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000778

Discussion

An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message.

Check Content

Verify TOSS 5 file system automount function has been disabled using the following command:

$ sudo systemctl is-enabled  autofs

masked

If the returned value is not "masked", "disabled", "Failed to get unit file state for autofs.service for autofs", or "enabled", and is not documented as operational requirement with the information system security officer (ISSO), this is a finding.

Fix Text

Configure TOSS 5 to disable the ability to automount devices.

Disable the "autofs" service using the following command:

$ sudo systemctl mask --now autofs.service