- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
$ sudo yum update
If the system is not configured to use one of these sources, updates (in the form of RPM packages)
can be manually downloaded from the Red Hat Network and installed using rpm
.
NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
The following script can be run on the host to remediate the issue.
#!/bin/bash
yum -y update
The following playbook can be run with Ansible to remediate the issue.
- name: "Security patches are up to date"
package:
name: "*"
state: "latest"
tags:
- security_patches_up_to_date
- high_severity
- patch_strategy
- low_complexity
- high_disruption
- NIST-800-53-SI-2
- NIST-800-53-SI-2(c)
- NIST-800-53-MA-1(b)
- PCI-DSS-Req-6.2
- CJIS-5.10.4.1
- DISA-STIG-RHEL-07-020260