diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/files/css/new.css b/collections/ansible_collections/demo/reporting/roles/report_server/files/css/new.css
new file mode 100644
index 0000000..3266a46
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/files/css/new.css
@@ -0,0 +1,202 @@
+p.hostname {
+    color: #000000;
+    font-weight: bolder;
+    font-size: large;
+    margin: auto;
+    width: 50%;
+  }
+  
+  #subtable {
+    background: #ebebeb;
+    margin: 0px;
+    width: 100%;
+  }
+  
+  #subtable tbody tr td {
+    padding: 5px 5px 5px 5px;
+  }
+  
+  #subtable thead th {
+    padding: 5px;
+  }
+  
+  * {
+    -moz-box-sizing: border-box;
+    -webkit-box-sizing: border-box;
+    box-sizing: border-box;
+    font-family: "Open Sans", "Helvetica";
+  
+  }
+  
+  a {
+    color: #000000;
+  }
+  
+  p {
+    color: #ffffff;
+  }
+  h1 {
+    text-align: center;
+    color: #ffffff;
+  }
+  
+  body {
+    background:#353a40;
+    padding: 0px;
+    margin: 0px;
+    font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+  }
+  
+  table {
+    border-collapse: separate;
+    background:#fff;
+    @include border-radius(5px);
+    @include box-shadow(0px 0px 5px rgba(0,0,0,0.3));
+  }
+
+  .main_net_table {
+    margin:50px auto;
+  }
+  
+  thead {
+    @include border-radius(5px);
+  }
+  
+  thead th {
+    font-size:16px;
+    font-weight:400;
+    color:#fff;
+    @include text-shadow(1px 1px 0px rgba(0,0,0,0.5));
+    text-align:left;
+    padding:20px;
+    border-top:1px solid #858d99;
+    background: #353a40;
+  
+    &:first-child {
+     @include border-top-left-radius(5px);
+    }
+  
+    &:last-child {
+      @include border-top-right-radius(5px);
+    }
+  }
+  
+  tbody tr td {
+    font-weight:400;
+    color:#5f6062;
+    font-size:13px;
+    padding:20px 20px 20px 20px;
+    border-bottom:1px solid #e0e0e0;
+  }
+  
+  tbody tr:nth-child(2n) {
+    background:#f0f3f5;
+  }
+  
+  tbody tr:last-child td {
+    border-bottom:none;
+    &:first-child {
+      @include border-bottom-left-radius(5px);
+    }
+    &:last-child {
+      @include border-bottom-right-radius(5px);
+    }
+  }
+  
+  td {
+    vertical-align: top;
+  }
+
+  span.highlight {
+      background-color: yellow;
+  }
+  
+  .expandclass {
+    color: #5f6062;
+  }
+  
+  .content{
+           display:none;
+           margin: 10px;
+  }
+  
+  header {
+    width: 100%;
+    position: initial;
+    float: initial;
+    padding: 0;
+    margin: 0;
+    border-radius: 0;
+    height: 88px;
+    background-color: #171717;
+  }
+  
+  .header-container {
+    margin: 0 auto;
+    width: 100%;
+    height: 100%;
+    max-width: 1170px;
+    padding: 0;
+    float: initial;
+    display: flex;
+    align-items: center;
+  }
+  
+  .header-logo {
+    width: 137px;
+    border: 0;
+    margin: 0;
+    margin-left: 15px;
+  }
+  
+  .header-link {
+    margin-left: 40px;
+    text-decoration: none;
+    cursor: pointer;
+    text-transform: uppercase;
+    font-size: 15px;
+    font-family: 'Red Hat Text';
+    font-weight: 500;
+  }
+  
+  .header-link:hover {
+    text-shadow: 0 0 0.02px white;
+    text-decoration: none;
+  }
+  
+  table.net_info td {
+    padding: 5px;
+}
+
+p.expandclass:hover {
+    text-decoration: underline;
+    color: #EE0000;
+    cursor: pointer;
+}
+
+.summary_info {
+}
+
+.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover {
+    border: 1px solid #5F0000;
+    background: #EE0000;
+}
+
+div#net_content {
+    padding: 0px;
+    height: auto !important;
+}
+
+img.router_image {
+    vertical-align: middle;
+    padding: 0px 10px 10px 10px;
+    width: 50px;
+}
+
+table.net_info {
+    width: 100%;
+}
+
+p.internal_label {
+    color: #000000;
+}
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/files/redhat-ansible-logo.svg b/collections/ansible_collections/demo/reporting/roles/report_server/files/redhat-ansible-logo.svg
new file mode 100644
index 0000000..2ecef98
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/files/redhat-ansible-logo.svg
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Logos" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="930.2px" height="350px" viewBox="0 0 930.2 350" style="enable-background:new 0 0 930.2 350;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#FFFFFF;}
+	.st1{fill:#EE0000;}
+</style>
+<title>Logo-Red_Hat-Ansible_Automation_Platform-A-Reverse-RGB</title>
+<path class="st0" d="M383.3,228.5h18.8L446,335.7h-17.5l-12.4-31.4h-48l-12.6,31.4h-16.7L383.3,228.5z M410.9,291l-18.7-47l-18.7,47
+	H410.9z"/>
+<path class="st0" d="M455.2,257.7h15.3v7.8c6.2-6.2,14.7-9.6,23.5-9.3c17.9,0,30.5,12.4,30.5,30.5v49h-15.3v-46.5
+	c0-12.3-7.5-19.8-19.3-19.8c-7.8-0.3-15.1,3.6-19.3,10.1v56.1h-15.3V257.7z"/>
+<path class="st0" d="M543,315.5c8.1,6.4,16.7,9.8,25.4,9.8c11,0,18.7-4.8,18.7-11.7c0-5.5-4-8.7-12.6-10l-14.1-2
+	c-15.5-2.3-23.3-9.5-23.3-21.6c0-14.1,12.3-23.6,30.5-23.6c11.3-0.1,22.3,3.4,31.5,9.9l-7.8,10.1c-8.6-5.7-16.4-8.1-24.7-8.1
+	c-9.3,0-15.6,4.3-15.6,10.6c0,5.7,3.7,8.4,12.9,9.8l14.1,2c15.5,2.3,23.6,9.7,23.6,21.7c0,14-14.1,24.5-32.6,24.5
+	c-13.5,0-25.6-4-34.2-11.5L543,315.5z"/>
+<path class="st0" d="M611.6,235.6c0-5.2,4.1-9.4,9.3-9.5c0,0,0,0,0,0c5.2-0.2,9.7,3.9,9.9,9.1c0.2,5.2-3.9,9.7-9.1,9.9
+	c-0.2,0-0.5,0-0.7,0C615.8,245.1,611.6,240.9,611.6,235.6C611.6,235.7,611.6,235.7,611.6,235.6z M628.6,335.7h-15.3v-78h15.3V335.7z
+	"/>
+<path class="st0" d="M685.5,336.9c-8.5,0-16.8-2.7-23.6-7.8v6.6h-15.2V228.5l15.3-3.4v40c6.6-5.6,15.1-8.7,23.7-8.6
+	c22.1,0,39.4,17.7,39.4,40.1C725.2,319.1,707.9,336.9,685.5,336.9z M662,279.2v35.2c4.9,5.7,13,9.2,21.8,9.2
+	c15,0,26.4-11.5,26.4-26.8c0-15.3-11.5-27-26.4-27C674.9,269.8,667.1,273.2,662,279.2z"/>
+<path class="st0" d="M755,335.7h-15.3V228.5l15.3-3.4V335.7z"/>
+<path class="st0" d="M810.5,337.1c-23,0-40.9-17.7-40.9-40.4c0-22.5,17.2-40.1,39.1-40.1c21.5,0,37.7,17.8,37.7,40.8v4.4h-61.6
+	c2,13,13.2,22.5,26.4,22.4c7.2,0.2,14.2-2.3,19.8-6.8l9.8,9.7C832.1,333.7,821.5,337.4,810.5,337.1z M784.9,290.2h46.3
+	c-2.3-11.9-11.5-20.8-22.8-20.8C796.5,269.4,787.2,277.8,784.9,290.2z"/>
+<path class="st1" d="M202.8,137.5c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5l-11-47.7c-2.5-10.5-4.8-15.2-23.2-24.5
+	c-14.3-7.3-45.5-19.4-54.7-19.4c-8.6,0-11.1,11.1-21.3,11.1c-9.8,0-17.1-8.3-26.4-8.3c-8.8,0-14.6,6-19,18.4c0,0-12.4,34.9-14,40
+	c-0.3,0.9-0.4,1.9-0.4,2.9C77.6,92.9,131.1,137.5,202.8,137.5 M250.8,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1
+	c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8c-24.8,1.3-56.9,5.7-56.9,34c0,46.4,109.9,103.5,196.9,103.5
+	c66.7,0,83.5-30.2,83.5-54C296.1,154.6,279.9,133.4,250.8,120.7"/>
+<path d="M250.7,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8
+	l5.4-13.3c-0.3,0.9-0.4,1.9-0.4,2.8c0,13.6,53.5,58.1,125.2,58.1c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5L250.7,120.7z"/>
+<path class="st0" d="M869.1,151.2c0,17.5,10.5,26,29.7,26c5.9-0.1,11.8-1,17.5-2.5v-20.3c-3.7,1.2-7.5,1.7-11.3,1.7
+	c-7.9,0-10.8-2.5-10.8-9.9v-31.1h22.9V94.2h-22.9V67.7l-25,5.4v21.1h-16.6v20.9h16.6L869.1,151.2z M791,151.7
+	c0-5.4,5.4-8.1,13.6-8.1c5,0,10,0.7,14.9,1.9V156c-4.8,2.6-10.2,3.9-15.6,3.9C795.9,159.9,791.1,156.8,791,151.7 M798.7,177.5
+	c8.8,0,16-1.9,22.6-6.3v5h24.8v-52.5c0-20-13.5-30.9-35.9-30.9c-12.6,0-25,2.9-38.3,9l9,18.4c9.6-4,17.7-6.5,24.8-6.5
+	c10.3,0,15.6,4,15.6,12.2v4c-6.1-1.6-12.3-2.4-18.6-2.3c-21.1,0-33.8,8.8-33.8,24.6C768.9,166.6,780.4,177.6,798.7,177.5
+	 M662.5,176.2h26.7v-42.5h44.6v42.5h26.7V67.7h-26.6v41.7h-44.6V67.7h-26.7L662.5,176.2z M561,135.1c0-11.8,9.3-20.8,21.5-20.8
+	c6.4-0.1,12.6,2.1,17.4,6.4v28.6c-4.7,4.4-10.9,6.7-17.4,6.5C570.5,155.8,561,146.8,561,135.1 M600.2,176.1H625V62.3l-25,5.4v30.8
+	c-6.4-3.6-13.6-5.5-20.9-5.4c-23.9,0-42.6,18.4-42.6,42c-0.3,23,18.1,41.9,41.1,42.2c0.2,0,0.5,0,0.7,0c7.9,0,15.6-2.5,22-7.1V176.1
+	z M486.5,113.2c7.9,0,14.6,5.1,17.2,13h-34.2C471.9,118,478.2,113.2,486.5,113.2 M444.2,135.2c0,23.9,19.5,42.5,44.6,42.5
+	c13.8,0,23.9-3.7,34.3-12.4l-16.6-14.7c-3.9,4-9.6,6.2-16.4,6.2c-8.8,0.2-16.8-4.9-20.2-13h58.4v-6.2c0-26-17.5-44.8-41.4-44.8
+	c-23.2-0.4-42.4,18.2-42.7,41.5C444.2,134.6,444.2,134.9,444.2,135.2 M400.9,90.5c8.8,0,13.8,5.6,13.8,12.2s-5,12.2-13.8,12.2h-26.3
+	V90.5H400.9z M347.9,176.2h26.7v-39.5h20.3l20.5,39.5h29.7l-23.9-43.4c12.4-5,20.5-17.1,20.4-30.5c0-19.5-15.3-34.5-38.3-34.5H348
+	L347.9,176.2z"/>
+</svg>
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/files/report.png b/collections/ansible_collections/demo/reporting/roles/report_server/files/report.png
new file mode 100644
index 0000000..3c38d52
Binary files /dev/null and b/collections/ansible_collections/demo/reporting/roles/report_server/files/report.png differ
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/files/webpage_logo.png b/collections/ansible_collections/demo/reporting/roles/report_server/files/webpage_logo.png
new file mode 100644
index 0000000..65b5836
Binary files /dev/null and b/collections/ansible_collections/demo/reporting/roles/report_server/files/webpage_logo.png differ
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/tasks/linux_landing_page.yml b/collections/ansible_collections/demo/reporting/roles/report_server/tasks/linux_landing_page.yml
new file mode 100644
index 0000000..30419e3
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/tasks/linux_landing_page.yml
@@ -0,0 +1,34 @@
+---
+- include_vars: "{{ ansible_system }}.yml"
+
+- name: get reports
+  ansible.builtin.find:
+    paths: "{{ doc_root }}/{{ reports_dir }}"
+    patterns: '*.html'
+  register: reports
+  check_mode: no
+
+- name: publish landing page
+  ansible.builtin.template:
+    src: linux_report.j2
+    dest: "{{ doc_root }}/index.html"
+  check_mode: no
+
+- name: copy CSS over
+  ansible.builtin.copy:
+    src: "css"
+    dest: "{{ doc_root }}"
+    directory_mode: true
+  check_mode: no
+
+- name: copy logos over
+  ansible.builtin.copy:
+    src: "{{ item }}" 
+    dest: "{{ doc_root }}"
+    directory_mode: true
+  loop:
+    - "webpage_logo.png"
+    - "redhat-ansible-logo.svg"
+    - "report.png"
+  check_mode: no
+    
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/tasks/main.yml b/collections/ansible_collections/demo/reporting/roles/report_server/tasks/main.yml
new file mode 100644
index 0000000..a275ceb
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/tasks/main.yml
@@ -0,0 +1,6 @@
+---
+- include_tasks: apache.yml
+  when: ansible_system == 'Linux'
+
+- include_tasks: iis.yml
+  when: ansible_system == 'Win32NT'
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/tasks/windows_landing_page.yml b/collections/ansible_collections/demo/reporting/roles/report_server/tasks/windows_landing_page.yml
new file mode 100644
index 0000000..76574c9
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/tasks/windows_landing_page.yml
@@ -0,0 +1,34 @@
+---
+- include_vars: "{{ ansible_system }}.yml"
+
+- name: get reports
+  ansible.windows.win_find:
+    paths: "{{ doc_root }}/{{ reports_dir }}"
+    patterns: '*.html'
+  register: reports
+  check_mode: no
+
+- name: publish landing page
+  ansible.builtin.win_template:
+    src: windows_report.j2
+    dest: "{{ doc_root }}/index.html"
+  check_mode: no
+
+- name: copy CSS over
+  ansible.builtin.win_copy:
+    src: "css"
+    dest: "{{ doc_root }}"
+    directory_mode: true
+  check_mode: no
+
+- name: copy logos over
+  ansible.builtin.win_copy:
+    src: "{{ item }}" 
+    dest: "{{ doc_root }}"
+    directory_mode: true
+  loop:
+    - "webpage_logo.png"
+    - "redhat-ansible-logo.svg"
+    - "report.png"
+  check_mode: no
+    
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/templates/header.j2 b/collections/ansible_collections/demo/reporting/roles/report_server/templates/header.j2
new file mode 100644
index 0000000..6d504d0
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/templates/header.j2
@@ -0,0 +1,15 @@
+
+   
+  <div class="wrapper">
+    <header>
+      <div class="header-container">
+        <a href="https://ansible.com">
+          <img
+            class="header-logo"
+            src="redhat-ansible-logo.svg"
+            title="Red Hat Ansible"
+            alt="Red Hat Ansible"
+          />
+        </a>
+      </div>
+    </header>
\ No newline at end of file
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/templates/linux_report.j2 b/collections/ansible_collections/demo/reporting/roles/report_server/templates/linux_report.j2
new file mode 100644
index 0000000..201d930
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/templates/linux_report.j2
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title> Ansible Linux Automation Report </title>
+  <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
+  <link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
+  <link rel="stylesheet" href="css/new.css">
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
+<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
+<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
+<script src="https://www.kryogenix.org/code/browser/sorttable/sorttable.js"></script>
+</head>
+<body>
+<div class="wrapper">
+  {% include 'header.j2' %}
+<section>
+<center>
+<h1>Ansible Automation Reports</h1>
+<h3><input type="search" placeholder="Search..." class="form-control search-input" data-table="main_net_table"/>
+</center>
+<table class="table table-striped mt32 main_net_table">
+<tbody>
+{% for report in reports.files %}
+        {% set page = report.path.split('/')[-1] %}
+        <tr>
+            <td class="summary_info">
+              <div id="hostname">
+                <p class="hostname"> <img class="router_image" src="report.png"></p>
+              </div>  
+            </td>
+            <td>
+              <a href="{{ reports_dir }}/{{ page }}"> {{ page }} <a> 
+            </td>
+{% endfor %}
+</tbody>
+</table>
+<center><p>Created with</p><br><img src="webpage_logo.png" width="300">
+</center>
+</section>
+</div>
+</body>
+</html>
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/templates/windows_report.j2 b/collections/ansible_collections/demo/reporting/roles/report_server/templates/windows_report.j2
new file mode 100644
index 0000000..5690437
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/templates/windows_report.j2
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title> Ansible Linux Automation Report </title>
+  <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
+  <link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
+  <link rel="stylesheet" href="css/new.css">
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
+<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
+<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
+<script src="https://www.kryogenix.org/code/browser/sorttable/sorttable.js"></script>
+</head>
+<body>
+<div class="wrapper">
+  {% include 'header.j2' %}
+<section>
+<center>
+<h1>Ansible Automation Reports</h1>
+<h3><input type="search" placeholder="Search..." class="form-control search-input" data-table="main_net_table"/>
+</center>
+<table class="table table-striped mt32 main_net_table">
+<tbody>
+{% for report in reports.files %}
+        {% set page = report.path.split('\\')[-1] %}
+        <tr>
+            <td class="summary_info">
+              <div id="hostname">
+                <p class="hostname"> <img class="router_image" src="report.png"></p>
+              </div>  
+            </td>
+            <td>
+              <a href="{{ reports_dir }}/{{ page }}"> {{ page }} <a> 
+            </td>
+{% endfor %}
+</tbody>
+</table>
+<center><p>Created with</p><br><img src="webpage_logo.png" width="300">
+</center>
+</section>
+</div>
+</body>
+</html>
diff --git a/collections/ansible_collections/demo/reporting/roles/report_server/vars/Win32NT.yml b/collections/ansible_collections/demo/reporting/roles/report_server/vars/Win32NT.yml
new file mode 100644
index 0000000..ac4e675
--- /dev/null
+++ b/collections/ansible_collections/demo/reporting/roles/report_server/vars/Win32NT.yml
@@ -0,0 +1,3 @@
+---
+doc_root: C:\Inetpub\wwwroot
+reports_dir: reports
diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml b/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml
new file mode 100644
index 0000000..ce441c2
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+instance_name: "{{ inventory_hostname | regex_replace('_','-') }}"
+activation_key: "{{ 'RHEL' + ansible_distribution_major_version + '_' + env }}"
+rex_user: root # "{{ ansible_user }}"
diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/tasks/main.yml b/collections/ansible_collections/demo/satellite/roles/register_host/tasks/main.yml
new file mode 100644
index 0000000..0f158ae
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/register_host/tasks/main.yml
@@ -0,0 +1,67 @@
+---
+- name: verify operating system
+  assert:
+    that:
+      - ansible_os_family == 'RedHat'
+      - (ansible_distribution_major_version == '7') or (ansible_distribution_major_version == '8')
+
+- name: set hostname
+  hostname:
+    name: "{{ instance_name }}"
+  
+- name: remove rhui client packages
+  yum:
+      name: 
+        - google-rhui-client*
+        - rh-amazon-rhui-client*
+      state: removed
+
+- name: get current repos
+  command:
+    cmd: ls /etc/yum.repos.d/
+  register: repos
+  changed_when: False
+
+- name: remove existing rhui repos
+  file:
+    path: "/etc/yum.repos.d/{{ item }}"
+    state: absent
+  loop: "{{ repos.stdout_lines }}"
+
+- name: install satellite certificate
+  yum:
+    name: "{{ satellite_url }}/pub/katello-ca-consumer-latest.noarch.rpm"
+    state: present
+    validate_certs: no
+    disable_gpg_check: true
+
+- name: register system via subscription-mangler
+  redhat_subscription:
+    state: present
+    activationkey: "{{ activation_key }}"
+    consumer_name: "{{ instance_name }}"
+    org_id: "{{ org_id | default('Default_Organization')}}"
+  throttle: 1
+
+- name: include repos
+  include_vars: "vars/{{ ansible_distribution + ansible_distribution_major_version }}.yml"
+
+- name: enable repos
+  rhsm_repository:
+    name: "{{ rhsm_enabled_repos }}"
+    state: enabled
+
+- name: install satellite client
+  yum:
+    name:
+      - katello-host-tools
+      - katello-host-tools-tracer
+    state: latest
+    
+- name: enable remote execution
+  authorized_key:
+    user: "{{ rex_user }}"
+    state: present
+    key: "{{ satellite_url }}:9090/ssh/pubkey"
+    validate_certs: no
+    
diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml
new file mode 100644
index 0000000..c529625
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml
@@ -0,0 +1,4 @@
+---
+rhsm_enabled_repos:
+  - rhel-7-server-rpms
+  #- rhel-7-server-satellite-maintenance-6.11-rpms
diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat8.yml b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat8.yml
new file mode 100644
index 0000000..eb20ab3
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat8.yml
@@ -0,0 +1,5 @@
+---
+rhsm_enabled_repos:
+  - rhel-8-for-x86_64-baseos-rpms
+  - rhel-8-for-x86_64-appstream-rpms
+  - satellite-client-6-for-rhel-8-x86_64-rpms
diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/Changelog.md b/collections/ansible_collections/demo/satellite/roles/scap_client/Changelog.md
new file mode 100644
index 0000000..4bb95ba
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/scap_client/Changelog.md
@@ -0,0 +1,17 @@
+# Change Log
+All notable changes to this project will be documented in this file.
+## [0.0.1] - 20/03/2018 - First Release
+### Added
+- Install required packages
+- Obtain data from satellite API
+- Configure crontab and config.yaml
+
+### Changed
+
+### Removed
+
+### Pending
+- Allow a list of policies to be applied (only one is allowed at the moment)
+- Get schedule from the policy instead of configure it using parameters
+- Configure URI tasks to ask capsule instead of Satellite (for hosts without network access to the satellite api)
+- Add tests to vars to be correctly formatted
diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/LICENSE b/collections/ansible_collections/demo/satellite/roles/scap_client/LICENSE
new file mode 100644
index 0000000..a80e2cd
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/scap_client/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2018 morenod
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/README.md b/collections/ansible_collections/demo/satellite/roles/scap_client/README.md
new file mode 100644
index 0000000..3dc42dc
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/scap_client/README.md
@@ -0,0 +1,45 @@
+# Openscap client configuration Role
+
+## About
+
+Role created to configure a client to execute openscap policies based on the information obtained from a Red Hat Satellite/Foreman Host.
+
+Steps and configuration changes obtained from the [foreman_scap_client puppet module](https://github.com/theforeman/puppet-foreman_scap_client)
+
+The role has to be executed with root permission, using the root user or via sudo because it will modify system parameters.
+
+## Ansible Requirements
+
+RPM Repositories have to be enabled and containing required packages.
+
+## Configuration parameters
+
+### Required vars to be overwritten
+
+- `satellite_server`: Used to obtain policy parameters
+- `satellite_username`: Used to obtain policy parameters
+- `satellite_password`: Used to obtain policy parameters
+- `capsule_server`: Used to configure openscap client config.yaml file
+- `capsule_port`: Used to configure openscap client config.yaml file
+- `policy_name`: Name of the SCAP Policy to be configured
+
+## Example playbook
+
+```yml
+---
+- name: openscap client
+  hosts: <<host list>>
+  remote_user: <<user>>
+  gather_facts: true
+  become: yes
+  become_user: root
+  become_method: sudo
+  vars:
+    satellite_server: satellite.example.com
+    satellite_username`: admin
+    satellite_password`: verycomplexpassword
+    capsule_server`: capsule.example.com
+    policy_name`: 'rhel7-pci'
+  roles:
+        - ansible-ipaRegister
+```
diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml b/collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml
new file mode 100644
index 0000000..255b0ab
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml
@@ -0,0 +1,12 @@
+foreman_server_url: "{{ lookup('env', 'SATELLITE_SERVER') }}"
+foreman_username: "{{ lookup('env', 'SATELLITE_USERNAME') }}"
+foreman_password: "{{ lookup('env', 'SATELLITE_PASSWORD') }}"
+foreman_validate_certs: "{{ lookup('env', 'FOREMAN_VALIDATE_CERTS') | default(true) }}"
+capsule_server: "{{ foreman_server_url }}"
+capsule_port: '9090'
+policy_name: 'all'
+policy_scan: "{{ policy_name }}"
+crontab_hour: 2
+crontab_minute: 0
+crontab_weekdays: 0
+foreman_operations_scap_client_secure_logging: true
diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/meta/main.yml b/collections/ansible_collections/demo/satellite/roles/scap_client/meta/main.yml
new file mode 100644
index 0000000..61d2458
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/scap_client/meta/main.yml
@@ -0,0 +1,3 @@
+galaxy_info:
+  author: morenod
+  description: Role created to configure a client to execute openscap policies based on the information obtained from a Red Hat Satellite/Foreman Host.
\ No newline at end of file
diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml b/collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml
new file mode 100644
index 0000000..1f8d01a
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml
@@ -0,0 +1,85 @@
+---
+- name: Install openscap client packages
+  yum:
+    name:
+     - openscap-scanner
+     - rubygem-foreman_scap_client
+    state: present
+
+- name: Get Policy parameters
+  uri:
+    url: "{{ foreman_server_url }}/api/v2/compliance/policies"
+    method: GET
+    user: "{{ foreman_username }}"
+    password:  "{{ foreman_password }}"
+    force_basic_auth: yes
+    body_format: json
+    validate_certs: False
+  register: policies
+  no_log: "{{ foreman_operations_scap_client_secure_logging }}"
+
+- name: Build policy {{ policy_name }} parameters
+  set_fact:
+    policy: "{{ policy | default([]) }} + {{ [item] }}"
+  loop: "{{policies.json.results}}"
+  when: item.name in policy_name or policy_name == 'all'
+
+- name: Fail if no policy found with required name
+  fail:
+  when: policy is not defined
+
+- name: Get scap content information
+  uri:
+    url: "{{ foreman_server_url }}/api/v2/compliance/scap_contents/{{item.scap_content_id}}"
+    method: GET
+    user: "{{ foreman_username }}"
+    password: "{{ foreman_password }}"
+    force_basic_auth: yes
+    body_format: json
+    validate_certs: False
+  register: scapcontents
+  loop: "{{ policy }}"
+  no_log: "{{ foreman_operations_scap_client_secure_logging }}"
+
+- name: Get tailoring content information
+  uri:
+    url: "{{ foreman_server_url }}/api/v2/compliance/tailoring_files/{{item.tailoring_file_id}}"
+    method: GET
+    user: "{{ foreman_username }}"
+    password: "{{ foreman_password }}"
+    force_basic_auth: yes
+    body_format: json
+    validate_certs: False
+  register: tailoringfiles
+  when: item.tailoring_file_id | int > 0 | d(False)
+  loop: "{{ policy }}"
+  no_log: "{{ foreman_operations_scap_client_secure_logging }}"
+
+- name: Build scap content parameters
+  set_fact:
+    scap_content: "{{ scap_content | default({}) | combine({item.json.id: item.json }) }}"
+  loop: "{{ scapcontents.results }}"
+
+- name: Build tailoring content parameters
+  set_fact:
+    tailoring_files: "{{ tailoring_files | default({}) | combine({item.json.id: item.json }) }}"
+  when: item.json is defined
+  loop: "{{ tailoringfiles.results }}"
+
+- name: Apply openscap client configuration template
+  template:
+    src: openscap_client_config.yaml.j2
+    dest: /etc/foreman_scap_client/config.yaml
+    mode: 0644
+    owner: root
+    group: root
+
+#- name: Configure execution crontab
+#  cron:
+#    name: "Openscap Execution"
+#    cron_file: 'foreman_openscap_client'
+#    job: '/usr/bin/foreman_scap_client {{policy.id}} > /dev/null'
+#    weekday: "{{crontab_weekdays}}"
+#    hour: "{{crontab_hour}}"
+#    minute: "{{crontab_minute}}"
+#    user: root
diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/templates/openscap_client_config.yaml.j2 b/collections/ansible_collections/demo/satellite/roles/scap_client/templates/openscap_client_config.yaml.j2
new file mode 100644
index 0000000..264cc8b
--- /dev/null
+++ b/collections/ansible_collections/demo/satellite/roles/scap_client/templates/openscap_client_config.yaml.j2
@@ -0,0 +1,47 @@
+# Foreman proxy to which reports should be uploaded
+:server: {{ capsule_server | urlsplit('hostname') }}
+:port: {{ capsule_port }}
+
+## SSL specific options ##
+# Client CA file.
+# It could be Puppet CA certificate (e.g., '/var/lib/puppet/ssl/certs/ca.pem')
+# Or (recommended for client reporting to Katello) subscription manager CA file, (e.g., '/etc/rhsm/ca/katello-server-ca.pem')
+:ca_file: '/etc/rhsm/ca/katello-server-ca.pem'
+# Client host certificate.
+# It could be Puppet agent host certificate (e.g., '/var/lib/puppet/ssl/certs/myhost.example.com.pem')
+# Or (recommended for client reporting to Katello) consumer certificate (e.g., '/etc/pki/consumer/cert.pem')
+:host_certificate: '/etc/pki/consumer/cert.pem'
+#
+# Client private key
+# It could be Puppet agent private key (e.g., '/var/lib/puppet/ssl/private_keys/myhost.example.com.pem')
+# Or (recommended for client reporting to Katello) consumer private key (e.g., '/etc/pki/consumer/key.pem')
+:host_private_key: '/etc/pki/consumer/key.pem'
+# policy (key is id as in Foreman)
+{% for item in policy %} 
+{{ item.id }}:
+{% if item.tailoring_file_id | int > 0 | d(False) %}
+{% for profile in tailoring_files[item.tailoring_file_id].tailoring_file_profiles %}
+{% if profile.id == item.tailoring_file_profile_id %}
+  :profile: {{profile.profile_id}}
+{% endif%}
+{% endfor %}
+  :content_path: '/var/lib/openscap/content/{{scap_content[item.scap_content_id].digest}}.xml'
+  # Download path
+  # A path to download SCAP content from proxy
+  :download_path: '/compliance/policies/{{item.id}}/content/{{scap_content[item.scap_content_id].digest}}'
+  :tailoring_path: '/var/lib/openscap/content/{{tailoring_files[item.tailoring_file_id].digest}}.xml'
+  :tailoring_download_path: '/compliance/policies/{{item.id}}/tailoring/{{tailoring_files[item.tailoring_file_id].digest}}'
+{% else %}
+{% for profile in scap_content[item.scap_content_id].scap_content_profiles %}
+{% if profile.id == item.scap_content_profile_id %}
+  :profile: {{profile.profile_id}}
+{% endif%}
+{% endfor %}
+  :content_path: '/var/lib/openscap/content/{{scap_content[item.scap_content_id].digest}}.xml'
+  # Download path
+  # A path to download SCAP content from proxy
+  :download_path: '/compliance/policies/{{item.id}}/content/{{scap_content[item.scap_content_id].digest}}'
+  :tailoring_path: ''
+  :tailoring_download_path: ''
+{% endif %}
+{% endfor %}
diff --git a/collections/requirements.yml b/collections/requirements.yml
index 6a1299e..a4fe9b1 100644
--- a/collections/requirements.yml
+++ b/collections/requirements.yml
@@ -23,6 +23,9 @@ collections:
     version: 1.13.0
   - name: amazon.aws
     version: 3.1.1
+  #satellite
+  - name: redhat.satellite
+    version: 3.3.0
   #network
   - name: cisco.ios
     version: 3.1.0
@@ -30,4 +33,3 @@ collections:
     version: 3.0.0
   - name: cisco.iosxr
     version: 3.0.0
-
diff --git a/linux/ec2_register.yml b/linux/ec2_register.yml
index b1cee04..7ce0d4f 100644
--- a/linux/ec2_register.yml
+++ b/linux/ec2_register.yml
@@ -40,6 +40,7 @@
       name: "https://{{ sat_url }}/pub/katello-ca-consumer-latest.noarch.rpm"
       state: present
       validate_certs: no
+      disable_gpg_check: true
     when: sat_url is defined
 
   - name: manage repos with subscription mangler
@@ -54,12 +55,6 @@
       activationkey: "{{ activation_key }}"
       org_id: "{{ org_id }}"
 
-  - name: disable htb repo
-    community.general.rhsm_repository:
-      name: rhel-7-server-htb*
-      state: disabled
-    ignore_errors: yes
-
   - name: configure Red Hat insights
     import_role:
       name: redhat.insights.insights_client
@@ -68,4 +63,4 @@
       insights_tags:
         env: "{{ env }}"
         purpose: demo
-        group: "{{ ansible_group }}"
+        group: "{{ insights_tag }}"
diff --git a/linux/setup.yml b/linux/setup.yml
index b86cbf0..1e518af 100644
--- a/linux/setup.yml
+++ b/linux/setup.yml
@@ -11,7 +11,7 @@ controller_components:
   - job_templates
 
 controller_credential_types:
-  - name: "Insights Collection"
+  - name: Insights Collection
     kind: cloud
     inputs:
       fields:
@@ -34,6 +34,13 @@ controller_credentials:
     inputs:
       insights_user: REPLACEME
       insights_password: REPLACEME
+  - name: Satellite Inventory
+    credential_type: Red Hat Satellite 6
+    organization: Default
+    inputs:
+      host: https://satellite.example.com
+      username: admin
+      password: ansible123!
 
 controller_inventory_sources:
   - name: Insights Inventory
@@ -42,6 +49,25 @@ controller_inventory_sources:
     source_project: Ansible official demo project
     source_path: linux/inventory.insights.yml
     credential: Insights Inventory
+  - name: Satellite Inventory
+    inventory: Workshop Inventory
+    source: satellite6
+    overwrite: true
+    credential: Satellite Inventory
+    source_vars:
+      hostnames:
+        - name.split('.')[0]
+      groups:
+        patch_bugs: foreman_content_facet_attributes.errata_counts.bugfix
+        patch_enhancements: foreman_content_facet_attributes.errata_counts.enhancement
+        patch_security: foreman_content_facet_attributes.errata_counts.security
+      keyed_groups:
+              - prefix: env
+                key: foreman_content_facet_attributes.lifecycle_environment_name
+              - prefix: cv
+                key: foreman_content_facet_attributes.content_view_name
+              - prefix: os
+                key: foreman_operatingsystem_name
 
 
 controller_templates:
@@ -57,8 +83,9 @@ controller_templates:
     - "Workshop Credential"
     survey_enabled: true
     extra_vars:
-      activation_key: undef
-      org_id: undef
+      activation_key: !unsafe "RHEL{{ ansible_distribution_major_version }}_{{ env }}"
+      org_id: Default_Organization
+      sat_url: satellite.example.com
     survey:
       name: ''
       description: ''
@@ -77,7 +104,7 @@ controller_templates:
           required: true
         - question_name: Ansible Inventory Group (and Insights tag) to be created
           type: text
-          variable: ansible_group
+          variable: insights_tag
           required: true
 
   - name: "LINUX / Troubleshoot"
@@ -135,6 +162,7 @@ controller_templates:
     inventory: "Workshop Inventory"
     project: "Ansible official demo project"
     playbook: "linux/patching.yml"
+    execution_environment: Default execution environment
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry
@@ -230,6 +258,7 @@ controller_templates:
     project: "Ansible official demo project"
     playbook: linux/fact_scan.yml
     inventory: Workshop Inventory
+    execution_environment: Default execution environment
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry
@@ -295,6 +324,40 @@ controller_templates:
           variable: HOSTS
           required: true
 
+  - name: "LINUX / Install web console"
+    job_type: run
+    inventory: "Workshop Inventory"
+    project: "Ansible official demo project"
+    playbook: "linux/system_roles.yml"
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    diff_mode: yes
+    ask_job_type_on_launch: yes
+    extra_vars:
+      system_roles: 
+        - cockpit
+    credentials:
+      - "Workshop Credential"
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Server Name or Pattern
+          type: text
+          variable: HOSTS
+          required: true
+        - question_name: Cockpit package load
+          type: multiplechoice
+          variable: cockpit_packages
+          default: minimal
+          choices:
+            - default
+            - minimal
+            - full
+          required: true
+
   - name: "LINUX / Compliance Enforce"
     job_type: run
     inventory: "Workshop Inventory"
diff --git a/satellite/README.md b/satellite/README.md
new file mode 100644
index 0000000..4e70bbd
--- /dev/null
+++ b/satellite/README.md
@@ -0,0 +1,27 @@
+# Satellite Demos
+
+## Table of Contents
+- [Satellite Demos](#satellite-demos)
+  - [Table of Contents](#table-of-contents)
+  - [About These Demos](#about-these-demos)
+    - [Jobs](#jobs)
+    - [Inventory](#inventory)
+  - [Suggested Usage](#suggested-usage)
+
+## About These Demos
+This category of demos shows examples of linux operations and management with Ansible Automation Platform and Red Hat Satellite Server. The list of demos can be found below. See the [Suggested Usage](#suggested-usage) section of this document for recommendations on how to best use these demos.
+
+### Jobs
+- [**LINUX / Register with Satellite**](server_register.yml) - Register a RHEL server with Red Hat Satellite.
+- [**LINUX / Compliance Scan with Satellite**](server_openscap.yml) - Run OpenSCAP scan and report to Satellite.
+- [**SATELLITE / Publish Content View Version**](satellite_publish.yml) - Publish a new version of a content view.
+- [**SATELLITE / Promote Content View Version**](satellite_promote.yml) - Promote a content view version to the next lifecycle environment.
+
+### Inventory
+
+A dymanic inventory is created to pull inventory hosts from Red Hat Satellite. Groups will automatically be created
+
+## Suggested Usage
+**Linux / Register with Satellite** - Register a server with Red Hat Satellite using an activation key in the format `RHEL<major version>_<environment>`.
+
+**SATELLITE / Publish Content View Version** - Publish a new version of a content view to start a patching process. By default this will publish the version and promote to the 'Dev' environment.
diff --git a/satellite/files/ssg-rhel7-ds-tailoring.xml b/satellite/files/ssg-rhel7-ds-tailoring.xml
new file mode 100644
index 0000000..f5d6d00
--- /dev/null
+++ b/satellite/files/ssg-rhel7-ds-tailoring.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xccdf:Tailoring xmlns:xccdf="http://checklists.nist.gov/xccdf/1.2" id="xccdf_scap-workbench_tailoring_default">
+  <xccdf:benchmark href="/tmp/scap-workbench-iwLkek/ssg-rhel7-ds.xml"/>
+  <xccdf:version time="2022-07-21T09:19:44">1</xccdf:version>
+  <xccdf:Profile id="xccdf_org.ssgproject.content_profile_stig_customized" extends="xccdf_org.ssgproject.content_profile_stig">
+    <xccdf:title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US" override="true">DISA STIG for Red Hat Enterprise Linux 7 [CUSTOMIZED]</xccdf:title>
+    <xccdf:description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US" override="true">This profile contains configuration checks that align to the
+DISA STIG for Red Hat Enterprise Linux V3R7.
+
+In addition to being applicable to Red Hat Enterprise Linux 7, DISA recognizes this
+configuration baseline as applicable to the operating system tier of
+Red Hat technologies that are based on Red Hat Enterprise Linux 7, such as:
+
+- Red Hat Enterprise Linux Server
+- Red Hat Enterprise Linux Workstation and Desktop
+- Red Hat Enterprise Linux for HPC
+- Red Hat Storage
+- Red Hat Containers with a Red Hat Enterprise Linux 7 image</xccdf:description>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rpm_verify_ownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_use_fips_hashes" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_verify_acls" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_verify_ext_attributes" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_antivirus" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_agent_mfetpd_running" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_mcafeetp_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mcafee_endpoint_security_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mcafee_security_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_endpoint_security_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_home" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_var" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_tmp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disk_partitioning" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sudo_remove_nopasswd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_deny" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_deny_root" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_interval" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_smartcard_packages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_smartcard_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_account_disable_post_pw_expiration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_account_expiration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_authorized_local_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_admin_username" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_password" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_firewalld_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_firewalld_activation" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_firewalld_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_firewalld_default_zone" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ruleset_modifications" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-firewalld" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_configure_name_resolution" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_home_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_relay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_harden_os" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mail" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_set_maxpoll" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ntp" selected="false"/>
+  </xccdf:Profile>
+</xccdf:Tailoring>
diff --git a/satellite/files/ssg-rhel8-ds-tailoring-stig-gui.xml b/satellite/files/ssg-rhel8-ds-tailoring-stig-gui.xml
new file mode 100644
index 0000000..1a17265
--- /dev/null
+++ b/satellite/files/ssg-rhel8-ds-tailoring-stig-gui.xml
@@ -0,0 +1,1562 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xccdf:Tailoring xmlns:xccdf="http://checklists.nist.gov/xccdf/1.2" id="xccdf_scap-workbench_tailoring_default">
+  <xccdf:benchmark href="/tmp/scap-workbench-ZNjUkt/ssg-rhel8-ds.xml"/>
+  <xccdf:version time="2022-07-28T10:15:15">1</xccdf:version>
+  <xccdf:Profile id="xccdf_org.ssgproject.content_profile_stig_gui_rhel8" extends="xccdf_org.ssgproject.content_profile_stig_gui">
+    <xccdf:title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US" override="true">DISA STIG with GUI for Red Hat Enterprise Linux 8 [CUSTOMIZED]</xccdf:title>
+    <xccdf:description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US" override="true">This profile contains configuration checks that align to the
+DISA STIG with GUI for Red Hat Enterprise Linux 8 V1R3.
+
+In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
+configuration baseline as applicable to the operating system tier of
+Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
+
+- Red Hat Enterprise Linux Server
+- Red Hat Enterprise Linux Workstation and Desktop
+- Red Hat Enterprise Linux for HPC
+- Red Hat Storage
+- Red Hat Containers with a Red Hat Enterprise Linux 8 image
+
+Warning: The installation and use of a Graphical User Interface (GUI)
+increases your attack vector and decreases your overall security posture. If
+your Information Systems Security Officer (ISSO) lacks a documented operational
+requirement for a graphical user interface, please consider using the
+standard DISA STIG for Red Hat Enterprise Linux 8 profile.</xccdf:description>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_remediation_functions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_aide" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_verify_ext_attributes" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_verify_acls" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_use_fips_hashes" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_scan_notification" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_periodic_cron_checking" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_check_audit_tools" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_aide_build_database" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_aide_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_software-integrity" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_fips" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_crypto_fips_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_etc_system_fips_exists" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_enable_fips_mode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_enable_dracut_fips_module" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_crypto" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_openssl_use_strong_entropy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_macs_opensshserver_conf_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_macs_openssh_conf_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_opensshserver_conf_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_openssh_conf_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_harden_ssh_client_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_harden_openssl_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_openssl_tls_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_openssl_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_libreswan_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_kerberos_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_gnutls_tls_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_bind_crypto_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_crypto-policies_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_certified-vendor" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_installed_OS_is_vendor_supported" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_installed_OS_is_FIPS_certified" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_endpoint_security_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mcafee_security_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mcafee_hbss_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_mcafee_hbss_pa" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_mcafee_hbss_accm" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_MFEhiplsm_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mcafee_endpoint_security_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_agent_mfetpd_running" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_mcafeetp_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mcafee_antivirus_definitions_updated" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_mcafee_cma_rt" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_mcafee_antivirus" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_nails_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_hids" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_antivirus" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_user_data_backups" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_integrity" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disk_partitioning" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_var_tmp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_var_log" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_var" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_usr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_tmp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_srv" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_opt" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_home" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_boot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_encrypt_partitions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gnome" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gnome_system_settings" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_user_admin" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_power_settings" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_geolocation" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_ctrlaltdel_reboot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gnome_screen_locking" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_session_idle_user_locks" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_user_locks" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_user_info" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_mode_blank" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_locked" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_delay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_idle_delay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_idle_activation_locked" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_idle_activation_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gnome_remote_access_settings" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_remote_access_encryption" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_remote_access_credential_prompt" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gnome_network_settings" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_wifi_notification" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_wifi_create" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gnome_media_settings" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_thumbnailers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_autorun" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_automount_open" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_automount" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gnome_login_screen" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_gnome_gdm_disable_xdmcp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_gnome_gdm_disable_guest_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_gnome_gdm_disable_automatic_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_login_retries" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_lock_screen_on_smartcard_removal" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_enable_smartcard_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_user_list" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_disable_restart_shutdown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_enable_dconf_user_profile" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_db_up_to_date" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_gdm_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sudo_require_reauthentication" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sudoers_validate_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_system-tools" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt-addon-python_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_tuned_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt-cli_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt-addon-ccpp_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_gssproxy_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt-plugin-sosreport_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_pigz_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_geolite2-city_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt-plugin-logger_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_iprutils_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt-addon-kerneloops_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_geolite2-country_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_krb5-workstation_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt-plugin-rhtsupport_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_subscription-manager_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_openscap-scanner_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_gnutls-utils_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_nss-tools_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_rng-tools_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_tar_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_dnf-plugin-subscription-manager_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_vim_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_libcap-ng-utils_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_rear_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_scap-security-guide_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_binutils_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_accounts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_accounts-restrictions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_root_logins" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_use_pam_wheel_for_su" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_securetty_root_login_console_only" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_root_path_default" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_restrict_serial_port_logins" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_shelllogin_for_systemaccounts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_root_webbrowsing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_password_auth_for_systemaccounts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_direct_root_logins" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_no_uid_except_zero" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_password_storage" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_netrc_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_legacy_plus_entries_etc_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_legacy_plus_entries_etc_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_legacy_plus_entries_etc_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_empty_passwords" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_gid_passwd_group_same" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_system_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_password_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_all_shadowed_sha512" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_all_shadowed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_password_expiration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_warn_age_login_defs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_set_min_life_existing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_set_max_life_existing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_minlen_login_defs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_minimum_age_login_defs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_maximum_age_login_defs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_account_expiration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_account_use_centralized_automated_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_account_unique_name" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_account_temp_expire_date" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_account_emergency_expire_date" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_account_disable_post_pw_expiration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_group_unique_name" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_authorized_local_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_account_unique_id" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_accounts-banners" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_gui_login_banner" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_login_banner_text" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dconf_gnome_banner_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_motd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_issue" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_etc_motd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_etc_issue" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_etc_motd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_etc_issue" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_banner_etc_motd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_banner_etc_issue" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_accounts-session" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_user_umask" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_profile" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_login_defs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_csh_cshrc" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_umask_etc_bashrc" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_root_paths" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_root_path_no_dot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_root_path_dirs_no_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_home_directories" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permission_user_init_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_ownership_home_directories" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupownership_home_directories" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_users_home_files_permissions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_users_home_files_ownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_users_home_files_groupownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_user_interactive_home_directory_exists" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_user_interactive_home_directory_defined" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_user_home_paths_only" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_user_dot_user_ownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_user_dot_no_world_writable_programs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_user_dot_group_ownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_tmout" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_polyinstantiated_var_tmp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_polyinstantiated_tmp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_max_concurrent_login_sessions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_logon_fail_delay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_have_homedir_login_defs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_accounts-physical" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_screen_locking" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_smart_card_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_smartcard_configure_cert_checking" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_force_opensc_card_drivers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_opensc_card_drivers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_pcscd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_smartcard_packages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_opensc_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_pcsc-lite_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_console_screen_locking" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_tmux_in_shells" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_tmux_lock_command" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_tmux_lock_after_time" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_bashrc_exec_tmux" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_tmux_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_require_singleuser_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_require_emergency_target_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_disable_interactive_boot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_disable_ctrlaltdel_reboot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_disable_ctrlaltdel_burstaction" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_debug-shell_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_accounts-pam" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_set_password_hashing_algorithm" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_systemauth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_passwordauth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_logindefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_libuserconf" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_password_quality" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_password_quality_pwquality" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_ucredit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_retry" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_ocredit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_minlen" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_minclass" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_maxrepeat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_maxclassrepeat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_lcredit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_enforce_root" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_enforce_local" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_difok" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_dictcheck" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_dcredit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_password_quality_pamcracklib" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_locking_out_password_attempts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_unlock_time" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_interval" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_enforce_local" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_deny_root" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_passwords_pam_faillock_deny" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_remember" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_pwhistory_remember_system_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_accounts_password_pam_pwhistory_remember_password_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_enable_pam_namespace" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_display_login_attempts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_auditing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_policy_rules" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_for_ospp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_perm_change_success" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_perm_change_failed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_owner_change_success" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_owner_change_failed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_ospp_general" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_module_load" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_modify_success" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_modify_failed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_immutable_login_uids" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_delete_success" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_delete_failed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_create_success" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_create_failed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_basic_configuration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_access_success" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_access_failed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_configure_auditd_data_retention" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_write_logs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_overflow_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_name_format" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_log_format" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_local_events" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_freq" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_space_left_percentage" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_space_left_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_space_left" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_num_logs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_max_log_file_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_max_log_file" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_flush" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_admin_space_left_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_retention_action_mail_acct" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_disk_full_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_data_disk_error_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_audispd_syslog_plugin_activated" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_audispd_network_failure_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_audispd_encrypt_sent_records" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_audispd_disk_full_action" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_audispd_configure_sufficiently_large_partition" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_auditd_audispd_configure_remote_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_auditd_configure_rules" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_time_rules" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_time_watch_localtime" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_time_stime" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_time_settimeofday" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_time_clock_settime" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_time_adjtimex" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_privileged_commands" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_usernetctl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_usermod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_userhelper" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_unix_update" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_unix_chkpwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_umount" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_sudoedit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_sudo" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_su" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_ssh_keysign" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_ssh_agent" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_pt_chown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_postqueue" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_postdrop" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_pam_timestamp_check" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_newuidmap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_newgrp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_newgidmap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_mount" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_kmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_gpasswd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_crontab" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chsh" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chage" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_login_events" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_login_events_tallylog" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_login_events_lastlog" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_login_events_faillock" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_login_events" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_kernel_module_loading" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_init" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_finit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_delete" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_file_modification" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_unlinkat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_unlink" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_truncate" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_setxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_renameat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_rename" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_removexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat_rule_order" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat_o_trunc_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat_o_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_rule_order" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_o_trunc_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_o_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_lsetxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_lremovexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_lchown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_ftruncate" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_fsetxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_fremovexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_fchownat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_fchown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_fchmodat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_fchmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_chown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_chmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_unlinkat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_unlink" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_truncate" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_setxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_renameat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_rename" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_removexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_openat_o_trunc_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_openat_o_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_openat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_open_o_trunc_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_open_o_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_open_by_handle_at_o_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_open_by_handle_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_open" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_lsetxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_lremovexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_lchown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_ftruncate" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_fsetxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_fremovexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_fchownat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_fchown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_fchmodat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_fchmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_creat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_chown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_successful_file_modification_chmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_file_deletion_events" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlinkat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlink" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rmdir" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_renameat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rename" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_execution_selinux_commands" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_seunshare" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_semanage" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_restorecon" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_chcon" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_execution_acl_commands" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_setfacl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_execution_chacl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_audit_dac_actions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_umount2" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_umount" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_setxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_removexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lsetxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lremovexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lchown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fsetxattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fremovexattr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchownat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmodat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_ownership_var_log_audit_stig" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_ownership_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_group_ownership_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_directory_permissions_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_directory_ownership_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_directory_group_ownership_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_directory_access_var_log_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_opasswd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_gshadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_system_shutdown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_sysadmin_actions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_suid_privilege_function" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_sudoers_d" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_sudoers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_session_events" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_networkconfig_modification" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_media_export" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_mac_modification" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_immutable" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_shadow_openat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_shadow_open_by_handle_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_shadow_open" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_passwd_openat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_passwd_open_by_handle_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_passwd_open" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_gshadow_openat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_gshadow_open_by_handle_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_gshadow_open" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_group_openat" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_group_open_by_handle_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_audit_rules_etc_group_open" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_audit_backlog_limit_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_audit_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_auditd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_audit_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_audit-audispd-plugins_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_audispd-plugins_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_bootloader-grub2" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_uefi" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_uefi_no_removeable_media" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_uefi_password" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_uefi_admin_username" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_efi_grub2_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_efi_grub2_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_efi_grub2_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_non-uefi" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_password" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_no_removeable_media" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_admin_username" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_grub2_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_grub2_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_grub2_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_vsyscall_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_pti_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_kernel_trust_cpu_rng" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_enable_iommu_force" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_logging" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_rsyslog_sending_messages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_tls_cacert" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_tls" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_loghost" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_rsyslog_accepting_remote_messages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_nolisten" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_accept_remote_messages_udp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_accept_remote_messages_tcp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_syslogng_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_syslogng_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_log_rotation" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ensure_logrotate_activated" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ensure_rsyslog_log_file_configuration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_access_monitoring" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_files_permissions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_files_ownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_files_groupownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_encrypt_offload_defaultnetstreamdriver" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_encrypt_offload_actionsendstreamdrivermode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_encrypt_offload_actionsendstreamdriverauthmode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_rsyslog_cron_logging" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_configure_logwatch_on_logserver" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_logwatch_configured_splithosts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_logwatch_configured_hostlimit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_disable_logwatch_for_logserver" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rsyslog_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_rsyslog_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_rsyslog-gnutls_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network_ssl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network_disable_unused_interfaces" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-wireless" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_wireless_software" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_wireless_disable_interfaces" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_wireless_disable_in_bios" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_bluetooth_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_bluetooth_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-uncommon" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_tipc_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_sctp_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_rds_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_firewire-core_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_dccp_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_can_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_atm_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-susefirewall2" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-kernel" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network_host_parameters" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_ip_forward" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_send_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_send_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network_host_and_router_parameters" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_tcp_syncookies" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_tcp_rfc1337" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_tcp_invalid_ratelimit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_ip_local_port_range" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_icmp_ignore_bogus_error_responses" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_icmp_echo_ignore_broadcasts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_secure_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_rp_filter" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_log_martians" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_accept_source_route" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_default_accept_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_secure_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_rp_filter" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_log_martians" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_accept_source_route" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_conf_all_accept_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-ipv6" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_configuring_ipv6" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network_ipv6_limit_requests" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_router_solicitations" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_max_addresses" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_autoconf" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_source_route" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_ra_rtr_pref" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_ra_pinfo" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_ra_defrtr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_default_accept_ra" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_router_solicitations" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_max_addresses" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_forwarding" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_autoconf" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_source_route" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_redirects" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_ra_rtr_pref" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_ra_pinfo" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_ra_defrtr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_accept_ra" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_ipv6_static_address" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_ipv6_privacy_extensions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_ipv6_default_gateway" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_ipv6" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_ipv6_conf_all_disable_ipv6" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_ipv6_disable_rpc" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_ipv6_disable_interfaces" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_ipv6_option_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_ipv6_disable_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-iptables" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_iptables_ruleset_modifications" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_iptables_log_and_drop_suspicious" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_iptables_icmp_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_iptables_default_rule_forward" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_iptables_default_rule" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_iptables_activation" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_ip6tables_default_rule" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_iptables_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_ip6tables_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_iptables_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-ipsec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_libreswan_approved_tunnels" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_libreswan_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_network-firewalld" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ruleset_modifications" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_set_firewalld_default_zone" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_firewalld_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_firewalld_activation" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_firewalld_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_firewalld_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_sniffer_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_nmcli_permissions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_disable_zeroconf" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_disable_ddns_interfaces" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_network_configure_name_resolution" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_permissions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_restrictions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_poisoning" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_slub_debug_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_page_poison_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_enable_nx" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_install_PAE_kernel_on_x86-32" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_bios_enable_execution_restrictions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_enable_execshield_settings" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_randomize_va_space" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_kptr_restrict" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_exec_shield" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_daemon_umask" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_umask_for_daemons" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_coredumps" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_fs_suid_dumpable" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_disable_users_coredumps" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_coredump_disable_storage" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_coredump_disable_backtraces" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_systemd-coredump_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_vm_mmap_min_addr" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_user_max_user_namespaces" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_net_core_bpf_jit_harden" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_yama_ptrace_scope" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_unprivileged_bpf_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_sysrq" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_pid_max" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_perf_event_paranoid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_perf_event_max_sample_rate" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_perf_cpu_time_max_percent" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_modules_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_kexec_load_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_dmesg_restrict" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_kernel_core_pattern" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_permissions_local" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_partitions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_tmp_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_tmp_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_tmp_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_tmp_bind" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_audit_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_audit_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_var_log_audit_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_tmp_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_tmp_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_tmp_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_srv_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_opt_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_nosuid_removable_partitions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_noexec_removable_partitions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_nodev_removable_partitions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_nodev_nonroot_local_partitions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_home_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_home_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_home_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_dev_shm_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_dev_shm_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_dev_shm_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_boot_nosuid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_boot_noexec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_boot_nodev" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_boot_noauto" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mounting" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_vfat_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_usb-storage_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_udf_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_squashfs_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_jffs2_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_hfsplus_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_hfs_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_freevxfs_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kernel_module_cramfs_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_nousb_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_bios_disable_usb_boot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_bios_assign_password" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_autofs_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_permissions_within_important_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_root_permissions_syslibrary_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_library_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_binary_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_ownership_library_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_ownership_binary_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupownership_system_commands_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_permissions_library_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_ownership_library_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_group_ownership_library_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_permissions_var_log_dir" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_var_log_messages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_var_log" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_var_log_messages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_var_log" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_var_log_messages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_var_log" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_permissions_important_account_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_gshadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_backup_etc_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_backup_etc_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_backup_etc_gshadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_backup_etc_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_etc_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_etc_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_etc_gshadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_etc_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_backup_etc_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_backup_etc_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_backup_etc_gshadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_backup_etc_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_etc_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_etc_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_etc_gshadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_etc_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_backup_etc_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_backup_etc_passwd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_backup_etc_gshadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_backup_etc_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_fs_protected_symlinks" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysctl_fs_protected_hardlinks" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_files_unowned_by_user" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_ungroupowned" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_unauthorized_world_writable" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_unauthorized_suid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_unauthorized_sgid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_systemmap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_audit_rulesd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_etc_audit_auditd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_perms_world_writable_system_owned_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_perms_world_writable_system_owned" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_perms_world_writable_sticky_bits" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_perms_world_writable_root_owned" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_selinux" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_selinux-booleans" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_zoneminder_run_sudo" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_zoneminder_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_zebra_write_config" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_zarafa_setrlimit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_zabbix_can_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xserver_object_manager" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xserver_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xserver_clients_write_xshm" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xguest_use_bluetooth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xguest_mount_media" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xguest_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xguest_connect_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xend_run_qemu" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xend_run_blktap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xen_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xdm_write_home" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xdm_sysadm_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xdm_exec_bootloader" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_xdm_bind_vnc_tcp_port" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_wine_mmap_zero_ignore" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_webadm_read_user_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_webadm_manage_user_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_xserver" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_usb" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_sanlock" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_samba" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_rawip" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_fusefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_use_comm" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_transition_userdomain" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_sandbox_use_sys_admin" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_sandbox_use_netlink" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_sandbox_use_mknod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_sandbox_use_audit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_sandbox_use_all_caps" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_rw_qemu_ga_data" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_virt_read_qemu_ga_data" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_varnishd_connect_any" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_user_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_use_samba_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_use_nfs_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_use_lpd_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_use_fusefs_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_use_ecryptfs_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_unprivuser_use_svirt" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_unconfined_mozilla_plugin_transition" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_unconfined_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_unconfined_chrome_sandbox_transition" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_tor_can_network_relay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_tor_bind_all_unreserved_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_tmpreaper_use_samba" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_tmpreaper_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_tftp_home_dir" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_tftp_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_telepathy_tcp_connect_generic_network_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_telepathy_connect_all_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_sysadm_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_swift_can_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_staff_use_svirt" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_staff_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ssh_sysadm_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ssh_keysign" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ssh_chroot_rw_homedirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_squid_use_tproxy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_squid_connect_any" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_spamd_enable_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_spamassassin_can_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_smbd_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_smartmon_3ware" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_sge_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_sge_domain_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_use_ssh_chroot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_udp_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_tcp_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_share_music" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_rw_noexattrfile" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_postgresql_connect_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_ping" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_mysql_connect_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_execstack" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_execmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_execheap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_selinuxuser_direct_dri_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_secure_mode_policyload" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_secure_mode_insmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_secure_mode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_secadm_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_saslauthd_read_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_sanlock_use_samba" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_sanlock_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_sanlock_use_fusefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_share_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_share_fusefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_run_unconfined" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_portmapper" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_load_libgfapi" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_export_all_rw" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_export_all_ro" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_enable_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_domain_controller" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_samba_create_home_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_rsync_full_access" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_rsync_export_all_ro" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_rsync_client" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_rsync_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_racoon_read_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_puppetmaster_use_db" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_puppetagent_manage_all_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_prosody_bind_http_port" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_privoxy_connect_any" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_pppd_for_user" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_pppd_can_insmod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_postgresql_selinux_users_ddl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_postgresql_selinux_unconfined_dbadm" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_postgresql_selinux_transmit_client_label" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_postgresql_can_rsync" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_postfix_local_write_mail_spool" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_polyinstantiation_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_polipo_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_polipo_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_polipo_session_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_polipo_session_bind_all_unreserved_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_polipo_connect_all_unreserved" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_piranha_lvs_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_pcp_read_generic_logs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_pcp_bind_all_unreserved_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_openvpn_run_unconfined" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_openvpn_enable_homedirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_openvpn_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_openshift_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_nscd_use_shm" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_nis_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_nfsd_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_nfs_export_all_rw" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_nfs_export_all_ro" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_neutron_can_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_named_write_master_zones" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_named_tcp_bind_http_port" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_nagios_run_sudo" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_nagios_run_pnp4nagios" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mysql_connect_any" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mplayer_execstack" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mpd_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mpd_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mpd_enable_homedirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mozilla_read_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mozilla_plugin_use_spice" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mozilla_plugin_use_gps" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mozilla_plugin_use_bluejeans" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mozilla_plugin_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mozilla_plugin_bind_unreserved_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mount_anyfile" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mock_enable_homedirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mmap_low_allowed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_minidlna_read_generic_user_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mcelog_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mcelog_foreground" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mcelog_exec_scripts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mcelog_client" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_mailman_use_fusefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_lsmd_plugin_connect_any" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_logwatch_can_network_connect_mail" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_logrotate_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_login_console_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_logging_syslogd_use_tty" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_logging_syslogd_run_nagios_plugins" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_logging_syslogd_can_sendmail" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_logadm_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ksmtuned_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ksmtuned_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_kerberos_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_kdumpgui_run_bootloader" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_irssi_use_full_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_irc_use_any_tcp_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_icecast_use_any_tcp_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_verify_dns" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_use_sasl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_use_openstack" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_use_gpg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_use_fusefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_unified" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_tty_comm" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_tmp_exec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_sys_script_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_ssi_exec" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_setrlimit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_serve_cobbler_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_run_stickshift" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_run_preupgrade" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_run_ipa" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_read_user_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_mod_auth_pam" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_mod_auth_ntlm_winbind" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_manage_ipa" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_graceful_shutdown" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_enable_homedirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_enable_ftp_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_enable_cgi" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_dontaudit_search_dirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_dbus_sssd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_dbus_avahi" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_sendmail" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_network_relay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_network_memcache" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_network_connect_db" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_network_connect_cobbler" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_connect_zabbix" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_connect_mythtv" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_connect_ldap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_connect_ftp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_can_check_spam" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_builtin_scripting" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_httpd_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_haproxy_connect_any" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_guest_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_gssd_read_tmp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_gpg_web_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_gluster_export_all_rw" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_gluster_export_all_ro" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_gluster_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_global_ssp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_glance_use_fusefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_glance_use_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_glance_api_can_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_gitosis_can_sendmail" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_system_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_system_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_system_enable_homedirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_session_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_session_bind_all_unreserved_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_cgi_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_cgi_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_git_cgi_enable_homedirs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_use_passive_mode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_use_fusefs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_full_access" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_connect_db" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_connect_all_unreserved" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_ftpd_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_fips_mode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_fenced_can_ssh" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_fenced_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_fcron_crond" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_exim_read_user_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_exim_manage_user_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_exim_can_connect_db" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_entropyd_use_audio" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_domain_kernel_load_modules" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_domain_fd_use" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_dhcpd_use_ldap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_dhcpc_exec_iptables" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_deny_ptrace" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_deny_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_dbadm_read_user_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_dbadm_manage_user_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_dbadm_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_daemons_use_tty" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_daemons_use_tcp_wrapper" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_daemons_enable_cluster_mode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_daemons_dump_core" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cvs_read_shadow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cups_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cron_userdomain_transition" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cron_system_cronjob_use_shares" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cron_can_relabel" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_container_connect_any" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_conman_can_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_condor_tcp_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_collectd_tcp_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cobbler_use_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cobbler_use_cifs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cobbler_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cobbler_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cluster_use_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cluster_manage_all_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cluster_can_network_connect" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_cdrecord_read_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_boinc_execmem" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_awstats_purge_apache_log_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_authlogin_yubikey" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_authlogin_radius" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_authlogin_nsswitch_use_ldap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_auditadm_exec_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_antivirus_use_jit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_antivirus_can_scan_system" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_abrt_upload_watch_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_abrt_handle_event" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sebool_abrt_anon_write" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_selinux_user_login_roles" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_selinux_state" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_selinux_policytype" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_selinux_confinement_of_daemons" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_selinux_all_devicefiles_labeled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_grub2_enable_selinux" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_coreos_enable_selinux_kernel_argument" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_setroubleshoot-plugins_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_setroubleshoot_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_mcstrans_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_setroubleshoot-server_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_policycoreutils-python-utils_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_policycoreutils_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_libselinux_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_services" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_xwindows" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_xwindows" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_xwindows_runlevel_target" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_xwindows_remove_packages" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_xorg-x11-server-common_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_usbguard" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_usbguard_generate_policy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_usbguard_allow_hub" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_usbguard_allow_hid_and_hub" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_usbguard_allow_hid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_configure_usbguard_auditbackend" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_usbguard_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_usbguard_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_sssd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_sssd-ldap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_ldap_start_tls" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_reqcert" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca_dir" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_ssh_known_hosts_timeout" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_run_as_sssd_user" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_offline_cred_expiration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_memcache_timeout" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_enable_smartcards" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_enable_pam_services" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sssd_enable_certmap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_sssd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_sssd_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_sssd-ipa_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ssh" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ssh_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_sshd_strengthen_firewall" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_x11_use_localhost" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_use_strong_rng" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_use_priv_separation" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_use_approved_macs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_use_approved_ciphers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_maxstartups" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_max_sessions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_max_auth_tries" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_loglevel_verbose" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_loglevel_info" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_login_grace_time" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_keepalive_0" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_keepalive" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_set_idle_timeout" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_rekey_limit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_print_last_log" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_limit_user_access" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_enable_x11_forwarding" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_enable_strictmodes" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_enable_pam" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_enable_gssapi_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_x11_forwarding" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_user_known_hosts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_tcp_forwarding" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_root_password_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_root_login" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_rhosts_rsa" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_rhosts" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_pubkey_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_kerb_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_gssapi_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_disable_compression" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sshd_allow_only_protocol2" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firewalld_sshd_port_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_disable_host_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ssh_client" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ssh_client_use_strong_rng_sh" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ssh_client_use_strong_rng_csh" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ssh_client_rekey_limit" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_iptables_sshd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firewalld_sshd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_sshd_pub_key" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_sshd_private_key" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_sshd_config" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_sshd_config" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_sshd_config" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_sshd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_sshd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_openssh-server_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_openssh-clients_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_openssh-server_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_snmp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_snmp_configure_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_snmpd_use_newer_protocol" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_snmpd_not_default_password" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_snmpd_no_rwusers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_snmp_service" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_snmpd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_net-snmp_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_smb" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_samba" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_smb_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_samba_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_configuring_samba" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_smb_restrict_file_sharing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_smb_disable_printing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_smb_server_disable_root" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_require_smb_client_signing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_smb_client_signing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_samba-common_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_routing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_quagga" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_zebra_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_quagga_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_rng" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rngd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_radius" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_freeradius_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_proxy" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_squid" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_squid_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_squid_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_printing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_configure_printing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_cups_disable_printserver" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_cups_disable_browsing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_cups_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_obsolete" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_tftp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_tftpd_uses_secure_mode" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_tftp_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_tftp-server_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_tftp_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_telnet" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_telnet_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_telnet-server_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_telnet_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_talk" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_talk-server_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_talk_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_r_services" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_user_host_based_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_rsh_trust_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_host_based_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rsh_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rexec_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rlogin_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_rsh-server_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_rsh_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_nis" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_ypbind_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_ypserv_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_ypbind_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_inetd_and_xinetd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_xinetd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_xinetd_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rsyncd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ntp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ntpd_specify_remote_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ntpd_specify_multiple_servers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_specify_remote_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_run_as_chrony_user" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_specify_remote_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_specify_multiple_servers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_set_maxpoll" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_no_chronyc_network" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_chronyd_client_only" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_ntp_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_ntpd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_chronyd_or_ntpd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_chronyd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_chrony_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_ntp_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_nfs_and_rpc" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_nfs_configuring_servers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_use_acl_enforce_auth_restrictions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_export_filesystems_read_only" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_configure_exports_restrictively" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_use_root_squashing_all_exports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_use_kerberos_security_all_exports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_restrict_nfs_clients_to_privileged_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_insecure_locks_exports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_no_all_squash_exports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_nfs_configuring_clients" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mounting_remote_filesystems" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_nosuid_remote_filesystems" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_noexec_remote_filesystems" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_nodev_remote_filesystems" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_mount_option_krb_sec_remote_filesystems" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_nfsd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_nfs_no_anonymous" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rpcsvcgssd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_nfs_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_nfs_configuring_all_machines" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_nfs_configure_fixed_ports" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_nfs_fixed_statd_port" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_nfs_fixed_mountd_port" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_nfs_fixed_lockd_udp_port" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_nfs_fixed_lockd_tcp_port" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_nfs_client_or_server_not_both" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_nfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_nfs_services" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rpcbind_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rpcgssd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rpcidmapd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_nfslock_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_netfs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_netfs_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_nfs-utils_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_mail" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_harden_os" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_cfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_relay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_relay_smtp_auth_for_untrusted" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_relay_set_trusted" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_relay_require_tls" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_mail_smtpd_relay_restrictions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_mail_smtpd_recipient_restrictions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_server_dos" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_postfix_server_banner" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_configure_ssl_certs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_install_ssl_cert" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_postfix_client" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_postfix_network_listening_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_postfix_client_configure_relayhost" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_postfix_client_configure_mail_alias" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_postfix_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_sendmail_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ldap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_openldap_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ldap_server_config_certificate_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_openldap-servers_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_openldap_client" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ldap_client_tls_cacertpath" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ldap_client_start_tls" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_enable_ldap_client" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_openldap-clients_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_kerberos" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_kerberos_disable_no_keytab" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_krb5-server_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_imap" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_dovecot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_dovecot_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_dovecot_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_configure_dovecot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dovecot_support_necessary_protocols" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dovecot_enabling_ssl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dovecot_enable_ssl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dovecot_disable_plaintext_auth" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dovecot_configure_ssl_key" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dovecot_configure_ssl_cert" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dovecot_allow_imap_access" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_http" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_securing_httpd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_use_dos_protection_modules" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_secure_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_partition_for_web_content" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_remove_robots_file" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_limit_java_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_encrypt_file_uploads" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_disable_content_symlinks" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_documentroot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_banner_page" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_restrict_info_leakage" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_servertokens_prod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_serversignature_off" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_modules_improve_security" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_deploy_mod_ssl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_require_client_certs" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_install_mod_ssl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_valid_server_cert" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_tls" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_deploy_mod_security" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_install_mod_security" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_minimize_loadable_modules" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_core_modules" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_optional_components" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_minimize_config_files_included" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_basic_authentication" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_webdav" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_url_correction" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_server_side_includes" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_server_configuration_display" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_server_activity_status" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_proxy_support" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_mod_rewrite" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_mime_magic" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_ldap_support" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_enable_log_config" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_digest_authentication" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_cgi_support" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_cache_support" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_directory_restrictions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_restrict_web_directory" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_restrict_root_directory" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_restrict_critical_directories" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_limit_available_methods" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_ignore_htaccess_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_disable_anonymous_ftp_access" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_script_permissions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_anonymous_content_sharing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_configure_php_securely" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_configure_perl_securely" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_perl_taint" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_configure_os_protect_web_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_restrict_file_dir_access" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_http_configure_log_file_ownership" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_httpd_server_modules_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_httpd_server_conf_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_httpd_server_conf_d_files" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_perms_var_log_httpd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dir_perms_etc_httpd_conf" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_chroot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_remote_session_encryption" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_firewall" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_antivirus_scan_uploads" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_remove_backups" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_public_resources_not_shared" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_private_server_on_separate_subnet" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_no_compilers_in_prod" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_nipr_accredited_dmz" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_entrust_passwords" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_enable_system_logging" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_enable_loglevel" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_enable_error_logging" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_disable_mime_types" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_max_keepalive_requests" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_httpd_configure_log_format" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_installing_httpd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_httpd_minimal_modules_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_httpd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_httpd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_httpd_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ftp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ftp_use_vsftpd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_vsftpd_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ftp_configure_vsftpd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_ftp_restrict_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ftp_restrict_to_anon" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ftp_limit_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ftp_present_banner" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ftp_log_transactions" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ftp_home_partition" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ftp_disable_uploads" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_ftp_configure_firewall" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_vsftpd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_vsftpd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_vsftpd_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_fapolicyd" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_fapolicyd_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_fapolicyd_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_docker" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dns" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dns_server_protection" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dns_server_separate_internal_external" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dns_server_partition_with_views" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dns_server_disable_zone_transfers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dns_server_disable_dynamic_updates" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dns_server_authenticate_zone_transfers" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dns_server_isolation" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dns_server_dedicated" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dns_server_chroot" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_dns_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_named_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_bind_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dhcp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_dhcp_server" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_dhcpd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_dhcp_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disabling_dhcp_client" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_sysconfig_networking_bootproto_ifcfg" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dhcp_server_configuration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dhcp_server_minimize_served_info" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dhcp_server_disable_ddns" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dhcp_server_deny_decline" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dhcp_server_deny_bootp" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dhcp_server_configure_logging" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_dhcp_client_configuration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_dhcp_client_restrict_options" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_deprecated" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_inetutils-telnetd_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_telnetd-ssl_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_ntpdate_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_telnetd_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_nis_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_cron_and_at" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_restrict_at_cron_users" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_cron_allow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_cron_allow" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_crontab" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_cron_weekly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_cron_monthly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_cron_hourly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_cron_daily" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_permissions_cron_d" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_crontab" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_cron_weekly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_cron_monthly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_cron_hourly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_cron_daily" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_owner_cron_d" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_crontab" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_cron_weekly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_cron_monthly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_cron_hourly" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_cron_daily" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_file_groupowner_cron_d" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_disable_anacron" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_atd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_cron_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_crond_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_cron_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_base" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_mdmonitor_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rdisc_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_ntpdate_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rhnsd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_abrtd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_kdump_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_portreserve_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_rhsmcertd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_acpid_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_netconsole_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_certmonger_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_quota_nld_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_saslauthd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_sysstat_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_oddjobd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_qpidd_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_cpupower_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_cockpit_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_psacct_enabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_abrt_removed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_package_psacct_installed" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_avahi" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_disable_avahi_group" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_service_avahi-daemon_disabled" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_avahi_configuration" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_avahi_restrict_published_information" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_avahi_prevent_port_sharing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_avahi_ip_only" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_avahi_disable_publishing" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_avahi_check_ttl" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_apt" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_group_apport" selected="false"/>
+  </xccdf:Profile>
+</xccdf:Tailoring>
diff --git a/satellite/host_vars/satellite.example.com/activation_keys.yml b/satellite/host_vars/satellite.example.com/activation_keys.yml
new file mode 100644
index 0000000..0710e0d
--- /dev/null
+++ b/satellite/host_vars/satellite.example.com/activation_keys.yml
@@ -0,0 +1,22 @@
+---
+satellite_activation_keys:
+  # Red Hat Enterprise Linux 7
+  - name: "RHEL7_Dev"
+    lifecycle_environment: "RHEL7_Dev"
+    content_view: "RHEL7"
+  - name: "RHEL7_QA"
+    lifecycle_environment: "RHEL7_QA"
+    content_view: "RHEL7"
+  - name: "RHEL7_Prod"
+    lifecycle_environment: "RHEL7_Prod"
+    content_view: "RHEL7"
+  # Red Hat Enterprise Linux 8
+  - name: "RHEL8_Dev"
+    lifecycle_environment: "RHEL8_Dev"
+    content_view: "RHEL8"
+  - name: "RHEL8_QA"
+    lifecycle_environment: "RHEL8_QA"
+    content_view: "RHEL8"
+  - name: "RHEL8_Prod"
+    lifecycle_environment: "RHEL8_Prod"
+    content_view: "RHEL8"
diff --git a/satellite/host_vars/satellite.example.com/content_views.yml b/satellite/host_vars/satellite.example.com/content_views.yml
new file mode 100644
index 0000000..6e6a7e0
--- /dev/null
+++ b/satellite/host_vars/satellite.example.com/content_views.yml
@@ -0,0 +1,29 @@
+---
+satellite_content_views:
+  # Red Hat Enterprise Linux 7
+  - name: RHEL7
+    content_view: RHEL7
+    repositories:
+    - name: Red Hat Enterprise Linux 7 Server (RPMs)
+      basearch: x86_64
+      releasever: 7Server
+      product: 'Red Hat Enterprise Linux Server'
+    - name: Red Hat Enterprise Linux 7 Server - Extras (RPMs)
+      basearch: x86_64
+      product: 'Red Hat Enterprise Linux Server'
+    - name: Red Hat Satellite Tools 6.8 (for RHEL 7 Server) (RPMs)
+      basearch: x86_64
+      product: 'Red Hat Enterprise Linux Server'
+  # Red Hat Enterprise Linux 8
+  - name: RHEL8
+    content_view: RHEL8
+    content_view_update: true
+    repositories:
+    - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)
+      releasever: 8
+      product: Red Hat Enterprise Linux for x86_64
+    - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)
+      releasever: 8
+      product: Red Hat Enterprise Linux for x86_64
+    - name: Red Hat Satellite Tools 6.8 for RHEL 8 x86_64 (RPMs)
+      product: Red Hat Enterprise Linux for x86_64
diff --git a/satellite/host_vars/satellite.example.com/defaults.yml b/satellite/host_vars/satellite.example.com/defaults.yml
new file mode 100644
index 0000000..5997d72
--- /dev/null
+++ b/satellite/host_vars/satellite.example.com/defaults.yml
@@ -0,0 +1,3 @@
+---
+satellite_organization: "Default Organization"
+satellite_validate_certs: false
diff --git a/satellite/host_vars/satellite.example.com/lifecycle_environments.yml b/satellite/host_vars/satellite.example.com/lifecycle_environments.yml
new file mode 100644
index 0000000..72792a6
--- /dev/null
+++ b/satellite/host_vars/satellite.example.com/lifecycle_environments.yml
@@ -0,0 +1,16 @@
+---
+satellite_lifecycle_environments:
+  # Red Hat Enterprise Linux 7
+  - name: "RHEL7_Dev"
+    prior: "Library"
+  - name: "RHEL7_QA"
+    prior: "RHEL7_Dev"
+  - name: "RHEL7_Prod"
+    prior: "RHEL7_QA"
+  # Red Hat Enterprise Linux 8
+  - name: "RHEL8_Dev"
+    prior: "Library"
+  - name: "RHEL8_QA"
+    prior: "RHEL8_Dev"
+  - name: "RHEL8_Prod"
+    prior: "RHEL8_QA"
diff --git a/satellite/satellite_promote.yml b/satellite/satellite_promote.yml
new file mode 100644
index 0000000..3b39ace
--- /dev/null
+++ b/satellite/satellite_promote.yml
@@ -0,0 +1,17 @@
+---
+- hosts: localhost
+  connection: local
+  gather_facts: no
+  vars:
+    organization: Default Organization
+    lifecycle_environment: undef
+    current_lifecycle_environment: undef
+    content_view: undef
+
+  tasks:
+  - name: Promote Content View
+    redhat.satellite.content_view_version:
+      content_view: "{{ content_view }}"
+      organization: "{{ organization }}"
+      lifecycle_environments: "{{ lifecycle_environment }}"
+      current_lifecycle_environment: "{{ current_lifecycle_environment }}"
diff --git a/satellite/satellite_publish.yml b/satellite/satellite_publish.yml
new file mode 100644
index 0000000..33c2567
--- /dev/null
+++ b/satellite/satellite_publish.yml
@@ -0,0 +1,29 @@
+---
+- hosts: localhost
+  connection: local
+  gather_facts: no
+  vars:
+    content_view: undef
+    env: undef
+    organization: Default Organization
+    lifecycle_environment: "{{ content_view }}_{{ env }}"
+    publish_timeout: 14400
+    publish_retry_interval: 15
+
+  tasks:
+  - name: publish content view
+    redhat.satellite.content_view_version:
+      content_view: "{{ content_view }}"
+      organization: "{{ organization }}"
+      lifecycle_environments: "{{ lifecycle_environment }}"
+#    async: "{{ publish_timeout }}"
+#    poll: 0
+#    register: publish_async
+
+#  - name: check if content view is finished
+#    async_status:
+#      jid: "{{ publish_async.ansible_job_id }}"
+#    register: job_result
+#    until: job_result.finished
+#    retries: "{{ ( publish_timeout / publish_retry_interval ) | int }}"
+#   delay: "{{ publish_retry_interval }}"
diff --git a/satellite/server_openscap.yml b/satellite/server_openscap.yml
new file mode 100644
index 0000000..ac5129b
--- /dev/null
+++ b/satellite/server_openscap.yml
@@ -0,0 +1,16 @@
+---
+- hosts: "{{ HOSTS }}"
+  become: yes
+  vars:
+    policy_name: all
+  roles:
+    - demo.satellite.scap_client
+
+  tasks:
+  - name: Randomized startup delay...
+    pause: seconds="{{ 5 | random }}"
+
+  - name: "Run SCAP Scan"
+    shell: "/usr/bin/foreman_scap_client {{ item.id }}"
+    loop: "{{ policy }}"
+    when: policy_scan == 'all' or item.name in policy_scan
diff --git a/satellite/server_register.yml b/satellite/server_register.yml
new file mode 100644
index 0000000..0ee988a
--- /dev/null
+++ b/satellite/server_register.yml
@@ -0,0 +1,8 @@
+---
+- hosts: "{{ HOSTS }}"
+  become: yes
+  vars:
+    # env: undef
+    satellite_url: "{{ lookup('ansible.builtin.env', 'SATELLITE_SERVER') }}"
+  roles:
+    - demo.satellite.register_host
\ No newline at end of file
diff --git a/satellite/setup.yml b/satellite/setup.yml
new file mode 100644
index 0000000..b8fa354
--- /dev/null
+++ b/satellite/setup.yml
@@ -0,0 +1,275 @@
+user_message:
+
+controller_components:
+  - credential_types
+  - credentials
+  - inventory_sources
+  - job_templates
+  - job_launch
+#  - workflow_job_templates
+
+controller_credential_types:
+  - name: Satellite Collection
+    kind: cloud
+    inputs:
+      fields:
+        - id: username
+          type: string
+          label: Satellite Username
+        - id: password
+          type: string
+          label: Satellite Password
+          secret: true
+        - id: host
+          type: string
+          label: Satellite Hostname
+      required:
+        - username
+        - password
+        - host
+    injectors:
+      env:
+        SATELLITE_SERVER: "{% raw %}{  { host  }}{% endraw %}"
+        SATELLITE_USERNAME: "{% raw %}{  { username  }}{% endraw %}"
+        SATELLITE_PASSWORD: "{% raw %}{  { password  }}{% endraw %}"
+        SATELLITE_VALIDATE_CERTS: 'false'
+
+controller_credentials:
+  - name: Satellite Inventory
+    credential_type: Red Hat Satellite 6
+    organization: Default
+    inputs:
+      host: https://satellite.example.com
+      username: admin
+      password: ansible123!
+  - name: Satellite Credential
+    credential_type: Satellite Collection
+    organization: Default
+    inputs:
+      host: https://satellite.example.com
+      username: admin
+      password: ansible123!
+
+controller_inventory_sources:
+- name: Satellite Inventory
+  inventory: Workshop Inventory
+  credential: Satellite Inventory
+  source: satellite6
+  update_on_launch: false
+  execution_environment: Control Plane Execution Environment
+  overwrite: true
+  source_vars:
+    hostnames:
+      - name.split('.')[0]
+    groups:
+      patch_bugs: foreman_content_facet_attributes.errata_counts.bugfix
+      patch_enhancements: foreman_content_facet_attributes.errata_counts.enhancement
+      patch_security: foreman_content_facet_attributes.errata_counts.security
+    keyed_groups:
+      - prefix: env
+        key: foreman_content_facet_attributes.lifecycle_environment_name
+      - prefix: cv
+        key: foreman_content_facet_attributes.content_view_name
+      - prefix: os
+        key: foreman_operatingsystem_name
+      - prefix: scap
+        key: foreman_compliance_status_label
+    validate_certs: no
+
+controller_templates:
+- name: LINUX / Register with Satellite
+  project: Ansible official demo project
+  playbook: satellite/server_register.yml
+  inventory: Workshop Inventory
+  notification_templates_started: Telemetry
+  notification_templates_success: Telemetry
+  notification_templates_error: Telemetry
+  credentials:
+    - Workshop Credential
+    - Satellite Credential
+  extra_vars:
+    org_id: "Default_Organization"
+  survey_enabled: true
+  survey:
+    name: ''
+    description: ''
+    spec:
+      - question_name: Server Name or Pattern
+        type: text
+        variable: HOSTS
+        required: false
+      - question_name: Choose Environment
+        type: multiplechoice
+        variable: env
+        choices:
+          - Dev
+          - QA
+          - Prod
+        required: true
+
+- name: LINUX / Compliance Scan with Satellite
+  project: Ansible official demo project
+  playbook: satellite/server_openscap.yml
+  inventory: Workshop Inventory
+  execution_environment: Ansible Engine 2.9 execution environment
+  notification_templates_started: Telemetry
+  notification_templates_success: Telemetry
+  notification_templates_error: Telemetry
+  credentials:
+    - Satellite Credential
+    - Workshop Credential
+  extra_vars:
+    policy_scan: all
+  survey_enabled: true
+  survey:
+    name: ''
+    description: ''
+    spec:
+      - question_name: Server Name or Pattern
+        type: text
+        variable: HOSTS
+        required: false
+
+- name: SATELLITE / Publish Content View Version
+  project: Ansible official demo project
+  playbook: satellite/satellite_publish.yml
+  inventory: Workshop Inventory
+  notification_templates_started: Telemetry
+  notification_templates_success: Telemetry
+  notification_templates_error: Telemetry
+  credentials:
+    - Satellite Credential
+  extra_vars:
+    env: Dev
+  survey_enabled: true
+  survey:
+    name: ''
+    description: ''
+    spec:
+      - question_name: Select Content View
+        variable: content_view
+        type: multiplechoice
+        choices: "{{ satellite_content_views | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}"
+        required: true
+
+- name: SATELLITE / Promote Content View Version
+  project: Ansible official demo project
+  playbook: satellite/satellite_promote.yml
+  inventory: Workshop Inventory
+  notification_templates_started: Telemetry
+  notification_templates_success: Telemetry
+  notification_templates_error: Telemetry
+  credentials:
+    - Satellite Credential
+  survey_enabled: true
+  survey:
+    name: ''
+    description: ''
+    spec:
+      - question_name: Select Content View
+        variable: content_view
+        type: multiplechoice
+        choices: "{{ satellite_content_views | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}"
+        required: true
+      - question_name: Current Lifecycle Environment
+        variable: current_lifecycle_environment
+        type: multiplechoice
+        choices: "{{ satellite_lifecycle_environments | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}"
+        required: true
+      - question_name: Next Lifecycle Environment
+        variable: lifecycle_environment
+        type: multiplechoice
+        choices: "{{ satellite_lifecycle_environments | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}"
+        required: true
+
+- name: SETUP / Satellite
+  project: Ansible official demo project
+  playbook: satellite/setup_satellite.yml
+  inventory: Workshop Inventory
+  notification_templates_started: Telemetry
+  notification_templates_success: Telemetry
+  notification_templates_error: Telemetry
+  credentials:
+    - Satellite Credential
+
+    
+controller_launch_jobs:
+  - name: SETUP
+    wait: false
+    extra_vars:
+      demo: linux
+
+  - name: SETUP / Satellite
+    wait: false
+
+#######################
+### Satellite Vars ###
+######################
+satellite_components: 
+  - content_views
+  #- content_view_publish
+  - lifecycle_environments
+  - activation_keys
+
+satellite_organization: "Default Organization"
+satellite_validate_certs: false
+
+satellite_content_views:
+  # Red Hat Enterprise Linux 7
+  - name: RHEL7
+    content_view: RHEL7
+    repositories:
+    - name: Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server
+      product: 'Red Hat Enterprise Linux Server'
+    - name: Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64
+      product: 'Red Hat Enterprise Linux Server'
+    - name: Red Hat Satellite Client 6 for RHEL 7 Server RPMs x86_64
+      product: 'Red Hat Enterprise Linux Server'
+  # Red Hat Enterprise Linux 8
+  - name: RHEL8
+    content_view: RHEL8
+    repositories:
+    - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS RPMs 8
+      product: Red Hat Enterprise Linux for x86_64
+    - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream RPMs 8
+      product: Red Hat Enterprise Linux for x86_64
+    - name: Red Hat Satellite Client 6 for RHEL 8 x86_64 RPMs
+      product: Red Hat Enterprise Linux for x86_64
+
+satellite_lifecycle_environments:
+  # Red Hat Enterprise Linux 7
+  - name: "RHEL7_Dev"
+    prior: "Library"
+  - name: "RHEL7_QA"
+    prior: "RHEL7_Dev"
+  - name: "RHEL7_Prod"
+    prior: "RHEL7_QA"
+  # Red Hat Enterprise Linux 8
+  - name: "RHEL8_Dev"
+    prior: "Library"
+  - name: "RHEL8_QA"
+    prior: "RHEL8_Dev"
+  - name: "RHEL8_Prod"
+    prior: "RHEL8_QA"
+
+satellite_activation_keys:
+  # Red Hat Enterprise Linux 7
+  - name: "RHEL7_Dev"
+    lifecycle_environment: "RHEL7_Dev"
+    content_view: "RHEL7"
+  - name: "RHEL7_QA"
+    lifecycle_environment: "RHEL7_QA"
+    content_view: "RHEL7"
+  - name: "RHEL7_Prod"
+    lifecycle_environment: "RHEL7_Prod"
+    content_view: "RHEL7"
+  # Red Hat Enterprise Linux 8
+  - name: "RHEL8_Dev"
+    lifecycle_environment: "RHEL8_Dev"
+    content_view: "RHEL8"
+  - name: "RHEL8_QA"
+    lifecycle_environment: "RHEL8_QA"
+    content_view: "RHEL8"
+  - name: "RHEL8_Prod"
+    lifecycle_environment: "RHEL8_Prod"
+    content_view: "RHEL8"
diff --git a/satellite/setup_satellite.yml b/satellite/setup_satellite.yml
new file mode 100644
index 0000000..c70fa47
--- /dev/null
+++ b/satellite/setup_satellite.yml
@@ -0,0 +1,54 @@
+---
+- hosts: localhost
+  gather_facts: no
+  vars_files: setup.yml
+  vars:
+    refresh_satellite_manifest: true
+
+  tasks:
+  - name: refresh manifest
+    redhat.satellite.subscription_manifest:
+      organization: "Default Organization"
+      state: refreshed
+    when: refresh_satellite_manifest
+
+  - name: Setup CV
+    include_role:
+      name: redhat.satellite.content_views
+
+  - name: Publish CV
+    include_role:
+      name: redhat.satellite.content_view_publish
+    vars:
+      satellite_content_views:
+      - RHEL7
+      - RHEL8
+
+  - name: Setup Lifecycle Environment
+    include_role:
+      name: redhat.satellite.lifecycle_environments
+
+  - name: redhat.satellite.content_view_publish CV
+    redhat.satellite.content_view_version:
+      organization: "{{ satellite_organization }}"
+      content_view: "{{ item }}"
+      lifecycle_environments:
+        - "{{ item }}_Dev"
+        - "{{ item }}_QA"
+        - "{{ item }}_Prod"
+    loop:
+      - RHEL7
+      - RHEL8
+
+  - name: Setup activation_keys
+    include_role:
+      name: redhat.satellite.activation_keys
+
+  - name: Add SCAP Tailoring File
+    redhat.satellite.scap_tailoring_file:
+      name: RHEL7_STIG
+      organizations: "{{ satellite_organization }}"
+      scap_file: "{{ item }}"
+    loop: 
+      - files/ssg-rhel7-ds-tailoring.xml
+      - files/ssg-rhel8-ds-tailoring-stig-gui.xml
diff --git a/setup_demo.yml b/setup_demo.yml
index bc51eba..0850b63 100644
--- a/setup_demo.yml
+++ b/setup_demo.yml
@@ -13,6 +13,12 @@
           - notification_templates
           - job_templates
           - settings
+        controller_execution_environments:
+          - name: product-demos
+            image: http://quay.io/acme_corp/product-demos-ee:latest
+        controller_organizations:
+          - name: Default
+            default_environment: product-demos
         controller_notifications:
           - name: Telemetry
             organization: Default
@@ -22,7 +28,7 @@
               http_method: POST
               headers: {}
         controller_templates:
-          - name: "FEEDBACK"
+          - name: "SUBMIT FEEDBACK"
             job_type: run
             inventory: "Workshop Inventory"
             project: "Ansible official demo project"
diff --git a/windows/create_ad_domain.yml b/windows/create_ad_domain.yml
index 2a085e8..bddbed6 100644
--- a/windows/create_ad_domain.yml
+++ b/windows/create_ad_domain.yml
@@ -4,7 +4,6 @@
   gather_facts: false
 
   tasks:
-
   - name: Set Local Admin Password
     ansible.windows.win_user:
       name: Administrator