Cheat Sheets

Security - Execute Disable Support

Description

On Intel CPUs execute disable protection should be active

Tags

  • CCE-27001-4

Check Script: security-nx-enabled.sh

if [[ $(dmesg | grep '[NX|DX]*protection: active') != "" ]]; then
	result_failed "Intel Execute Disable support not active!"
fi