What were you trying to do that didn't work?

Ran the 'Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)' compliance scan on the RHEL 8.9 with scap-security-guide-0.1.72-2.el8_9 and it showed the 'Enable FIPS Mode' rule failed on the host.

To fix the issue, created the remediation plan and executed the playbook on the host , and rebooted it to FIPS mode to take effect. After this ran the compliance scan again, however, the  'Enable FIPS Mode' rule is still showing as failed on the RHEL 8.9 host.

What is the impact of this issue to you?

Security compliance on our system is more important to our department.

Please provide the package NVR for which the bug is seen:

scap-security-guide-0.1.72-2.el8_9.noarch

How reproducible is this bug?:

Always

Steps to reproduce

1. Register RHEL 8.9 having scap-security-guide-0.1.72-2.el8_9 with Insights
2. Connect it with RHC for remote remediation
3. Create an 'Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)' compliance policy and assign this host to it.
4. Run the 'insights-client --compliance' command on the host.
5. Create a remediation for FIPS rules and execute it on the host. Reboot the host.
6. Rerun the insights compliance command.
7. Now check the compliance results.

Expected results

The 'Enable FIPS Mode' rule should be removed from the host's compliance results.

Actual results

False positive for the 'Enable FIPS Mode' rule on RHEL 8.9 host.

Additional information

This works with scap-security-guide-0.1.74-3.el8_10.noarch version but it is an unsupported SSG version for RHEL 8.9.