If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented out, and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.
should be:
If the "PermitRootLogin" keyword is not set to "no", is missing, or is commented out, and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.
TOSS-04-010040
Check text says:
should be: