The system must use a separate file

The system must use a separate file system for /tmp.

The system must use a separate file system for /var.

The system must use a separate file system for /var/log.

The system must use a separate file system for user home directories.

The nodev, nosuid, noexec mount option must be enabled.