diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index d89d199..6abad7b 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -48,7 +48,7 @@ repos:
     name: Run Gitleaks test
 
 - repo: https://github.com/ansible-community/ansible-lint
-  rev: v26.3.0
+  rev: v26.1.1
   hooks:
   - id: ansible-lint
     name: Ansible-lint
diff --git a/defaults/main.yml b/defaults/main.yml
index 7de968f..4245f53 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -959,13 +959,6 @@ rhel9cis_ssh_maxsessions: 4
 # This variable defines the path and file name of the sudo log file.
 rhel9cis_sudolog_location: "/var/log/sudo.log"
 
-## Control 5.2.4 - Ensure users must provide password for escalation
-# The following variable specifies a list of users that should not be required to provide a password
-# for escalation. Feel free to edit it according to your needs.
-rhel9cis_sudoers_exclude_nopasswd_list:
-  - ec2-user
-  - vagrant
-
 ## Control 5.2.x - Ensure sudo authentication timeout is configured correctly
 # This variable sets the duration (in minutes) during which a user's authentication credentials
 # are cached after successfully authenticating using "sudo". This allows the user to execute
@@ -1111,7 +1104,7 @@ rhel9cis_passwd_dictcheck_file: etc/security/pwquality.conf.d/50-pwdictcheck.con
 rhel9cis_passwd_dictcheck_value: 1
 
 # 5.3.3.2.7 - Ensure password quality is enforced for the root user
-rhel9cis_passwd_quality_enforce_file: etc/security/pwquality.conf.d/50-pwroot.conf  # pragma: allowlist secret
+rhel9cis_passwd_quality_enforce_file: etc/security/pwquality.conf.d/50-pwquality_enforce.conf  # pragma: allowlist secret
 rhel9cis_passwd_quality_enforce_value: 1
 rhel9cis_passwd_quality_enforce_root_value: enforce_for_root  # pragma: allowlist secret
 
diff --git a/tasks/prelim.yml b/tasks/prelim.yml
index 91e576d..09e3620 100644
--- a/tasks/prelim.yml
+++ b/tasks/prelim.yml
@@ -259,8 +259,6 @@
 
 - name: "PRELIM | PATCH | sshd_config.d/50-redhat.conf exists"
   when: rhel9cis_rule_5_1_10 or rhel9cis_rule_5_1_11
-  tags:
-    - always
   ansible.builtin.stat:
     path: /etc/ssh/sshd_config.d/50-redhat.conf
   register: prelim_sshd_50_redhat_file
diff --git a/tasks/section_5/cis_5.3.3.2.x.yml b/tasks/section_5/cis_5.3.3.2.x.yml
index a53d857..aa2e0f8 100644
--- a/tasks/section_5/cis_5.3.3.2.x.yml
+++ b/tasks/section_5/cis_5.3.3.2.x.yml
@@ -340,7 +340,7 @@
         - system
       notify: Authselect update
 
-- name: "5.3.3.2.7 | PATCH | Ensure password quality is enforced for the root user"
+- name: "5.3.3.2.7 | PATCH | Ensure password quality checking is enforced"
   when: rhel9cis_rule_5_3_3_2_7
   tags:
     - level1-server