diff --git a/components/gnome.yml b/components/gnome.yml
index 25bccf83300..908c81d528e 100644
--- a/components/gnome.yml
+++ b/components/gnome.yml
@@ -47,6 +47,7 @@ rules:
 - gnome_gdm_disable_guest_login
 - gnome_gdm_disable_unattended_automatic_login
 - gnome_gdm_disable_xdmcp
+- group_server_with_gui_removed
 - gui_login_dod_acknowledgement
 - package_gdm_removed
 - xwayland_disabled
diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml
index 980e4e12bce..9a8b0cd46bd 100644
--- a/controls/cis_rhel10.yml
+++ b/controls/cis_rhel10.yml
@@ -968,6 +968,7 @@ controls:
       status: automated
       rules:
           - package_gdm_removed
+          - group_server_with_gui_removed
 
     - id: 2.1.20
       title: Ensure X window server services are not in use (Automated)
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/ansible/shared.yml
new file mode 100644
index 00000000000..8803c9f603a
--- /dev/null
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/ansible/shared.yml
@@ -0,0 +1,22 @@
+# platform = multi_platform_rhel
+# strategy = configure
+# complexity = low
+# disruption = low
+# reboot = false
+
+# Note: This is important to update dependencies to allow the removal of the Server
+# with GUI group with minimal impact to the system functionality.
+- name: "{{{ rule_title }}} - Install Minimal Install group"
+  ansible.builtin.command:
+    cmd: dnf groupinstall -y 'Minimal Install'
+  when: not ansible_check_mode
+
+- name: "{{{ rule_title }}} - Remove Server with GUI group"
+  ansible.builtin.command:
+    cmd: dnf groupremove -y 'Server with GUI'
+  when: not ansible_check_mode
+
+- name: "{{{ rule_title }}} - Install Server group"
+  ansible.builtin.command:
+    cmd: dnf groupinstall -y 'Server'
+  when: not ansible_check_mode
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/bash/shared.sh b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/bash/shared.sh
new file mode 100644
index 00000000000..fe106d62f04
--- /dev/null
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/bash/shared.sh
@@ -0,0 +1,9 @@
+# platform = multi_platform_rhel
+
+# Note: This is important to update dependencies to allow the removal of the Server
+# with GUI group with minimal impact to the system functionality.
+dnf groupinstall -y "Minimal Install"
+
+# Remove the Server with GUI group
+dnf groupremove -y "Server with GUI"
+dnf groupinstall -y "Server"
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/rule.yml
new file mode 100644
index 00000000000..e5616aeab9d
--- /dev/null
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/rule.yml
@@ -0,0 +1,41 @@
+documentation_complete: true
+
+title: 'Remove the Server with GUI Package Group'
+
+description: |-
+    By removing the <tt>Server with GUI</tt> package group, the system no longer has a graphical user interface (GUI) installed.
+    If a GUI is not installed then the system cannot boot into graphical user mode.
+    This prevents the system from being accidentally or maliciously booted into a <tt>graphical.target</tt> mode.
+    To do so, run the following command:
+    <pre>dnf groupremove -y "Server with GUI"</pre>
+
+rationale: |-
+    Unnecessary service packages must not be installed to decrease the attack surface of the system.
+    If a Graphical User Interface (GUI) is not required, it should be removed to reduce the
+    attack surface of the system.
+
+severity: medium
+
+identifiers:
+    cce@rhel10: CCE-87443-8
+
+ocil_clause: The Server with GUI package group has not been removed
+
+ocil: |-
+    Run the following command to verify the Installed Environment Group is not
+    Server with GUI:
+    # dnf grouplist | sed -n '/Installed Environment Groups:/,/Installed Groups:/p'
+    The output should not contain the Server with GUI group.
+
+fixtext: |-
+    Run the following commands to remove the Server with GUI package group:
+    # dnf groupinstall -y "Minimal Install"
+    Note: This is important to update dependencies to allow the removal of the Server
+    with GUI group with minimal impact to the system functionality.
+    # dnf groupremove -y "Server with GUI"
+    # dnf groupinstall -y "Server"
+    # reboot
+
+warnings:
+    - general: |-
+        This rule doesn't come with an OVAL check, as it is not possible to check if the Server with GUI group is installed using the OVAL rpm objects. Therefore, this rule contains only an SCE check.
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/sce/shared.sh b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/sce/shared.sh
new file mode 100644
index 00000000000..bdd4dc54541
--- /dev/null
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/sce/shared.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+# platform = multi_platform_rhel
+# check-import = stdout
+
+if dnf grouplist | sed -n '/Installed Environment Groups:/,/Installed Groups:/p' | grep -q "Server with GUI"; then
+    echo "Server with GUI group is installed"
+    exit $XCCDF_RESULT_FAIL
+fi
+
+exit $XCCDF_RESULT_PASS
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/tests/installed.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/tests/installed.fail.sh
new file mode 100644
index 00000000000..5cab3ea945a
--- /dev/null
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/tests/installed.fail.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+dnf groupinstall -y "Server with GUI"
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/tests/removed.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/tests/removed.pass.sh
new file mode 100644
index 00000000000..5dcbf8b8b4f
--- /dev/null
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/group_server_with_gui_removed/tests/removed.pass.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+# Note: This is important to update dependencies to allow the removal of the Server
+# with GUI group with minimal impact to the system functionality.
+dnf groupinstall -y "Minimal Install"
+
+# Remove the Server with GUI group
+dnf groupremove -y "Server with GUI"
+dnf groupinstall -y "Server"
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index 10573c2feb7..bd70c57af8f 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -431,7 +431,6 @@ CCE-87438-8
 CCE-87440-4
 CCE-87441-2
 CCE-87442-0
-CCE-87443-8
 CCE-87446-1
 CCE-87450-3
 CCE-87453-7
diff --git a/tests/data/profile_stability/rhel10/cis.profile b/tests/data/profile_stability/rhel10/cis.profile
index b1ff9a39d67..37244fcf01f 100644
--- a/tests/data/profile_stability/rhel10/cis.profile
+++ b/tests/data/profile_stability/rhel10/cis.profile
@@ -256,6 +256,7 @@ file_permissions_user_cfg
 file_permissions_var_log_audit
 firewalld_loopback_traffic_trusted
 gid_passwd_group_same
+group_server_with_gui_removed
 group_unique_id
 group_unique_name
 groups_no_zero_gid_except_root