diff --git a/defaults/main.yml b/defaults/main.yml
index 321e1f24..bca16ac0 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -506,7 +506,7 @@ security_pam_faillock_unlock_time: 604800                    # RHEL-07-010372
 # Limit the number of concurrent connections per account.
 #security_rhel7_concurrent_session_limit: 10                 # RHEL-07-040010
 # Remove .shosts and shosts.equiv files.
-security_rhel7_remove_shosts_files: yes                      # RHEL-07-040330
+security_rhel7_remove_shosts_files: no                       # RHEL-07-040330
 
 ## File permissions (file_perms)
 # Reset file permissions and ownership for files installed via RPM packages.
diff --git a/doc/metadata/rhel7/RHEL-07-040330.rst b/doc/metadata/rhel7/RHEL-07-040330.rst
index 220484d4..ffc4d77e 100644
--- a/doc/metadata/rhel7/RHEL-07-040330.rst
+++ b/doc/metadata/rhel7/RHEL-07-040330.rst
@@ -1,14 +1,18 @@
 ---
 id: RHEL-07-040330
-status: implemented
+status: opt-in
 tag: auth
 ---
 
 The tasks in the security role examine the filesystem for any ``.shosts`` or
 ``shosts.equiv`` files. If they are found, they are deleted.
 
-Deployers can opt out of this change by setting the following Ansible variable:
+The search for these files will take a very long time on systems with slow
+disks or systems with a large amount of files. Therefore, this task is skipped
+by default.
+
+Deployers can opt in for this change by setting the following Ansible variable:
 
 .. code-block:: yaml
 
-    security_rhel7_remove_shosts_files: no
+    security_rhel7_remove_shosts_files: yes
diff --git a/releasenotes/notes/shosts-file-search-opt-in-887f600a79eef07e.yaml b/releasenotes/notes/shosts-file-search-opt-in-887f600a79eef07e.yaml
new file mode 100644
index 00000000..bee7e0a2
--- /dev/null
+++ b/releasenotes/notes/shosts-file-search-opt-in-887f600a79eef07e.yaml
@@ -0,0 +1,7 @@
+---
+security:
+  - |
+    The tasks that search for ``.shosts`` and ``shosts.equiv`` files
+    (STIG ID: RHEL-07-040330) are now skipped by default. The search takes a
+    long time to complete on systems with lots of files and it also causes a
+    significant amount of disk I/O while it runs.
diff --git a/tests/test.yml b/tests/test.yml
index 61c0fbc3..1c40dc33 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -96,3 +96,4 @@
     security_require_grub_authentication: yes
     security_set_home_directory_permissions_and_owners_recursively: no
     security_reset_perm_ownership: yes
+    security_rhel7_remove_shosts_files: yes