Detections
Analytics

CIS IBM AIX 7.2 L2 v1.1.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS IBM AIX 7.2 L2 v1.1.0

Updated: 12/3/2024

Authority: CIS

Plugin: Unix

Revision: 1.2

Estimated Item Count: 46

File Details

Filename: CIS_AIX_7.2_Benchmark_v1.1.0_Level_2.audit

Size: 116 kB

MD5: d02e5958b70cb2f401927332dd96ef55
SHA256: 24ecf532d1f503d054cfdf5d1cad4d32f90e46d397a0af5430a43ffb151331ea

Audit Items

DescriptionCategories
2.6 Enforce Allowlist aka Trusted Execution Checks
2.8 Ensure the Trusted Execution Policies cannot be modified
3.1 Encryption: File System Level (EFS)
3.2 Encryption: Logical Volume (ELV)
4.1.2.9 mrouted
4.1.3.1 autoconf6
4.1.3.2 ndpd-host
4.1.3.3 ndpd-router
4.1.4.2 NFS - de-install NFS server
4.1.4.5 NFS - restrict NFS access
4.1.4.7 NFS - secure NFS
4.4.1.1 NIS - de-install NIS client
4.4.1.2 NIS - de-install NIS server
4.4.1.3 NIS - remove NIS markers from password and group files
4.4.1.4 NIS - restrict NIS server communication
4.4.2 Remote command lockdown
4.4.3 Removal of entries from /etc/hosts.equiv
4.4.4 Removal of .rhosts and .netrc files
4.4.5 Remote daemon lockdown
4.5.1.2 /etc/inetd.conf - cmsd
4.5.1.3 CDE - disabling dtlogin
4.5.1.4 /etc/inetd.conf - dtspc
4.5.1.6 CDE - remote GUI login disabled
4.5.3.5 sshd_config: PermitRootLogin is 'prohibit-password' or 'no'
4.5.3.14 sshd_config: Use Conditional exception(s).
4.5.5.1 SNMP - disable private community string
4.5.5.2 SNMP - disable system community string
4.5.5.3 SNMP - disable public community string
4.5.5.4 SNMP - disable Readwrite community access
4.5.5.5 SNMP - restrict community access
4.6.6 Unattended terminal session timeout is 900 seconds (or less) - readonly
4.8.1 TE - implementation
6.1.1 Create baseline of executables that elevate to a different GUID (Not scored)
6.1.2 Create baseline of executables that require a specific group for elevation to a different EUID (not scored)
6.1.3 Create baseline of executables that elevate directly to a new EUID (not scored)
6.2.1 Privilege escalation: enhanced RBAC
6.3.1 Privilege escalation: sudo
6.3.2 Ensure sudo logging is active
6.3.3 Ensure sudo commands use pty
6.5 Services - at access is root only
6.7 Services - crontab access is root only
7.1 Use FLRT regularly
8.1.2 Configuring syslog - remote logging
8.1.3 Configuring syslog - remote messages
8.2 AIX Auditing
CIS_AIX_7.2_Benchmark_v1.1.0_Level_2.audit from CIS AIX 7.2 Benchmark v1.1.0 Level 2 Benchmark