CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0

Audit Details

Name: CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.9

Estimated Item Count: 19

File Details

Filename: CIS_Apache_Cassandra_3.11_v1.0.0_L2_OS_Unix.audit

Size: 46.3 kB

MD5: 50d98fc9356e791d3c58af4502fb8860
SHA256: b3cb05c53ef4a020de3e2b1937dd4277b695756d1c6b5bbff075c8442656911c

Audit Items

DescriptionCategories
1.1 Ensure a separate user and group exist for Cassandra - group

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - passwd

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - user exists in group

ACCESS CONTROL

1.2 Ensure the latest version of Java is installed

SYSTEM AND SERVICES ACQUISITION

1.3 Ensure the latest version of Python is installed

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure latest version of Cassandra is installed

SYSTEM AND SERVICES ACQUISITION

1.5 Ensure the Cassandra service is run as a non-root user

ACCESS CONTROL

1.6 Ensure clocks are synchronized on all nodes

AUDIT AND ACCOUNTABILITY

2.1 Ensure that authentication is enabled for Cassandra databases

ACCESS CONTROL

2.2 Ensure that authorization is enabled for Cassandra databases

ACCESS CONTROL

3.2 Ensure that the default password changed for the cassandra role

ACCESS CONTROL

3.4 Ensure that Cassandra is run using a non-privileged, dedicated service account

ACCESS CONTROL

3.5 Ensure that Cassandra only listens for network connections on authorized interfaces

SYSTEM AND INFORMATION INTEGRITY

4.1 Ensure that logging is enabled. - logback.xml

AUDIT AND ACCOUNTABILITY

4.1 Ensure that logging is enabled. - nodetool getlogginglevels

AUDIT AND ACCOUNTABILITY

4.2 Ensure that auditing is enabled

AUDIT AND ACCOUNTABILITY

5.1 Inter-node Encryption

SYSTEM AND COMMUNICATIONS PROTECTION

5.2 Client Encryption

SYSTEM AND COMMUNICATIONS PROTECTION

CIS_Apache_Cassandra_3.11_v1.0.0_L1_OS_Unix.audit from CIS Apache Cassandra 3.11 Benchmark v1.0.0