CIS Distribution Independent Linux Workstation L1 v1.1.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Distribution Independent Linux Workstation L1 v1.1.0

Updated: 3/24/2020

Authority: CIS

Plugin: Unix

Revision: 1.9

Estimated Item Count: 315

File Details

Filename: CIS_Distribution_Independent_Linux_Workstation_L1_v1.1.0.audit

Size: 436 kB

MD5: 89a69587becab4e6f7bb851f3413bc02

SHA256: dbd86ba72c5a9b81b9008443aa1b3aed7932425279613f28e83e492fad6e0f38

Audit Items

Description	Categories
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.7 Ensure mounting of udf filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.7 Ensure mounting of udf filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.3 Ensure nodev option set on /tmp partition	ACCESS CONTROL
1.1.4 Ensure nosuid option set on /tmp partition	ACCESS CONTROL
1.1.5 Ensure noexec option set on /tmp partition	ACCESS CONTROL
1.1.8 Ensure nodev option set on /var/tmp partition	ACCESS CONTROL
1.1.9 Ensure nosuid option set on /var/tmp partition	ACCESS CONTROL
1.1.10 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL
1.1.11 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL
1.1.12 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL
1.1.13 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL
1.1.14 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL
1.1.18 Ensure nodev option set on /home partition	ACCESS CONTROL
1.1.19 Ensure nodev option set on /dev/shm partition	ACCESS CONTROL
1.1.20 Ensure nosuid option set on /dev/shm partition	ACCESS CONTROL
1.1.21 Ensure noexec option set on /dev/shm partition	ACCESS CONTROL
1.1.22 Ensure nodev option set on removable media partitions	CONFIGURATION MANAGEMENT
1.1.23 Ensure nosuid option set on removable media partitions	CONFIGURATION MANAGEMENT
1.1.24 Ensure noexec option set on removable media partitions	CONFIGURATION MANAGEMENT
1.1.25 Ensure sticky bit is set on all world-writable directories	ACCESS CONTROL
1.2.1 Ensure package manager repositories are configured - apt-cache policy	SYSTEM AND INFORMATION INTEGRITY
1.2.1 Ensure package manager repositories are configured - yum	SYSTEM AND INFORMATION INTEGRITY
1.2.1 Ensure package manager repositories are configured - zypper	SYSTEM AND INFORMATION INTEGRITY
1.2.2 Ensure GPG keys are configured - apt-key list	SYSTEM AND INFORMATION INTEGRITY
1.2.2 Ensure GPG keys are configured - yum	SYSTEM AND INFORMATION INTEGRITY
1.2.2 Ensure GPG keys are configured - zypper repos	SYSTEM AND INFORMATION INTEGRITY
1.3.1 Ensure AIDE is installed - dpkg	CONFIGURATION MANAGEMENT
1.3.1 Ensure AIDE is installed - rpm	CONFIGURATION MANAGEMENT
1.3.1 Ensure AIDE is installed - zypper	CONFIGURATION MANAGEMENT
1.3.2 Ensure filesystem integrity is regularly checked	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure permissions on bootloader config are configured	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure permissions on bootloader config are configured - /boot/grub/grub.cfg	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure permissions on bootloader config are configured - /boot/grub/grub.conf	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure permissions on bootloader config are configured - /boot/grub/menu.lst	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure permissions on bootloader config are configured - /boot/grub2/grub.cfg	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure permissions on bootloader config are configured - /boot/grub2/grub.conf	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure permissions on bootloader config are configured - /boot/grub2/menu.lst	SYSTEM AND INFORMATION INTEGRITY
1.4.2 Ensure bootloader password is set	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

CIS Distribution Independent Linux Workstation L1 v1.1.0

Warning! Audit Deprecated

Audit Details

File Details

Audit Items