CIS Docker 1.11.0 v1.0.0 L1 Linux

Audit Details

Name: CIS Docker 1.11.0 v1.0.0 L1 Linux

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.20

Estimated Item Count: 21

File Details

Filename: CIS_Docker_1.11.0_v1.0.0_L1_Linux.audit

Size: 41.3 kB

MD5: e538654dd3081e7ce73892cedfc58c0c
SHA256: fb3d5a9affe5f00781a161ee4821e5af31fc57fae16e891bff4c3ec8e75d6b15

Audit Items

DescriptionCategories
1.1 Create a separate partition for containers

SYSTEM AND COMMUNICATIONS PROTECTION

1.2 Use the updated Linux Kernel

SYSTEM AND INFORMATION INTEGRITY

1.3 Harden the container host

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - DPKG

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - RPM

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - Running Processes

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - Sockets

CONFIGURATION MANAGEMENT

1.5 Keep Docker up to date

SYSTEM AND INFORMATION INTEGRITY

1.6 Only allow trusted users to control Docker daemon

ACCESS CONTROL

1.7 Audit docker daemon

AUDIT AND ACCOUNTABILITY

1.8 Audit Docker files and directories - /var/lib/docker

AUDIT AND ACCOUNTABILITY

1.9 Audit Docker files and directories - /etc/docker

AUDIT AND ACCOUNTABILITY

1.10 Audit Docker files and directories - docker.service

AUDIT AND ACCOUNTABILITY

1.11 Audit Docker files and directories - docker.socket

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - /etc/default/docker

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /etc/docker/daemon.json

AUDIT AND ACCOUNTABILITY

1.14 Audit Docker files and directories - /usr/bin/docker-containerd

AUDIT AND ACCOUNTABILITY

1.15 Audit Docker files and directories - /usr/bin/docker-runc

AUDIT AND ACCOUNTABILITY

6.4 Avoid image sprawl

CONFIGURATION MANAGEMENT

6.5 Avoid container sprawl

SYSTEM AND INFORMATION INTEGRITY

CIS_Docker_1.11.0_v1.0.0_L1_Linux.audit Level 1 Linux