| 1.1 Create a separate partition for containers | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2 Use the updated Linux Kernel | SYSTEM AND INFORMATION INTEGRITY |
| 1.3 Do not use development tools in production | CONFIGURATION MANAGEMENT |
| 1.4 Harden the container host | CONFIGURATION MANAGEMENT |
| 1.5 Remove all non-essential services from the host - DPKG | CONFIGURATION MANAGEMENT |
| 1.5 Remove all non-essential services from the host - RPM | CONFIGURATION MANAGEMENT |
| 1.5 Remove all non-essential services from the host - running processes | CONFIGURATION MANAGEMENT |
| 1.5 Remove all non-essential services from the host - sockets | CONFIGURATION MANAGEMENT |
| 1.6 Keep Docker up to date | SYSTEM AND INFORMATION INTEGRITY |
| 1.7 Only allow trusted users to control Docker daemon | ACCESS CONTROL |
| 1.8 Audit docker daemon | AUDIT AND ACCOUNTABILITY |
| 1.9 Audit Docker files and directories - /var/lib/docker | AUDIT AND ACCOUNTABILITY |
| 1.10 Audit Docker files and directories - /etc/docker | AUDIT AND ACCOUNTABILITY |
| 1.11 Audit Docker files and directories - docker-registry.service | AUDIT AND ACCOUNTABILITY |
| 1.12 Audit Docker files and directories - docker.service | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /var/run/docker.sock | AUDIT AND ACCOUNTABILITY |
| 1.14 Audit Docker files and directories - /etc/sysconfig/docker | AUDIT AND ACCOUNTABILITY |
| 1.15 Audit Docker files and directories - /etc/sysconfig/docker-network | AUDIT AND ACCOUNTABILITY |
| 1.16 Audit Docker files and directories - /etc/sysconfig/docker-registry | AUDIT AND ACCOUNTABILITY |
| 1.17 Audit Docker files and directories - /etc/sysconfig/docker-storage | AUDIT AND ACCOUNTABILITY |
| 1.18 Audit Docker files and directories - /etc/default/docker | AUDIT AND ACCOUNTABILITY |
| 6.6 Avoid image sprawl | CONFIGURATION MANAGEMENT |
| 6.7 Avoid container sprawl | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Docker_1.6_v1.0.0_L1_Linux.audit Level 1 Linux | |
