Detections
Analytics

CIS Docker v1.5.0 L2 Docker Linux

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Docker v1.5.0 L2 Docker Linux

Updated: 9/6/2023

Authority: CIS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 23

File Details

Filename: CIS_Docker_v1.5.0_L2_Docker_Linux.audit

Size: 40.4 kB

MD5: 518141989d66e515f601df386311c61c
SHA256: 600012ce5fd4f38dbb7a36b323c694003a7f31f9bae2407773c4e3467d2bd447

Audit Items

DescriptionCategories
2.9 Enable user namespace support - /etc/subgid
2.9 Enable user namespace support - /etc/subuid
2.9 Enable user namespace support - SecurityOptions
2.10 Ensure the default cgroup usage has been confirmed - daemon.json
2.10 Ensure the default cgroup usage has been confirmed - dockerd
2.11 Ensure base device size is not changed until needed - daemon.json
2.11 Ensure base device size is not changed until needed - dockerd
2.12 Ensure that authorization for Docker client commands is enabled
2.13 Ensure centralized and remote logging is configured
2.17 Ensure that a daemon-wide custom seccomp profile is applied if appropriate
4.5 Ensure Content trust for Docker is Enabled
4.8 Ensure setuid and setgid permissions are removed
4.11 Ensure only verified packages are installed
5.2 Ensure that, if applicable, SELinux security options are set
5.22 Ensure that docker exec commands are not used with the privileged option
5.23 Ensure that docker exec commands are not used with the user=root option
5.29 Ensure that Docker's default bridge 'docker0' is not used - docker0 is not used
7.5 Ensure that Docker's secret management commands are used for managing secrets in a swarm cluster
7.6 Ensure that swarm manager is run in auto-lock mode
7.8 Ensure that node certificates are rotated as appropriate
7.9 Ensure that CA certificates are rotated as appropriate
7.10 Ensure that management plane traffic is separated from data plane traffic
CIS_Docker_v1.5.0_L2_Docker_Linux.audit from CIS Docker Benchmark v1.5.0