CIS MariaDB 10.6 on Linux L1 v1.1.0

Audit Details

Name: CIS MariaDB 10.6 on Linux L1 v1.1.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 24

File Details

Filename: CIS_MariaDB_10.6_Benchmark_v1.1.0_L1_Linux_OS.audit

Size: 59.9 kB

MD5: 96dec338040786b8dd2b5faf48b62d49

SHA256: bf17aee982203cbeb513cb2ea26c52f35cd366357952e24a223f9582839aa691

Audit Items

Description	Categories
1.1 Place Databases on Non-System Partitions	SYSTEM AND COMMUNICATIONS PROTECTION
1.2 Use Dedicated Least Privileged Account for MariaDB Daemon/Service	ACCESS CONTROL, MEDIA PROTECTION
1.4 Verify That the MYSQL_PWD Environment Variable is Not in Use	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.6 Verify That 'MYSQL_PWD' is Not Set in Users' Profiles	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.1.1 Backup Policy in Place	CONTINGENCY PLANNING
2.3 Do Not Specify Passwords in the Command Line	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.5 Ensure Non-Default, Unique Cryptographic Material is in Use	SYSTEM AND COMMUNICATIONS PROTECTION
3.1 Ensure 'datadir' Has Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.3 Ensure 'log_error' Has Appropriate Permissions	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4 Ensure 'slow_query_log' Has Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.6 Ensure 'general_log_file' Has Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.7 Ensure SSL Key Files Have Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.8 Ensure Plugin Directory Has Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.9 Ensure 'server_audit_file_path' Has Appropriate Permissions	ACCESS CONTROL, MEDIA PROTECTION
3.10 Ensure File Key Management Encryption Plugin files have appropriate permissions	ACCESS CONTROL, MEDIA PROTECTION
4.1 Ensure the Latest Security Patches are Applied	SYSTEM AND SERVICES ACQUISITION
4.4 Harden Usage for 'local_infile' on MariaDB Clients	CONFIGURATION MANAGEMENT
4.5 Ensure mariadb is Not Started With 'skip-grant-tables'	ACCESS CONTROL, MEDIA PROTECTION
5.1 Ensure Only Administrative Users Have Full Database Access	ACCESS CONTROL
5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users	ACCESS CONTROL
7.2 Ensure Passwords are Not Stored in the Global Configuration	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
CIS_MariaDB_10.6_Benchmark_v1.1.0_L1_Linux_OS.audit from CIS MariaDB 10.6 Benchmark

Detections

Analytics

CIS MariaDB 10.6 on Linux L1 v1.1.0

Audit Details

File Details

Audit Items