Detections
Analytics

CIS MySQL 8.0 Enterprise Linux OS L1 v1.1.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS MySQL 8.0 Enterprise Linux OS L1 v1.1.0

Updated: 8/9/2022

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.4

Estimated Item Count: 34

Audit Items

DescriptionCategories
1.1 Place Databases on Non-System Partitions
1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service
1.4 Verify That the MYSQL_PWD Environment Variable is Not in Use
1.6 Verify That 'MYSQL_PWD' is Not Set in Users' Profiles - .bash_profile
1.6 Verify That 'MYSQL_PWD' is Not Set in Users' Profiles - .bashrc
1.6 Verify That 'MYSQL_PWD' is Not Set in Users' Profiles - .profile
2.1.1 Backup Policy in Place
2.1.2 Verify Backups are Good
2.1.3 Secure Backup Credentials
2.1.4 The Backups Should be Properly Secured
2.1.6 Disaster Recovery (DR) Plan
2.1.7 Backup of Configuration and Related Files
2.3 Dedicate the Machine Running MySQL
2.4 Do Not Specify Passwords in the Command Line
2.6 Ensure Non-Default, Unique Cryptographic Material is in Use
3.1 Ensure 'datadir' Has Appropriate Permissions - datadir Has Appropriate Permissions and Ownership
3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions - log_bin_basename Files Have Appropriate Permissions and Ownership
3.3 Ensure 'log_error' Has Appropriate Permissions - log_error Has Appropriate Permissions and Ownership
3.4 Ensure 'slow_query_log' Has Appropriate Permissions - slow_query_log Has Appropriate Permissions and Ownership
3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions - relay_log_basename Files Have Appropriate Permissions and Ownership
3.6 Ensure 'general_log_file' Has Appropriate Permissions - general_log_file Has Appropriate Permissions and Ownership
3.7 Ensure SSL Key Files Have Appropriate Permissions
3.8 Ensure Plugin Directory Has Appropriate Permissions
3.9 Ensure 'audit_log_file' Has Appropriate Permissions - audit_log_file has Appropriate Permissions and Ownership
3.10 Secure MySQL Keyring - keyring_aws_conf_file
3.10 Secure MySQL Keyring - keyring_encrypted_file_data_path
3.10 Secure MySQL Keyring - keyring_file_data_path
3.10 Secure MySQL Keyring - keyring_hashicorp_store_path
3.10 Secure MySQL Keyring - keyring_oci_key_file
3.10 Secure MySQL Keyring - keyring_okv_path
4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables'
6.4 Ensure 'log-raw' is Set to 'OFF'
7.2 Ensure Passwords are Not Stored in the Global Configuration
CIS_MySQL_8.0_Enterprise_Benchmark_v1.1.0_Level_1_OS_Linux.audit from CIS Oracle MySQL 8.0 Enterprise Edition v1.1.0