CIS MySQL 8.0 Enterprise Database L2 v1.2.1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS MySQL 8.0 Enterprise Database L2 v1.2.1

Updated: 6/17/2024

Authority: CIS

Plugin: MySQLDB

Revision: 1.2

Estimated Item Count: 25

File Details

Filename: CIS_MySQL_8.0_Enterprise_Benchmark_v1.2.1_Level_2_Database.audit

Size: 50.8 kB

MD5: 5122d41f1a1d0c290b12162a91ce8668
SHA256: 36ef8e600005d84582bf6f12ebe84f2e9d0196dcdbbb1d6f4be12cf70355b770

Audit Items

DescriptionCategories
2.1.5 Point-in-Time Recovery
2.2.1 Ensure Binary and Relay Logs are Encrypted
2.9 Require Current Password for Password Reset
2.10 Use Dual Passwords to Enable Higher Frequency Password Rotation
2.11 Lock Out Accounts if Not Currently in Use
2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly
2.13 Ensure Socket Peer-Credential Authentication is Used Appropriately
2.14 Ensure MySQL is Bound to an IP Address
2.15 Limit Accepted Transport Layer Security (TLS) Versions
2.16 Require Client-Side Certificates (X.509)
2.17 Ensure Only Approved Ciphers are Used - ssl_cipher
2.17 Ensure Only Approved Ciphers are Used - tls_ciphersuites
4.9 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES'
4.10 Use MySQL TDE for At-Rest Data Encryption - audit_log_encryption
4.10 Use MySQL TDE for At-Rest Data Encryption - binlog_encryption
4.10 Use MySQL TDE for At-Rest Data Encryption - innodb_redo_log_encrypt
4.10 Use MySQL TDE for At-Rest Data Encryption - innodb_undo_log_encrypt
4.10 Use MySQL TDE for At-Rest Data Encryption - table_encryption_privilege_check
5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users
6.3 Ensure 'log_error_verbosity' is Set to '2'
6.6 Ensure ALL Events are Audited
6.7 Set audit_log_strategy to SYNCHRONOUS or SEMISYNCRONOUS
9.3 Ensure 'master_info_repository' is Set to 'TABLE'
10.2 Allowlist Approved Servers Belonging to a MySQL InnoDB Cluster
CIS_MySQL_8.0_Enterprise_Benchmark_v1.2.1_Level_2_DB.audit from CIS Oracle MySQL 8.0 Enterprise Edition Benchmark