CIS PostgreSQL 11 OS v1.0.0

Audit Details

Name: CIS PostgreSQL 11 OS v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.11

Estimated Item Count: 18

File Details

Filename: CIS_PostgreSQL_11_v1.0.0_L1_OS_Linux.audit

Size: 98.1 kB

MD5: a55a3faa0232c8339ce844ca917ca00a
SHA256: 79044af495afe1486f026e74e2a85699ac169181ec9321280b1c2ba4ed64d0ad

Audit Items

DescriptionCategories
1.1 Ensure packages are obtained from authorized repositories

CONFIGURATION MANAGEMENT

1.2 Ensure Installation of Binary Packages

CONFIGURATION MANAGEMENT

1.3 Ensure Installation of Community Packages

SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure systemd Service Files Are Enabled

CONFIGURATION MANAGEMENT

1.5 Ensure Data Cluster Initialized Successfully

ACCESS CONTROL

2.1 Ensure the file permissions mask is correct

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/group

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd

ACCESS CONTROL

4.1 Ensure sudo is configured correctly

ACCESS CONTROL

4.3 Ensure excessive function privileges are revoked

CONFIGURATION MANAGEMENT

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly

IDENTIFICATION AND AUTHENTICATION

5.2 Ensure login via "host" TCP/IP Socket is configured correctly

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure WAL archiving is configured and functional - archive_command

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure WAL archiving is configured and functional - archive_mode

SYSTEM AND COMMUNICATIONS PROTECTION

8.3 Ensure the backup and restore tool, 'pgBackRest', is installed and configured

CONTINGENCY PLANNING

CIS_PostgreSQL_11_v1.0.0_L1_OS_Linux.audit from CIS Benchmark for PostgreSQL 11