CIS Red Hat EL8 Workstation L1 v1.0.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Red Hat EL8 Workstation L1 v1.0.0

Updated: 7/14/2021

Authority: CIS

Plugin: Unix

Revision: 1.24

Estimated Item Count: 282

Audit Items

Description	Categories
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure mounting of squashfs filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure mounting of squashfs filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of udf filesystems is disabled - lsmod	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of udf filesystems is disabled - modprobe	CONFIGURATION MANAGEMENT
1.1.2 Ensure /tmp is configured - config check	CONFIGURATION MANAGEMENT
1.1.2 Ensure /tmp is configured - mount	CONFIGURATION MANAGEMENT
1.1.3 Ensure nodev option set on /tmp partition	ACCESS CONTROL
1.1.4 Ensure nosuid option set on /tmp partition	ACCESS CONTROL
1.1.5 Ensure noexec option set on /tmp partition	ACCESS CONTROL
1.1.8 Ensure nodev option set on /var/tmp partition	ACCESS CONTROL
1.1.9 Ensure nosuid option set on /var/tmp partition	ACCESS CONTROL
1.1.10 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL
1.1.14 Ensure nodev option set on /home partition	ACCESS CONTROL
1.1.15 Ensure nodev option set on /dev/shm partition	ACCESS CONTROL
1.1.16 Ensure nosuid option set on /dev/shm partition	ACCESS CONTROL
1.1.17 Ensure noexec option set on /dev/shm partition	ACCESS CONTROL
1.1.18 Ensure nodev option set on removable media partitions	ACCESS CONTROL
1.1.19 Ensure nosuid option set on removable media partitions	ACCESS CONTROL
1.1.20 Ensure noexec option set on removable media partitions	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	ACCESS CONTROL
1.1.23 Disable USB Storage - lsmod	CONFIGURATION MANAGEMENT
1.2.1 Ensure Red Hat Subscription Manager connection is configured	SYSTEM AND INFORMATION INTEGRITY
1.2.2 Disable the rhnsd Daemon	CONFIGURATION MANAGEMENT
1.2.3 Ensure GPG keys are configured	SYSTEM AND INFORMATION INTEGRITY
1.2.4 Ensure gpgcheck is globally activated	SYSTEM AND INFORMATION INTEGRITY
1.2.5 Ensure package manager repositories are configured	SYSTEM AND INFORMATION INTEGRITY
1.3.1 Ensure sudo is installed	CONFIGURATION MANAGEMENT
1.3.2 Ensure sudo commands use pty	ACCESS CONTROL
1.3.3 Ensure sudo log file exists	AUDIT AND ACCOUNTABILITY
1.4.1 Ensure AIDE is installed	CONFIGURATION MANAGEMENT
1.4.2 Ensure filesystem integrity is regularly checked
1.5.1 Ensure permissions on bootloader config are configured - grub.cfg	SYSTEM AND INFORMATION INTEGRITY
1.5.1 Ensure permissions on bootloader config are configured - grubenv	SYSTEM AND INFORMATION INTEGRITY
1.5.2 Ensure bootloader password is set	ACCESS CONTROL
1.5.3 Ensure authentication required for single user mode - emergency.service	SYSTEM AND INFORMATION INTEGRITY
1.5.3 Ensure authentication required for single user mode - rescue.service	SYSTEM AND INFORMATION INTEGRITY
1.6.1 Ensure core dumps are restricted - limits.conf limits.d	ACCESS CONTROL
1.6.1 Ensure core dumps are restricted - sysctl	ACCESS CONTROL
1.6.1 Ensure core dumps are restricted - sysctl.conf sysctl.d	ACCESS CONTROL
1.6.1 Ensure core dumps are restricted - systemctl coredump.service - ProcessSizeMax	ACCESS CONTROL
1.6.1 Ensure core dumps are restricted - systemctl coredump.service - Storage	ACCESS CONTROL
1.6.2 Ensure address space layout randomization (ASLR) is enabled - sysctl	SYSTEM AND INFORMATION INTEGRITY
1.6.2 Ensure address space layout randomization (ASLR) is enabled - sysctl.conf sysctl.d	SYSTEM AND INFORMATION INTEGRITY
1.8.1.1 Ensure message of the day is configured properly - banner text	ACCESS CONTROL
1.8.1.1 Ensure message of the day is configured properly - mrsv	CONFIGURATION MANAGEMENT
1.8.1.2 Ensure local login warning banner is configured properly - banner text	ACCESS CONTROL
1.8.1.2 Ensure local login warning banner is configured properly - mrsv	CONFIGURATION MANAGEMENT
1.8.1.3 Ensure remote login warning banner is configured properly - banner text	ACCESS CONTROL

Detections

Analytics

CIS Red Hat EL8 Workstation L1 v1.0.0

Warning! Audit Deprecated

Audit Details

Audit Items