Detections
Analytics

TNS MongoDB 2.4 Best Practices Windows OS Audit v1.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: TNS MongoDB 2.4 Best Practices Windows OS Audit v1.0

Updated: 1/13/2020

Authority: TNS

Plugin: Windows

Revision: 1.11

Estimated Item Count: 27

Audit Items

DescriptionCategories
Audit System Activity - config - 'diaglog != 0'

AUDIT AND ACCOUNTABILITY

Audit System Activity - config - 'logappend = true'

AUDIT AND ACCOUNTABILITY

Audit System Activity - config - 'setParameter logUserIds = 1'

AUDIT AND ACCOUNTABILITY

Audit System Activity - config - 'verbose = true'

AUDIT AND ACCOUNTABILITY

Authenticate Communication - config - 'keyFile'

IDENTIFICATION AND AUTHENTICATION

Encrypt and Protect Data - config - 'quota = true'

SYSTEM AND COMMUNICATIONS PROTECTION

Encrypt and Protect Data - config - 'quotaFiles'

SYSTEM AND COMMUNICATIONS PROTECTION

Encrypt Communication - config - 'sslCAFile'

SYSTEM AND COMMUNICATIONS PROTECTION

Encrypt Communication - config - 'sslCRLFile'

SYSTEM AND COMMUNICATIONS PROTECTION

Encrypt Communication - config - 'sslFIPSMode = true'

SYSTEM AND COMMUNICATIONS PROTECTION

Encrypt Communication - config - 'sslOnNormalPorts = true'

SYSTEM AND COMMUNICATIONS PROTECTION

Encrypt Communication - config - 'sslPEMKeyFile'

SYSTEM AND COMMUNICATIONS PROTECTION

Encrypt Communication - config - 'sslWeakCertificateValidation = false'

SYSTEM AND COMMUNICATIONS PROTECTION

Limit Network Exposure - 'ipv6 = false'

CONFIGURATION MANAGEMENT

Limit Network Exposure - 'REST interface is disabled'
Limit Network Exposure - config - 'jsonp = false'

CONFIGURATION MANAGEMENT

Limit Network Exposure - config - 'nohttpinterface = true'

CONFIGURATION MANAGEMENT

Require Authentication - config - 'auth = true'

IDENTIFICATION AND AUTHENTICATION

Require Authentication - config - 'noauth does not exist'

IDENTIFICATION AND AUTHENTICATION

Require Authentication - config - 'setParameter enableTestCommands != 1'

CONFIGURATION MANAGEMENT

Run MongoDB with a Dedicated User

ACCESS CONTROL

Run MongoDB with Secure Configuration Options - 'port != 27017'

CONFIGURATION MANAGEMENT

Run MongoDB with Secure Configuration Options - 'quiet'
Run MongoDB with Secure Configuration Options - config - 'bind_ip is configured'

CONFIGURATION MANAGEMENT

Run MongoDB with Secure Configuration Options - config - 'maxConns'

ACCESS CONTROL

Run MongoDB with Secure Configuration Options - config - 'setParameter enableLocalhostAuthBypass = 0'

CONFIGURATION MANAGEMENT

TNS_MongoDB_2_4_Best_Practices_v1.0-OS-Windows.audit