Item Search

NameAudit NamePluginCategory
1.1.20 Disable AutomountingCIS Amazon Linux 2 STIG v1.0.0 L1Unix

MEDIA PROTECTION

1.8.9 Ensure GNOME Screensaver period of inactivity is configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.8.11 Ensure overriding the screensaver lock-delay setting is preventedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.8.12 Ensure session idle-delay settings is enforcedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

4.1.2.25 Ensure audit of the mount command and syscall - 32 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.25 Ensure audit of the mount command and syscall - 64 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify user/group information are collected - /etc/gshadowCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify user/group information are collected - /etc/shadowCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify user/group information are collected - auditctl /etc/passwdCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.21 Ensure auditing of all privileged functions - setgid 64 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.21 Ensure auditing of all privileged functions - setuid 64 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.3 Ensure that unnecessary packages are not installed in the containerCIS Docker v1.7.0 L1 Docker - LinuxUnix

CONFIGURATION MANAGEMENT

5.3.7 Ensure lockout for unsuccessful root logon attempts - password-auth requiredCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.3.7 Ensure lockout for unsuccessful root logon attempts - system-auth defaultCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.4.3 Ensure password hashing algorithm is SHA-512 - password-authCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.3 Ensure password hashing algorithm is SHA-512 - system-authCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.1.1 Audit system file permissionsCIS Amazon Linux 2 STIG v1.0.0 L2Unix

SYSTEM AND INFORMATION INTEGRITY

MD4X-00-006600 - MongoDB must be configured in accordance with the security configuration settings based on DoD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

CONFIGURATION MANAGEMENT

RHEL-06-000530 - The Red Hat Enterprise Linux operating system must mount /dev/shm with the nodev option.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000531 - The Red Hat Enterprise Linux operating system must mount /dev/shm with the nosuid option.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000532 - The Red Hat Enterprise Linux operating system must mount /dev/shm with the noexec option.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-07-010271 - The Red Hat Enterprise Linux operating system must automatically expire temporary accounts within 72 hours.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-010375 - The Red Hat Enterprise Linux operating system must restrict access to the kernel message buffer.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-07-020000 - The Red Hat Enterprise Linux operating system must not have the rsh-server package installed.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-020022 - The Red Hat Enterprise Linux operating system must not allow privileged accounts to utilize SSH.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-020100 - The Red Hat Enterprise Linux operating system must be configured to disable USB mass storage.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

RHEL-07-020110 - The Red Hat Enterprise Linux operating system must disable the file system automounter unless required.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

RHEL-07-021320 - The Red Hat Enterprise Linux operating system must use a separate file system for /var.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-030570 - The Red Hat Enterprise Linux operating system must audit all uses of the setsebool command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030590 - The Red Hat Enterprise Linux operating system must audit all uses of the setfiles command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030630 - The Red Hat Enterprise Linux operating system must audit all uses of the passwd command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030640 - The Red Hat Enterprise Linux operating system must audit all uses of the unix_chkpwd command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030650 - The Red Hat Enterprise Linux operating system must audit all uses of the gpasswd command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030670 - The Red Hat Enterprise Linux operating system must audit all uses of the userhelper command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030680 - The Red Hat Enterprise Linux operating system must audit all uses of the su command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030690 - The Red Hat Enterprise Linux operating system must audit all uses of the sudo command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030710 - The Red Hat Enterprise Linux operating system must audit all uses of the newgrp command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030720 - The Red Hat Enterprise Linux operating system must audit all uses of the chsh command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030750 - The Red Hat Enterprise Linux operating system must audit all uses of the umount command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030760 - The Red Hat Enterprise Linux operating system must audit all uses of the postdrop command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030800 - The Red Hat Enterprise Linux operating system must audit all uses of the crontab command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030810 - The Red Hat Enterprise Linux operating system must audit all uses of the pam_timestamp_check command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030819 - The Red Hat Enterprise Linux operating system must audit all uses of the create_module syscall.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030830 - The Red Hat Enterprise Linux operating system must audit all uses of the delete_module syscall.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030840 - The Red Hat Enterprise Linux operating system must audit all uses of the kmod command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-040680 - The Red Hat Enterprise Linux operating system must be configured to prevent unrestricted mail relaying.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT