Item Search

NameAudit NamePluginCategory
2.3.2 Secure screen saver corners - bottom left cornerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.4 Configure TCP Wrappers - enable tcp_wrappers for inetdCIS Solaris 10 L1 v5.2Unix
2.4 Configure TCP Wrappers - enable tcp_wrappers for rpc/bind. Note: This check is recommended by CIS, but not required.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Make sure that /etc/hosts.deny does exist.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management - 'ARDAgent is not running'CIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.6.6 Enable Location ServicesCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.7.2 iCloud keychainCIS Apple OSX 10.9 L2 v1.3.0Unix
2.11 Java 6 is not the default Java runtimeCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.16.1 Audit Wallet & Apple Pay SettingsCIS Apple macOS 14.0 Sonoma v2.0.0 L2Unix

CONFIGURATION MANAGEMENT

2.16.1 Audit Wallet & Apple Pay SettingsCIS Apple macOS 15.0 Sequoia v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

2.16.1 Audit Wallet & Apple Pay SettingsCIS Apple macOS 13.0 Ventura v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

3.3 Enable Stack Protection - Makes sure 'noexec_user_stack_log' is set to 1 in /etc/system. Note: Only applicable if NX bit is set.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

3.4 Enable remote logging for Desktops on trusted networksCIS Apple OSX 10.9 L2 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Debug Level Daemon Logging - Check if daemon.debug is set to /var/log/connlogCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Debug Level Daemon Logging - Check if permissions for /var/log/connlog are OK.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Debug Level Daemon Logging/4.4 Capture syslog AUTH Messages - Check if svc:/system/system-log is onlineCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlogCIS Solaris 10 L1 v5.2Unix
4.4 Ensure http server is not runningCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

4.9 Enable Kernel Level Auditing - Check audit condition is set to auditingCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

5.1.1 Secure Home FoldersCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

5.2.3 Complex passwords must contain an Alphabetic Character - '1 letter'CIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Complex passwords must contain an Alphabetic Character - 'Policy Check'CIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix
5.2.3 Complex passwords must contain an Alphabetic Character - 'RequiresAlpha'CIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix
5.2.4 Complex passwords must contain a Numeric Character - 'Numeric'CIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix
5.2.4 Complex passwords must contain a Numeric Character - 'Policy Check'CIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix
5.2.5 Complex passwords must contain a Special CharacterCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4 Automatically lock the login keychain for inactivityCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.5 Ensure login keychain is locked when the computer sleepsCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.8 Disable automatic loginCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

ACCESS CONTROL

5.13 Create a Login window bannerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

5.16 Secure individual keychains and itemsCIS Apple OSX 10.9 L2 v1.3.0Unix
5.18 System Integrity Protection statusCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.1.3 Disable guest account loginCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

ACCESS CONTROL

7.2 iSight Camera Privacy and Confidentiality ConcernsCIS Apple OSX 10.9 L2 v1.3.0Unix
7.2 Set Password Expiration Parameters on Active Accounts - Check MAXWEEKS is set to 13CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check DICTIONDBDIR is set to /var/passwdCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINLOWER is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check NAMECHECK is set to YESCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - MINALPHA is set to 2CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - MINNONALPHA is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.7 App Store Automatically download apps purchased on other Macs ConsiderationsCIS Apple OSX 10.9 L2 v1.3.0Unix
7.8 Extensible Firmware Interface (EFI) passwordCIS Apple OSX 10.9 L2 v1.3.0Unix
7.8 Set 'mesg n' as Default for All Users in /etc/.loginCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

7.8 Set 'mesg n' as Default for All Users in /etc/profileCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

7.9 Lock Inactive User Accounts - Check if definact is set to 35.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is not set to default string.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if file permissions for files under /etc/dt/config/*/Xresources are OK.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

18.10.43.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'CIS Microsoft Windows 11 Enterprise v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY