1.1.21 Ensure nodev option set on removable media partitions | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
1.1.22 Ensure nosuid option set on removable media partitions | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
1.6.1.3 Ensure SELinux policy is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
1.7.1 Ensure message of the day is configured properly | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.2.1.1 Ensure time synchronization is in use | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
2.2.4 Ensure CUPS Server is not enabled | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
2.2.7 Ensure DNS Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
2.2.19 Ensure rsync is not installed or the rsyncd service is masked | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
2.3.1 Ensure NIS Client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
3.3.4 Ensure secure ICMP redirects are not accepted | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
3.3.6 Ensure broadcast ICMP requests are ignored | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
3.3.9 Ensure TCP SYN Cookies is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
3.5.2.6 Ensure nftables base chains exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
3.5.2.10 Ensure nftables service is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
3.5.3.1.3 Ensure firewalld is either not installed or masked with iptables | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
3.5.3.2.4 Ensure iptables default deny firewall policy | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
3.5.3.3.5 Ensure ip6tables rules are saved | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
3.5.3.3.6 Ensure ip6tables is enabled and running | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
4.2.1.3 Ensure rsyslog default file permissions configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
4.2.1.4 Ensure logging is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
4.2.2.3 Ensure journald is configured to write logfiles to persistent disk | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
4.2.3 Ensure logrotate is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
5.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
5.3.6 Ensure SSH access is limited | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
5.3.7 Ensure SSH LogLevel is appropriate | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
5.3.13 Ensure SSH PermitEmptyPasswords is disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.3.14 Ensure SSH PermitUserEnvironment is disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.3.18 Ensure only strong Key Exchange algorithms are used | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.3.19 Ensure SSH Idle Timeout Interval is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.3.20 Ensure SSH LoginGraceTime is set to one minute or less | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.3.21 Ensure SSH warning banner is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.3.22 Ensure SSH PAM is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.4.1 Ensure password creation requirements are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
5.5.1.4 Ensure inactive password lock is 30 days or less | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.7 Ensure access to the su command is restricted | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
5.23 (L2) Ensure 'Server (LanmanServer)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
5.23 Ensure 'Server (LanmanServer)' is set to 'Disabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
6.1.5 Ensure permissions on /etc/shadow- are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
6.1.6 Ensure permissions on /etc/gshadow- are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
6.1.9 Ensure permissions on /etc/group- are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
6.1.10 Ensure no world writable files exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
6.2.1 Ensure accounts in /etc/passwd use shadowed passwords | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
6.2.5 Ensure no duplicate user names exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
6.2.6 Ensure no duplicate group names exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
6.2.8 Ensure no duplicate GIDs exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
CIS_MS_Windows_7_v3.2.0_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | |
CIS_MS_Windows_7_v3.2.0_Level_1_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | |
CIS_MS_Windows_7_v3.2.0_Level_2_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | |