Item Search

NameAudit NamePluginCategory
1.6.1.1 Ensure SELinux or AppArmor are installedCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - enforcing=0CIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux=0CIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux=0CIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

1.6.1.6 Ensure no unconfined daemons existCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.6.3.2 Ensure all AppArmor Profiles are enforcing - 0 profiles are in complain modeCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

ACCESS CONTROL

1.7.1.4 Ensure all AppArmor Profiles are enforcing - unconfinedCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

ACCESS CONTROL

2.2.1.6 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.7 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.18 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

2.4 Set root Ownership of BIND DirectoriesCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

2.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.8 Set Other Permissions Read-Only for All BIND Directories and Files - filesCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

2.9 Isolate BIND with chroot'ed SubdirectoryCIS BIND DNS v1.0.0 L2 Authoritative Name ServerUnix

ACCESS CONTROL

3.2.1.18 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.19 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.20 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.22 Ensure 'Require Touch ID / Face ID authentication before AutoFill' is set to 'Enabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.3.1 Ensure 'Managed Safari Web Domains' is `Configured`AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.6 Ensure Other Write Access on Apache Directories and Files Is RestrictedCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

3.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.6.2 Ensure 'Allow Mail Drop' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2MDM

ACCESS CONTROL

3.10 Ensure the public role in the msdb database is not granted access to SQL Agent proxiesCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.11 Ensure Group Write Access for the Apache Directories and Files Is Properly RestrictedCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Deny = from allCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Require directives exist'CIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Require all deniedCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Allow is configured'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Allow is configured'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Deny is configured'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Order Deny,Allow'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'Require is configured'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.4 Ensure OverRide Is Disabled for All DirectoriesCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.4 Restrict Access to All Key Files - group root/namedCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

4.4 Restrict Access to All Key Files - user root/namedCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS Oracle Linux 6 Server L2 v2.0.0Unix

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL

6.2.8 Ensure users' home directories permissions are 750 or more restrictiveCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

11.2 Ensure Apache Processes Run in the httpd_t Confined Context - apachectlCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)MSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)MSCT Windows 10 v21H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links)MSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT