1.4.1 Ensure permissions on bootloader config are configured | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1 Run BIND as a non-root User - process -u named | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | ACCESS CONTROL |
2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
2.3.17.3 Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
2.8 Ensure Dbcreator and Securityadmin roles are only used as needed | CIS Microsoft SharePoint 2019 DB v1.0.0 | MS_SQLDB | ACCESS CONTROL |
3.1.3 Require explicit authorization for cataloging | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
3.1.3 Require explicit authorization for cataloging - 'catalog_noauth = no' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
5.3 Ensure Linux Kernel Capabilities are restricted within containers | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | ACCESS CONTROL |
5.6 Ensure access to the su command is restricted | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
5.8 Set DCUI.Access to allow trusted users to override lockdown mode | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
6.1.14 Audit SGID executables | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
6.2.5 Ensure root is the only UID 0 account | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
6.2.5 Ensure root is the only UID 0 account | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
6.2.6 Ensure root PATH Integrity | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
7.1 Secure SYSADM authority - SYSADM Group Members | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
7.2 Secure SYSCTRL authority - SYSCTRL Group | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | ACCESS CONTROL |
7.3 Secure SYSMAINT Authority | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
7.3 Secure SYSMAINT Authority | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
7.4 Establish a system monitoring group | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | ACCESS CONTROL |
9.5 Verify No UID 0 Accounts Exist Other than root | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
9.5 Verify No UID 0 Accounts Exist Other than root | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
18.8.36.2 Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
18.8.36.2 Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
18.9.85.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
18.9.85.2 Ensure 'Always install with elevated privileges' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
Allow user control over installs | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
Allow user control over installs | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
Configure Solicited Remote Assistance - fAllowToGetHelp | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
Configure Solicited Remote Assistance - fAllowToGetHelp | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
Ensure access to the su command is restricted - pam_wheel.so | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure syslog-ng default file permissions configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
User Account Control: Admin Approval Mode for the Built-in Administrator account | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Behavior of the elevation prompt for standard users | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Behavior of the elevation prompt for standard users | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Behavior of the elevation prompt for standard users | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Only elevate UIAccess applications that are installed in secure locations | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
User Account Control: Only elevate UIAccess applications that are installed in secure locations | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Only elevate UIAccess applications that are installed in secure locations | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Only elevate UIAccess applications that are installed in secure locations | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Only elevate UIAccess applications that are installed in secure locations | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Run all administrators in Admin Approval Mode | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Run all administrators in Admin Approval Mode | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Run all administrators in Admin Approval Mode | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
User Account Control: Switch to the secure desktop when prompting for elevation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |